CN112449216A - Method for obtaining file according to authorization - Google Patents

Method for obtaining file according to authorization Download PDF

Info

Publication number
CN112449216A
CN112449216A CN201910797493.9A CN201910797493A CN112449216A CN 112449216 A CN112449216 A CN 112449216A CN 201910797493 A CN201910797493 A CN 201910797493A CN 112449216 A CN112449216 A CN 112449216A
Authority
CN
China
Prior art keywords
streaming media
file
target
client device
media server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910797493.9A
Other languages
Chinese (zh)
Inventor
任建华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CN201910797493.9A priority Critical patent/CN112449216A/en
Publication of CN112449216A publication Critical patent/CN112449216A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/254Management at additional data server, e.g. shopping server, rights management server
    • H04N21/2541Rights Management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/568Storing data temporarily at an intermediate stage, e.g. caching
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/258Client or end-user data management, e.g. managing client capabilities, user preferences or demographics, processing of multiple end-users preferences to derive collaborative data
    • H04N21/25808Management of client data
    • H04N21/25816Management of client data involving client authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/258Client or end-user data management, e.g. managing client capabilities, user preferences or demographics, processing of multiple end-users preferences to derive collaborative data
    • H04N21/25808Management of client data
    • H04N21/25841Management of client data involving the geographical location of the client
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/45Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
    • H04N21/4508Management of client data or end-user data
    • H04N21/4524Management of client data or end-user data involving the geographical location of the client
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/45Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
    • H04N21/462Content or additional data management, e.g. creating a master electronic program guide from data received from the Internet and a Head-end, controlling the complexity of a video stream by scaling the resolution or bit-rate based on the client capabilities
    • H04N21/4627Rights management associated to the content

Abstract

The embodiment of the application discloses a method for obtaining a file according to authorization, which is used for authenticating the operation of accessing a target file by client equipment through a streaming media server in a CDN (content delivery network) and improving the safety of the authentication process. The method in the embodiment of the application comprises the following steps: a streaming media server in a Content Delivery Network (CDN) receives an acquisition request about a target file sent by client equipment; the streaming media server determines whether the client equipment has the authority to acquire the target file; if yes, the streaming media server sends the target file to the client device; if not, the streaming media server does not send the target file to the client device.

Description

Method for obtaining file according to authorization
Technical Field
The present application relates to the field of file transmission, and in particular, to a method for obtaining a file according to authorization and a streaming server in a content distribution network.
Background
During video playing, authorization control according to geographical location is an important means for content providers to control copyright, for example, for on-demand and live broadcasting, content providers may require users in specific geographical locations to enjoy watching rights. In this case, when the user plays the video with the geographic location copyright protection through the client device, the user first needs to authenticate the playing operation according to the current geographic location of the user, and when the authentication is successful, the client device is permitted to acquire the video from the server and perform the playing operation.
Currently, when copyright control is performed according to a geographical location, authentication for access operation of a client device is mainly a local authentication mode of the client device. Specifically, the local authentication mode of the client device means that the client device downloads a corresponding relationship between different video files and preset geographic location copyright information from the server in advance. When the client device responds to the playing operation of the video with the geographic position copyright protection by a user, the geographic position copyright information corresponding to the video is determined, and the playing operation of the video under the current geographic position is authenticated according to the geographic position copyright information. And after the authentication is successful, the client equipment acquires the video from the server and performs playing operation.
In the above description, it can be seen that the local authentication of the client device can implement copyright control according to the geographic location. However, it should be noted that the client device needs to download the corresponding relationship between different video files and the preset geographic location copyright information from the server in advance, and then needs to perform authentication according to the corresponding relationship. This results in that if the client device is tampered with locally, it may cause the copyright control of the content provider to be disabled, resulting in economic loss.
Disclosure of Invention
The embodiment of the application provides a method for obtaining a file according to authorization, which is used for authenticating an operation of obtaining a target file by a client device through a streaming media server in a Content Delivery Network (CDN) when the client device obtains the target file, so as to improve the security of an authentication process.
A first aspect of an embodiment of the present application provides a method for obtaining a file according to authorization, including:
when a user accesses a target file placed on the CDN through a client, for example, plays an audio/video file, a streaming server in the content delivery network CDN, that is, a cache server on a node in the CDN receives an acquisition request for the target file sent by a client device. Then, the streaming media server determines whether the client device has the right to acquire the target file. If yes, the streaming media server sends the target file to the client device; if not, the streaming media server does not send the target file to the client device. In the embodiment of the application, the streaming media server in the CDN authenticates the operation of obtaining the target file by the client device, and if the authentication is successful, the target file is returned to the client device, otherwise, the target file is not returned. The authentication process does not need the participation of the client device, and the streaming media server has higher security when performing the authentication compared with the client device, so that the security of the authentication process can be improved, and the copyright control failure of a content provider is avoided.
In a specific embodiment, the target file is an index file of the target streaming media file, and the index file is used to indicate an acquisition address of the target streaming media file. In the embodiment of the application, the target file is an index file of the target streaming media file, that is, when a user accesses the target streaming media file through the client device, the streaming media server authenticates the operation of accessing the target streaming media file by the client device by judging whether the client device has the right to acquire the index file, so that the operability of the scheme is improved.
In a specific embodiment, the target file is a target streaming media file. In the embodiment of the application, the target file is a target streaming media file, that is, when a user accesses the target streaming media file through a client device, whether the client device has the right to acquire is directly judged, so that the diversity of the scheme is increased.
In a specific embodiment, the index file is an M3U8 file or an MPD file. In the embodiment of the application, the form of the index file is exemplified, so that the operability of the scheme is improved.
In a specific embodiment, the method further comprises:
the streaming media server receives the corresponding relation between the target file and the authorized access rule sent by the content management system CMS server; the streaming media server determines whether the client device has the right to acquire the target file, including: the streaming media server determines the authorized access rule corresponding to the target file according to the corresponding relation; the streaming media server determines whether the client device has the authority to acquire the target file according to the authorized access rule. In this embodiment, the authorization process is further described, so that the operability of the scheme is improved.
In a specific embodiment, the authorization access rule includes a preset authorization category and a first authorization parameter preset for the authorization category, and the streaming media server determines whether the client device has a right to acquire the target file according to the authorization access rule, including: the streaming media server determines a second authorization parameter corresponding to the client device; the streaming media server determines whether the first authorization parameter and the second authorization parameter match; if so, determining that the client equipment has the authority to acquire the target file; and if not, determining that the client equipment does not have the authority of acquiring the target file. In this embodiment, the authorization process is further described, so that the operability of the scheme is improved.
In a particular embodiment, the authorization category includes at least one of a geographic location, a user age, a duration of play, or an account category. In the embodiment of the present application, it is pointed out that the authorization category may include multiple categories, so as to implement copyright control on diversity of the acquired target file.
In a specific embodiment, the get request is a socket link request.
A second aspect of the embodiments of the present application provides a method for setting an authority, including:
after a content provider uploads a target file to a Content Management System (CMS) server, i.e., a source content server or a source station, the CMS server may obtain an authorization setting instruction, and set a corresponding authorization access rule for the target file according to the authorization setting instruction. And then, when the CMS server distributes the target file to the streaming media server of each node, the CMS server sends the corresponding relation between the target file and the authorized access rule together. The corresponding relation is used for indicating the stream media server to authenticate the operation of the client device for obtaining the target file, and sending the target file to the client device when the client device is determined to have the authority for obtaining the target file. In the embodiment of the application, the CMS server issues the corresponding relationship between the target file and the authorization rule to the streaming media server, so that the streaming media server can authenticate the operation of obtaining the target file by the client device according to the corresponding relationship. The authentication process does not need the participation of the client device, and the streaming media server has higher security when performing the authentication compared with the client device, so that the security of the authentication process can be improved, and the copyright control failure of a content provider is avoided.
In a specific embodiment, the target file is an index file of the target streaming media file, and the index file is used to indicate an acquisition address of the target streaming media file.
In a specific embodiment, the target file is a target streaming media file.
In a specific embodiment, the index file is an M3U8 file or an MPD file.
In a specific embodiment, the authorized access rule includes a preset authorization category and a first authorization parameter preset for the authorization category, where the first authorization parameter is used to instruct the streaming media server to determine that the client device has the right to acquire the target file when determining that the second authorization parameter related to the client device matches the first authorization parameter.
In a particular embodiment, the authorization category is at least one of geographic location, user age, duration of play, or account category.
A third aspect of the embodiments of the present application provides a streaming media server in a content distribution network, including:
the receiving unit is used for receiving an acquisition request about a target file sent by client equipment;
the processing unit is used for determining whether the client equipment has the authority of acquiring the target file;
a sending unit, configured to send the target file to the client device if it is determined that the client device has the right to acquire the target file; and if the client equipment is determined not to have the authority of acquiring the target file, not sending the target file to the client equipment.
In a specific embodiment, the target file is an index file of the target streaming media file, and the index file is used to indicate an acquisition address of the target streaming media file.
In a specific embodiment, the target file is a target streaming media file.
In a specific embodiment, the index file is an M3U8 file or an MPD file.
In a particular embodiment of the present invention,
the receiving unit is further configured to receive a correspondence between the target file and the authorized access rule, where the correspondence is sent by a CMS server of the content management system;
the processing unit is specifically configured to determine the authorized access rule corresponding to the target file according to the corresponding relationship; and determining whether the client equipment has the authority to acquire the target file according to the authorized access rule.
In a specific embodiment, the authorized access rule includes a preset authorization category and a first authorization parameter preset for the authorization category,
the processing unit is specifically configured to determine a second authorization parameter corresponding to the client device; determining whether the first authorization parameter matches the second authorization parameter; if so, determining that the client equipment has the authority to acquire the target file; and if not, determining that the client equipment does not have the authority of acquiring the target file.
In a particular embodiment, the authorization category includes at least one of a geographic location, a user age, a duration of play, or an account category.
In a specific embodiment, the get request is a socket link request.
A fourth aspect of the embodiments of the present application provides a content management system server, including:
the receiving unit is used for acquiring an authorization setting instruction;
the processing unit is used for setting a corresponding authorized access rule for the target file according to the authorized setting instruction;
a sending unit, configured to send, to a streaming media server, a corresponding relationship between the target file and the authorized access rule, where the corresponding relationship is used to instruct the streaming media server to authenticate an operation of obtaining the target file by a client device, and send, when it is determined that the client device has a right to obtain the target file, the target file to the client device.
In a specific embodiment, the target file is an index file of the target streaming media file, and the index file is used to indicate an acquisition address of the target streaming media file.
In a specific embodiment, the target file is a target streaming media file.
In a specific embodiment, the index file is an M3U8 file or an MPD file.
In a specific embodiment, the authorized access rule includes a preset authorization category and a first authorization parameter preset for the authorization category, where the first authorization parameter is used to instruct the streaming media server to determine that the client device has the right to acquire the target file when determining that the second authorization parameter related to the client device matches the first authorization parameter.
In a particular embodiment, the authorization category is at least one of geographic location, user age, duration of play, or account category.
A fifth aspect of the present application provides a streaming media server in a content distribution network, including:
a processor, a memory, and a transceiver;
the transceiver is used for communicating with a device outside the streaming media server;
the memory is used for storing instruction codes;
the processor, when executing the instruction code, causes the streaming server to perform the method as described in the first aspect and any of the alternatives.
A sixth aspect of the present embodiment provides a content management system server, including:
a processor, a memory, and a transceiver;
the transceiver is used for communicating with a device outside the content management system server;
the memory is used for storing instruction codes;
the processor, when executing the instruction code, causes the content management system server to perform the method as described in the second aspect and any of the alternatives.
A seventh aspect of embodiments of the present application provides a computer storage medium storing instructions that, when executed on a computer, cause the computer to perform the method as described in the first aspect and any one of the alternatives.
An eighth aspect of embodiments of the present application provides a computer-readable storage medium storing instructions that, when executed on a computer, cause the computer to perform the method of the second aspect and any of the alternatives.
A ninth aspect of embodiments of the present application provides a computer program product comprising instructions which, when executed on a computer, cause the computer to perform the method according to the first aspect and any one of the alternatives.
A tenth aspect of embodiments of the present application provides a computer program product comprising instructions that, when executed on a computer, cause the computer to perform the method according to the second aspect and any of the alternatives.
According to the technical scheme, the embodiment of the application has the following advantages:
the CDN technology is adopted for content distribution, and after a streaming media server in the CDN receives an acquisition request about a target file sent by client equipment, the streaming media server authenticates the acquisition request. When the streaming media server determines that the client device has the authority to acquire the target file, the target file is directly sent to the client device, and if the client device does not have the authority to acquire the target file, the target file is not sent to the client device. In summary, it can be seen that, in the technical solution of the present application, a streaming media server in a CDN authenticates an acquisition request for acquiring a target file by a client device, and when the authentication is successful, directly returns the target file requested to be acquired by the client device to the client device. In general, the security of the streaming media server in the CDN is higher than that of the client device (it is generally more difficult to tamper data of the server than to tamper local data of the client device), so that the streaming media server authenticates an acquisition request of the client device for the target file.
Drawings
FIG. 1 is a schematic diagram of a local authentication architecture of a client device;
FIG. 2 is a schematic diagram of a prior art CDN architecture;
FIG. 3 is a schematic diagram of a CDN architecture employed in an embodiment of the present application;
FIG. 4 is a schematic diagram illustrating one embodiment of a method for obtaining a document based on authorization provided herein;
FIG. 5 is a schematic diagram of another embodiment of a method for obtaining a document according to authorization provided by the present application;
fig. 6 is a schematic diagram of an embodiment of a streaming media server provided in the present application;
FIG. 7 is a schematic diagram of one embodiment of a content management system server provided herein;
fig. 8 is a schematic diagram of another embodiment of a streaming media server provided in the present application;
fig. 9 is a schematic diagram of another embodiment of a content management system server provided in the present application.
Detailed Description
The following further describes a method for obtaining a document according to authorization provided by an embodiment of the present application with reference to the drawings.
Currently, when copyright control is performed according to a geographical position, a corresponding authority control method is mainly a local authentication mode of a client device. Specifically, fig. 1 may be referred to, and as shown in fig. 1, is a schematic diagram of a local authentication architecture of a client device. The server (server), also known as the source station, includes a geo-location download module, an interface orchestration module, a database, and a CMS. The geographic position downloading module is connected with a geographic position provider MaxMind of a third party, downloads geographic position information and stores the corresponding relation between the geographic position and the IP address in a database. After uploading a video file to a server, a content provider sets geographical location copyright information corresponding to the video file in a CMS through a content management portal (portal). The geographical location copyright information may be as shown in table 1 below.
Video files Geographic location with play rights
A China
B Japan, Korea
C Mainland area of China, hong Kong area of China
D Southeast Asia region
TABLE 1
After the setting is successful, the CMS issues the corresponding relationship between the video file and the geographic location copyright information to the client device through the interface arrangement module. And then, when the user plays the video file through the client device, the client device initiates a query request to the server, wherein the query request carries the IP address of the client device. The server receives the query request according to the interface arranging module, determines the geographic position of the current client device according to the IP address carried in the query request, and returns a query response to inform the current geographic position of the client device. And finally, determining whether the client equipment has the authority of playing the video or not according to the corresponding relation between the video and the geographical position copyright information which are stored in advance by the client equipment.
In the above scheme, although the geographic location copyright control can be implemented, since the copyright control file (i.e. the corresponding relationship between the video and the geographic location copyright information) needs to be issued to the client device in advance, if the user intrudes the system of the client device to modify the copyright control file, the geographic location copyright control of the video may be disabled.
Based on the above description, the present application embodiment provides a method for obtaining a file according to authorization, where the method is based on a CDN technology, in this embodiment and subsequent embodiments, an applied CDN, that is, a content delivery network, is an intelligent virtual network built on an existing network basis, and content of an origin server is delivered to a node closest to a network "edge" of a user by means of edge servers deployed in various places, so that the user can obtain required content nearby, thereby improving a response speed of the user in accessing a website. Therefore, the technical scheme can comprehensively solve the problems of small network bandwidth, large user access amount, uneven distribution of network points and the like, and improve the user access response speed and hit rate.
Fig. 2 is a schematic diagram of a conventional CDN architecture. After the content provider uploads the network resources on the origin server, the origin server can distribute the network resources to each cache server through the CDN balancing server. When a user accesses a network resource on the CDN with a client device, such as playing a video, viewing a web page, or downloading a file, the user may click on the relevant link. At this time, the client device obtains a Uniform Resource Locator (URL) of the link, and performs step (1): the URL is resolved by a local Domain Name System (DNS) to determine an Internet Protocol (IP) address corresponding to the URL. Since the accessed network resources are network resources on the CDN, the local DNS may not be able to resolve, and step (2) is performed: the local DNS forwards the URL to a DNS server on the network. The DNS analyzes the URL to obtain the IP address of the CND equilibrium server, and the step (3) is executed: the IP address of the CDN balancing server is returned to the local DNS (client device). The local DNS then performs step (4): and initiating an access request of the network resource indicated by the URL to the CDN balance server according to the obtained IP address of the CDN balance server. After obtaining the access request, the CDN balancing server determines, according to the URL, an IP address of a cache server (in fig. 2, the example is cache server 1) with the fastest response speed (theoretically), and then executes step (5): and returning the determined IP address of the cache server to the local DNS of the client device. After receiving the IP address of the cache server, the local DNS executes the step (6): the IP address of the cache server is returned to the client device. Thereafter, the client device performs step (7): and sending an access request to the cache server according to the IP address of the cache server, wherein the access request carries the URL of the network resource. And after receiving the access request, the cache server inquires to obtain the network resource. It should be noted that, if the network resource requested by the client device is not cached on the cache server, the cache server interacts with the origin server to obtain the network resource. After that, the cache server executes step (8): and returning the obtained network resources to the client equipment.
The CDN architecture shown in fig. 2 is a conventional CDN architecture, and the CDN architecture used in the embodiment of the present invention is slightly different from that shown in fig. 2. Specifically, referring to fig. 3, as shown in fig. 3, a scene schematic diagram of a CDN architecture applied in the embodiment of the present application is shown, where the scene schematic diagram includes: CDN management systems and streaming media servers deployed around the locality. The CDN management system, or CDN streaming media balancing server, is equivalent to a CDN balancing server in the CDN architecture shown in fig. 2, the streaming media server is equivalent to a cache server in the CDN architecture shown in fig. 2, and the CMS server is equivalent to an origin server in the CDN architecture shown in fig. 2.
In the solution of the present application, after the content provider uploads the streaming media file to be delivered on the CMS server, the CMS server may cache the streaming media file on each streaming media server in the CDN through a CDN management (CMM) system. When the client device initiates a live or on-demand request about the streaming media file, the CDN management system selects an optimal streaming media server for the client device to serve.
In the scheme of the application, the CDN streaming server distributes the streaming file, and the streaming server controls the right of the client device to access the streaming. It should be noted that, in the embodiments and subsequent embodiments of the present application, the described streaming media file may be a streaming media file under various protocols, including but not limited to HLS, HSS, DASH, and the like. When the streaming media file is a streaming media file of an HLS protocol or a DASH protocol, before the client device accesses the streaming media file, an index file (HLS is an M3U8 file, and DASH is an MPD file) corresponding to the streaming media file needs to be acquired, and then the streaming media file is acquired according to an acquisition address corresponding to each segment file in the index file. Therefore, when controlling the authority of the client to access the streaming media file, the control may be divided into control when acquiring the index file and control when acquiring the streaming media fragment file, which will be described below separately.
Based on the scene schematic diagram of the CDN architecture shown in fig. 3, referring to fig. 4 in detail, fig. 4 is a schematic diagram of an embodiment of a method for obtaining a file according to authorization provided by the embodiment of the present application, including:
s401, the CMS server obtains an authorization setting instruction.
In a specific embodiment, after the content provider uploads the target streaming media file to the CMS server, the URL of the target streaming media file is determined. Then, the CMS server may further split the target streaming media file to obtain one or more fragment files, and generate an index file of the target streaming media file correspondingly. The index file is a description file of the target streaming media file, and may be used to indicate information of the segment files included in the target streaming media file, such as information of a playing sequence, a playing duration, an obtaining address, and the like of each segment file. If the target streaming media file is a streaming media file following an HLS protocol, the fragment file is a TS fragment file, and the index file is an M3U8 file; if the file is a streaming media file conforming to the DASH protocol, the Segment file is a Segment (Segment) file, and the index file is an MPD file. Specifically, the format of the index file is related to the format of the target streaming media file, and the process of generating the index file is an existing common process, which is not described herein again.
After uploading the target streaming media file to the CMS server, the CMS server may respond to a user operation or receive an authorization setting instruction sent by the user to the CMS server through a content management portal (portal) about the target streaming media file.
The CMS server may then distribute the respective slice files and index files of the target streaming media to the respective streaming media servers through the CDN management system. The fragment file and the index file may be distributed to the same streaming media server, or may be distributed to different streaming media servers.
S402, the CMS server sets corresponding authorized access rules for the index file of the target streaming media file according to the authorization setting instruction.
In a specific embodiment, after obtaining the authorization setting instruction, the CMS server sets a corresponding authorization access rule for the index file of the target streaming media file according to the authorization setting instruction. The authorized access rule comprises a preset authorization category and a first authorization parameter which is correspondingly set for the authorization category.
In particular, the form of the authorized access rule can be seen in table 2 below, where table 2 is a schematic table of authorized access rules:
Figure BDA0002181361540000071
Figure BDA0002181361540000081
TABLE 2
Referring to table 2 above, it can be seen that the authorization category may be set in various ways, and may include one or more of a geographic location, a user age, an account category, and a playing time, for example, and is specifically set by the user. After the authorization categories are selected, corresponding authorization parameters may be set for each authorization category. After the setting is successful, the content provider can modify the authorized access rule of the index file through portal subsequently.
S403, the CMS server sends the corresponding relation between the index file and the authorized access rule to the streaming media server.
In a specific embodiment, after determining the correspondence between the index file of the target streaming media file and the authorized access rule, the CMS server distributes the correspondence to each streaming media server through the CDN management system according to a preset distribution rule. Specifically, during distribution, the corresponding relationship needs to be distributed to the same streaming media server as the index file.
S404, the client device responds to the access operation of the user about the target streaming media file.
In a specific embodiment, when the client device is running, the user clicks a link on the application program to perform an access operation on the target streaming media file. At this time, the client device responds to the access operation and determines a Uniform Resource Locator (URL) of the index file of the target streaming media file. The access operation may be a play operation (on-demand or live) on the streaming media file, a download operation on the target streaming media file, or the like.
It should be noted that in this embodiment and the following embodiments, the client device may be a terminal device (terminal device), which may be simply referred to as a terminal, or may also be a User Equipment (UE), a Mobile Station (MS), a Mobile Terminal (MT), or the like. The terminal device may be a mobile phone (mobile phone), a tablet computer (Pad), a smart television (smart TV), a Virtual Reality (VR) terminal device, an Augmented Reality (AR) terminal device, a wireless terminal in industrial control (industrial control), a wireless terminal in self driving (self driving), a wireless terminal in remote surgery (remote medical supply), a wireless terminal in smart grid (smart grid), a wireless terminal in transportation safety (transportation safety), a wireless terminal in smart city (smart city), a wireless terminal in smart home (smart home), and the like.
S405, the client device determines the streaming media server according to the access operation.
In a particular embodiment, the client device determines the streaming server (IP address) from the URL of the index file. The process of determining the streaming media server may be described with reference to relevant steps in the CDN architecture scenario shown in fig. 2, and details are not repeated here.
S406, the client device sends an acquisition request of an index file of the target streaming media file to the streaming media server.
In a specific embodiment, after determining the streaming media server, the client device sends an acquisition request about the index file to the streaming media server, where the acquisition request carries the URL of the index file.
S407, the streaming media server determines the authorized access rule corresponding to the index file according to the corresponding relationship between the pre-stored index file and the authorized access rule.
In a specific embodiment, after receiving an acquisition request sent by a client device, a streaming media server determines an index file according to a URL carried in the acquisition request. And then determining an authorized access rule corresponding to the index file according to the corresponding relationship between the pre-stored index file and the authorized access rule. It should be noted that the corresponding relationship may specifically be a corresponding relationship between a file identifier of the index file and an authorized access rule, and the file identifier may be a Uniform Resource Identifier (URI) of the index file. And then the streaming media server determines the authorized access rule corresponding to the index file according to the corresponding relation among the URI of the index file, the prestored index file and the authorized access rule.
S408, the streaming media server determines whether the client device has the authority to acquire the index file according to the authorized access rule.
In a specific embodiment, after determining an authorized access rule corresponding to the index file, the streaming media server determines an authorization category and a first authorization parameter in the authorized access rule. Then, the streaming media server determines a second authorization parameter corresponding to the client device. The second authorization parameter may be carried in the acquisition request, and if the second authorization parameter is not carried in the acquisition request, the streaming media server may interact with the client device, or interact with a server in which the second authorization parameter of the client device is stored, so as to determine the second authorization parameter corresponding to the client device. After the second authorization parameter is obtained, the streaming media server compares the first authorization parameter with the second authorization parameter, and if the value corresponding to each authorization category in the second authorization parameter is within the value range set by each authorization category in the first authorization parameter, it is determined that the client device has the authority to obtain the index file; and if the value corresponding to each authorization type in the second authorization parameter is not or is not completely in the value range set by each authorization type in the first authorization parameter, determining that the client device does not have the authority of acquiring the index file.
In a specific embodiment, the second authorization parameter is included in the get request, and the get request is a socket link request. In this embodiment, the second authorization parameter is carried in the acquisition request, so that the streaming media server can directly acquire the second authorization parameter carried in the request after receiving the acquisition request. Wherein, the obtaining request is a socket link request. The second authorization parameter carried in the socket link request is difficult to be tampered, so that the result of authorization verification can be effectively guaranteed not to be influenced.
The following describes the process of the authorization determination with an example.
For example, the index file of the target streaming media file is the index file a shown in table 2 as an example. According to the example illustrated in table 2, index file a corresponds to different authorization policies in china and the uk, respectively, according to the geographic location. Therefore, when determining the right of the client device to acquire the index file a, the geographic location of the client device needs to be determined first.
There are a number of ways to determine the geographic location of a client device. For example, the first method: the client device is a device such as a mobile phone or a tablet computer, and when the device has a positioning function, the geographical position of the device can be determined through a positioning module of the device, and geographical position information is carried in an acquisition request of the index file A, so that the streaming media server can directly determine the geographical position of the client device from the acquisition request. The second method comprises the following steps: the client device is a device without a positioning function, and carries the IP address of the client device in the acquisition request of the index file A, so that the streaming media server determines the geographic position of the client device according to the IP address.
The following describes the second embodiment.
The IP address of the client device may be included in the get access request. And the streaming media server further determines the geographical position of the client equipment according to the IP address. Specifically, determining the geographic location from the IP address may include the steps of:
(1) the streaming media server downloads relevant geographic location data from a server of a third-party geographic location provider (e.g., MaxMind) in advance, and the geographic location data may include a correspondence relationship between an IP address and a geographic location ID and a correspondence relationship between the geographic location ID and a geographic location.
Table 3 may be referred to for the correspondence between IP addresses and geographic location IDs, and table 3 is an indication table of the correspondence between IP addresses and geographic location IDs.
IP address Geographic location ID IP address Geographic location ID
5.62.63.84/30 49518 2.16.61.46/31 2921044
1.0.2.0/23 1814991 2.16.61.52/30 2921044
1.0.8.0/21 1814991 2.0.0.0/12 3017382
1.0.32.0/19 1814991 2.16.117.181/32 3017382
1.5.0.0/16 1861060 1.2.3.0/24 6252001
1.21.0.0/16 1861060 1.32.232.0/21 6252001
2.16.37.0/24 2635167 2.56.9.245/32 6252001
2.16.48.4/30 2635167 2.21.98.52/30 953987
TABLE 3
The correspondence relationship between the geographic location ID and the geographic location can be referred to in table 4, where table 4 is an indication table of the correspondence relationship between the IP address and the geographic location ID.
Geographic location ID Zhou code Name of continent Country code Name of country
49518 AF Africa RW Rwanda
1861060 AS Asia JP Japanese
2635167 EU Europe GB Great Britain
2921044 EU Europe DE Germany
3017382 EU Europe FR France
6252001 NA North America US United states of America
953987 AF Africa ZA South Africa
Table 4(2) the streaming media server determines the geographical location ID according to the IP address of the client and the correspondence between the IP address and the geographical location ID.
(3) And the streaming media server memorizes the corresponding relation between the geographic position ID and the geographic position according to the geographic position ID to determine the geographic position of the client.
It should be noted that the geographical location is described by taking a country as an example, and may actually be a city-level geographical location, and the corresponding geographical location IDs in table 3 and table 4 are also corresponding city geographical location IDs. In addition, the IP address shown in table 3 is an Internet Protocol version 4 (IPv 4) address. In practical application, the corresponding relationship between the Internet Protocol Version 6 (IPv 6) address and the geographic location ID may also be prestored. If the IPv6 address of the client device is carried in the acquisition request, the corresponding relationship between the relevant IPv6 address and the geographic location ID may be queried, and then the geographic location corresponding to the client device is determined.
After determining the geographic location of the client device (assuming that the location of the client device is in china) according to the above procedure, the streaming media server may determine information such as the user age and the account category of the current account of the client device by interacting with the server in which the user account information is stored. And then, comparing the determined second authorization parameter with the first authorization parameter to determine whether the client has the right to access the index file A.
Referring to table 5, when the index file of the target streaming media file is index file a, several assumed results of the second authorization parameters are given, and the authorization result is described.
Figure BDA0002181361540000111
TABLE 5
As shown in table 5 above, when comparing the first authorization parameter and the second authorization parameter, it is necessary to compare whether the values of the authorization categories are matched, and if the values are matched (as in the assumption cases 2 and 4), it is determined that the client device has the right to access the index file a; if there is no match or only a partial match (assumptions 1, 3), then the client device is determined not to have access to index file a.
And S409, if so, the streaming media server sends the index file of the target streaming media file to the client equipment.
In a specific embodiment, after the streaming media server determines that the client device has the right to acquire the index file, the streaming media server sends the index file to the client device.
In a specific embodiment, the index file returned by the streaming media server to the client device corresponds to the access right of the client device to the target streaming media file. In an actual application scenario, the description is given with reference to the case shown in table 5. If the second authorization parameter is the case 2, the streaming media server determines that the client device only has an acquisition right on the content in the first 30% of the total duration of the target streaming media file, so that the streaming media server can obtain, according to the index file a, an index file corresponding to the content in the first 30% of the total duration of the target streaming media file, and in the process, the index file a needs to be processed. Specifically, when the index file a is an M3U8 file, the streaming media server determines a fragment file corresponding to the target streaming media file within the first 30% of the total duration of the target streaming media file according to an attribute # EXT (indicating the duration of the immediately subsequent fragment) and an EXT-X-PROGRAM-DATE-TIME attribute (indicating the absolute TIME of attribution of the fragment) in the M3U8 file, and extracts the URI corresponding to the fragment file from the index file a. And then, the streaming media server generates an index file corresponding to the content of the target streaming media file in the first 30% of the total duration, wherein the index file only carries the URI of the fragment file in the first 30% of the total duration of the target streaming media file. If the index file a is an MPD file in the DASH streaming protocol, the streaming server calculates the Start Time of a segment by adding the attribute of availabilitystart Time (Start Time of index) and the attribute of availabilitytime Offset (Offset Time of segment) in the index file a, so as to determine the segment content corresponding to the target streaming file in the first 30% of the total duration, and generate a corresponding MPD file.
S410, the client device determines the acquisition address of the target streaming media file according to the index file.
In a specific embodiment, after receiving the index file, the client device parses the index file to obtain an acquisition address (URL) of the fragment file indicated in the index file.
S411, the client device obtains the target streaming media file according to the obtaining address.
In a specific embodiment, after the client device acquires the acquisition address of the fragmented file, the streaming media server is determined according to the acquisition address. Specifically, the process of determining the streaming media server according to the obtained address is similar to the process described in fig. 2, and is not described herein again.
And then, the client device sends an acquisition request about the target streaming media file to the streaming media server, wherein the request carries the URL of each fragment file of the target streaming media file. The streaming media server determines each fragment file according to the URL and returns the target streaming media file to the client device. If the fragment file of the target streaming media file is not stored in the streaming media server, the streaming media file interacts with the CMS server to obtain the target streaming media file, and returns the target streaming media file to the client device.
Here, the streaming server providing streaming media file distribution for the client device and the streaming server providing the index file of the target file may be the same server or different servers.
And S412, if not, the streaming media file does not send the index file to the client device.
In a specific embodiment, if the streaming media server determines that the client device does not have the authority to acquire the index file, the index file is not sent to the client device, so that the client device cannot acquire the target streaming media file.
According to the technical scheme, the embodiment of the application has the following advantages:
the method comprises the steps that content distribution is carried out by adopting a CDN technology, when a user requests or directly broadcasts a target streaming media file through client equipment, the client equipment sends an acquisition request about an index file of the target streaming media file to a streaming media server in the CDN, and the streaming media server authenticates the acquisition request. When the streaming media server determines that the client device has the authority to acquire the index file, the index file is directly sent to the client device; and if the index file does not have the authority to acquire the index file, not sending the index file to the client equipment. The index file carries an acquisition address of the target streaming media file, and if the client device does not acquire the index file, the target streaming media file cannot be played.
In summary, it can be seen that, in the technical solution of the present application, a streaming media server in the CDN authenticates an acquisition request of a client device for acquiring an index file of a target streaming media file, so as to implement authentication control on an operation of playing the target streaming media file. In general, the security of a streaming media server in the CDN is higher than that of a client device (it is generally more difficult to tamper data of the server than to tamper local data of the client device), so that the streaming media server performs authentication control on a play operation of the client device, and compared with an existing local authentication method for the client device, the local authentication method for the client device has higher reliability, and can better guarantee the copyright control of a content provider on a target streaming media file.
In the embodiment shown in fig. 4, the method for controlling when acquiring the index file is described, and a manner of performing authentication when acquiring the streaming media segment file is described below.
Based on the scene schematic diagram of the CDN architecture shown in fig. 3, referring to fig. 5 in detail, fig. 5 is a schematic diagram of another embodiment of a method for obtaining a file according to authorization, provided by the embodiment of the present application, including:
s501, the CMS server obtains an authorization setting instruction.
It should be noted that step S501 is similar to step S401 in the embodiment shown in fig. 4, and is not repeated here.
S502, the CMS server sets corresponding authorized access rules for the target streaming media file according to the authorization setting instruction.
In a specific embodiment, after obtaining the authorization setting instruction, the CMS server sets a corresponding authorization access rule for the target streaming media file according to the authorization setting instruction. The authorized access rule comprises a preset authorization category and a first authorization parameter which is correspondingly set for the authorization category.
Specifically, the form of the authorized access rule is similar to the schematic table shown in table 2 in the embodiment shown in fig. 4, and details thereof are omitted here.
S503, the CMS server sends the corresponding relation between the target streaming media file and the authorized access rule to the streaming media server.
In a specific embodiment, after determining the corresponding relationship between the target streaming media file and the authorized access rule, the CMS server distributes the corresponding relationship to each streaming media server through the CDN management system according to a preset distribution rule. Specifically, during distribution, the corresponding relationship needs to be distributed to the same streaming media server as the target streaming media file.
S504, the client device responds to the playing operation of the target streaming media file by the user.
It should be noted that step S504 is similar to step S404 in the embodiment shown in fig. 4, and is not described here again.
And S505, the client device acquires an index file of the target streaming media file according to the playing operation, wherein the index file is used for indicating an acquisition address of the target streaming media file.
In one particular embodiment, the client device determines the streaming media server (IP address) that hosts the index file based on the URL of the index file. The process of determining the streaming media server may be described with reference to relevant steps in the CDN architecture scenario shown in fig. 2, and details are not repeated here. Then, the client device sends an acquisition request about the index file to the streaming media server, and receives the index file of the target streaming media file sent by the streaming media server. The target streaming media file may be composed of one or more fragment files, and the index file is used to indicate a retrieval address (URL) and a playing sequence of each fragment file.
S506, the client device determines the streaming media server according to the acquired address.
In a specific embodiment, after determining an acquisition address of each fragmented file of a target streaming media file, a client device determines a streaming media server for providing a target streaming media file distribution service according to the acquisition address. The process of determining the streaming media server is similar to the process shown in fig. 2, and is not described herein again.
S507, the client device sends an acquisition request about the target streaming media file to the streaming media server.
In a specific embodiment, after determining the streaming media server, the client device initiates an acquisition request to the streaming media server according to the acquisition address and the acquisition sequence of each fragment file in the index file.
S508, the streaming media server determines the authorized access rule corresponding to the target streaming media file according to the corresponding relation between the target streaming media file and the authorized access rule.
In a specific embodiment, after receiving an acquisition request sent by a client device, a streaming media server determines each segment file of a corresponding target streaming media file according to a URL carried in the acquisition request. And then determining an authorized access rule corresponding to the target streaming media file according to the corresponding relation between the pre-stored target streaming media file and the authorized access rule. It should be noted that the corresponding relationship may specifically be a corresponding relationship between a file identifier of the target streaming media file and an authorized access rule, and the file identifier may be a Uniform Resource Identifier (URI) of the target streaming media file. And then the streaming media server determines the authorized access rule corresponding to the target streaming media file according to the corresponding relation among the URI of the target streaming media file, the pre-stored target streaming media file and the authorized access rule.
S509, the streaming media server determines whether the client device has the authority to acquire the target streaming media file according to the authorized access rule.
In a specific embodiment, after determining an authorized access rule corresponding to a target streaming media file, the streaming media server determines an authorization category and a first authorization parameter in the authorized access rule. Then, the streaming media server determines a second authorization parameter corresponding to the client device. The second authorization parameter may be carried in the acquisition request, and if the second authorization parameter is not carried in the acquisition request, the streaming media server may interact with the client device, or interact with a server in which the second authorization parameter of the client device is stored, so as to determine the second authorization parameter corresponding to the client device. After the second authorization parameter is obtained, the streaming media server compares the first authorization parameter with the second authorization parameter, and if the value corresponding to each authorization category in the second authorization parameter is within the value range set by each authorization category in the first authorization parameter, it is determined that the client device has the right to obtain the target streaming media file; and if the value corresponding to each authorization type in the second authorization parameter is not or is not completely in the value range set by each authorization type in the first authorization parameter, determining that the client device does not have the authority to acquire the target streaming media file.
In a specific embodiment, the second authorization parameter is included in the get request, and the get request is a socket link request. In this embodiment, the second authorization parameter related to the client device is carried in the acquisition request, so that the streaming media server can directly acquire the second authorization parameter carried in the request after receiving the acquisition request. Wherein, the obtaining request is a socket link request. The second authorization parameter carried in the socket link request is difficult to be tampered, so that the result of authorization verification can be effectively guaranteed not to be influenced.
And S510, if so, the streaming media server sends the target streaming media file to the client equipment.
In a specific embodiment, if the streaming media server determines that the client device has the right to acquire the target streaming media file, the streaming media server sends the target streaming media file to the client device.
And S511, if not, the streaming media server does not send the target streaming media file to the client equipment.
In a specific embodiment, if the streaming media server determines that the client device does not have the right to acquire the target streaming media file, the streaming media server does not send the target streaming media file to the client device, so that the client device cannot play the target streaming media file, thereby protecting the copyright set by the content provider.
According to the technical scheme, the embodiment of the application has the following advantages:
the CDN technology is adopted for content distribution, and after a streaming media server in the CDN receives an acquisition request about a target streaming media file sent by client equipment, the streaming media server authenticates the acquisition request. When the streaming media server determines that the client device has the right to acquire the target streaming media file, the target streaming media file is directly sent to the client device, and if the client device does not have the right to acquire the target streaming media file, the target streaming media file is not sent to the client device. In summary, it can be seen that, in the technical solution of the present application, a streaming media server in a CDN completely performs authentication control on an acquisition request for acquiring a target streaming media file by a client device. In general, a streaming media server in the CDN is used as a server, and the security of the server is higher than that of the client device (it is generally difficult to tamper data of the server than to tamper local data of the client device), so that the streaming media server authenticates an acquisition request of the client device for a target streaming media file.
Referring to fig. 6 in detail, fig. 6 is a schematic diagram of an embodiment of a streaming media server provided in an embodiment of the present application, including:
a receiving unit 601, configured to receive an acquisition request sent by a client device for a target file;
a processing unit 602, configured to determine whether the client device has a right to acquire the target file;
a sending unit 603, configured to send the target file to the client device if it is determined that the client device has the right to acquire the target file; and if the client equipment is determined not to have the authority of acquiring the target file, not sending the target file to the client equipment.
In a specific embodiment, the target file is an index file of the target streaming media file, and the index file is used to indicate an acquisition address of the target streaming media file.
In a specific embodiment, the target file is a target streaming media file.
In a specific embodiment, the index file is an M3U8 file or an MPD file.
In a particular embodiment of the present invention,
a receiving unit 601, configured to receive a correspondence between the target file and the authorized access rule sent by the CMS server of the content management system;
a processing unit 602, specifically configured to determine the authorized access rule corresponding to the target file according to the corresponding relationship; and determining whether the client equipment has the authority to acquire the target file according to the authorized access rule.
In a specific embodiment, the authorized access rule includes a preset authorization category and a first authorization parameter preset for the authorization category,
a processing unit 602, specifically configured to determine a second authorization parameter corresponding to the client device; determining whether the first authorization parameter matches the second authorization parameter; if so, determining that the client equipment has the authority to acquire the target file; and if not, determining that the client equipment does not have the authority of acquiring the target file.
In a particular embodiment, the authorization category includes at least one of a geographic location, a user age, a duration of play, or an account category.
In a specific embodiment, the get request is a socket link request.
Referring to fig. 7 in detail, fig. 7 is a schematic diagram of an embodiment of a content management system server according to an embodiment of the present application, including:
a receiving unit 701, configured to obtain an authorization setting instruction;
a processing unit 702, configured to set a corresponding authorized access rule for the target file according to the authorization setting instruction;
a sending unit 703, configured to send, to a streaming media server, a corresponding relationship between the target file and the authorized access rule, where the corresponding relationship is used to instruct the streaming media server to authenticate an operation of obtaining the target file by a client device, and send, when it is determined that the client device has a right to obtain the target file, the target file to the client device.
In a specific embodiment, the target file is an index file of the target streaming media file, and the index file is used to indicate an acquisition address of the target streaming media file.
In a specific embodiment, the target file is a target streaming media file.
In a specific embodiment, the index file is an M3U8 file or an MPD file.
In a specific embodiment, the authorized access rule includes a preset authorization category and a first authorization parameter preset for the authorization category, where the first authorization parameter is used to instruct the streaming media server to determine that the client device has the right to acquire the target file when determining that the second authorization parameter related to the client device matches the first authorization parameter.
In a particular embodiment, the authorization category is at least one of geographic location, user age, duration of play, or account category.
Referring to fig. 8 in detail, fig. 8 is a schematic diagram of another embodiment of a streaming media server according to an embodiment of the present application, including:
a processor 801, a memory 802, and a transceiver 803;
a transceiver 803 for communicating with a device other than the streaming server;
a memory 802 for storing instruction codes;
a processor 801, configured to execute the instruction codes, so that the streaming media server executes the method executed by the streaming media server in the embodiment shown in fig. 4 or fig. 5 and in any optional manner.
Referring to fig. 9 in detail, fig. 9 is a schematic diagram of another embodiment of a content management system server or a client device according to an embodiment of the present application, including:
a processor 901, a memory 902, and a transceiver 903;
a transceiver 903 for communicating with a device other than the content management system server;
a memory 902 for storing instruction codes;
a processor 901 configured to execute the instruction codes, so that the content management system server or the client device executes the method executed by the content management system server or the client device in the embodiment shown in fig. 4 or fig. 5 and in any optional manner.
The embodiment of the present application further provides a computer storage medium, which stores instructions that, when executed on a computer, cause the computer to execute the method executed by the streaming media server in the embodiment shown in fig. 4 or fig. 5 and in any optional manner.
Embodiments of the present application further provide a computer storage medium storing instructions that, when executed on a computer, cause the computer to perform the method performed by the content management system server in the embodiments shown in fig. 4 or fig. 5 and in any optional manner.
Embodiments of the present application further provide a computer program product, which includes instructions that, when executed on a computer, cause the computer to execute the method performed by the streaming media server in the embodiments shown in fig. 4 or fig. 5 and in any optional manner.
Embodiments of the present application further provide a computer program product, which includes instructions that, when executed on a computer, cause the computer to perform the method performed by the content management system server in the embodiments shown in fig. 4 or fig. 5 and in any optional manner.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
In the several embodiments provided in the present application, it should be understood that the disclosed system, apparatus and method may be implemented in other manners. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one logical division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application may be substantially implemented or contributed to by the prior art, or all or part of the technical solution may be embodied in a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
The above embodiments are only used for illustrating the technical solutions of the present application, and not for limiting the same; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions in the embodiments of the present application.

Claims (11)

1. A method for obtaining a file according to authorization, comprising:
a streaming media server in a Content Delivery Network (CDN) receives an acquisition request about a target file sent by client equipment;
the streaming media server determines whether the client equipment has the authority to acquire the target file;
if yes, the streaming media server sends the target file to the client device;
if not, the streaming media server does not send the target file to the client device.
2. The method of claim 1, wherein the target file is an index file of a target streaming media file, and the index file is used to indicate an acquisition address of the target streaming media file.
3. The method of claim 1, wherein the target file is a target streaming media file.
4. The method of claim 2, wherein the index file is an M3U8 file or an MPD file.
5. The method according to any one of claims 1-4, further comprising:
the streaming media server receives the corresponding relation between the target file and the authorized access rule sent by a Content Management System (CMS) server;
the streaming media server determines whether the client device has the authority to acquire the target file, including:
the streaming media server determines the authorized access rule corresponding to the target file according to the corresponding relation;
and the streaming media server determines whether the client equipment has the authority to acquire the target file according to the authorized access rule.
6. The method according to claim 5, wherein the authorized access rule includes a preset authorization category and a first authorization parameter that is preset for the authorization category, and the determining, by the streaming media server according to the authorized access rule, whether the client device has the right to acquire the target file includes:
the streaming media server determines a second authorization parameter corresponding to the client device;
the streaming media server determines whether the first authorization parameter and the second authorization parameter match;
if so, determining that the client equipment has the authority to acquire the target file;
and if not, determining that the client equipment does not have the authority of acquiring the target file.
7. The method of claim 6, wherein the authorization category comprises at least one of a geographic location, a user age, a duration of play, or an account category.
8. The method of any one of claims 1-7, wherein the fetch request is a socket link request.
9. A streaming server in a content distribution network, comprising:
a processor, a memory, and a transceiver;
the transceiver is used for communicating with a device outside the streaming media server;
the memory is used for storing instruction codes;
the processing unit, when executing the instruction code, causes the streaming server to perform the method of any of claims 1-8.
10. A computer-readable storage medium having stored thereon instructions which, when executed on a computer, cause the computer to perform the method of any one of claims 1-8.
11. A computer program product comprising instructions which, when run on a computer, cause the computer to perform the method of any one of claims 1-8.
CN201910797493.9A 2019-08-27 2019-08-27 Method for obtaining file according to authorization Pending CN112449216A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910797493.9A CN112449216A (en) 2019-08-27 2019-08-27 Method for obtaining file according to authorization

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910797493.9A CN112449216A (en) 2019-08-27 2019-08-27 Method for obtaining file according to authorization

Publications (1)

Publication Number Publication Date
CN112449216A true CN112449216A (en) 2021-03-05

Family

ID=74742013

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910797493.9A Pending CN112449216A (en) 2019-08-27 2019-08-27 Method for obtaining file according to authorization

Country Status (1)

Country Link
CN (1) CN112449216A (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104471918A (en) * 2014-03-24 2015-03-25 华为技术有限公司 Method of downloading files, device and system
CN105163143A (en) * 2015-07-17 2015-12-16 华数传媒网络有限公司 Online movie operation system and playing method for online-requested movies and downloaded online being-released movies
CN105874810A (en) * 2013-07-23 2016-08-17 爱立信股份有限公司 Media distribution system with manifest-based entitlement enforcement
US20180278717A1 (en) * 2008-11-17 2018-09-27 Amazon Technologies, Inc. Request routing utilizing client location information

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180278717A1 (en) * 2008-11-17 2018-09-27 Amazon Technologies, Inc. Request routing utilizing client location information
CN105874810A (en) * 2013-07-23 2016-08-17 爱立信股份有限公司 Media distribution system with manifest-based entitlement enforcement
CN104471918A (en) * 2014-03-24 2015-03-25 华为技术有限公司 Method of downloading files, device and system
CN105163143A (en) * 2015-07-17 2015-12-16 华数传媒网络有限公司 Online movie operation system and playing method for online-requested movies and downloaded online being-released movies

Similar Documents

Publication Publication Date Title
US11055429B2 (en) Key providing method, video playing method, server and client
JP6384699B2 (en) Token-based authentication and authorization information signaling and exchange for adaptive streaming
US10057277B2 (en) System and method for partial URL signing with applications to dynamic adaptive streaming
CA2824365C (en) Output of content from the internet on a media rendering device
US8832726B2 (en) Video streaming entitlement determined based on the location of the viewer
US9794240B2 (en) System and method for signaling and verifying URL signatures for both URL authentication and URL-based content access authorization in adaptive streaming
US8745655B2 (en) Emergency alerts during playback of video streams on portable devices
US8844001B2 (en) IP-based mobile device authentication for content delivery
JP5678367B2 (en) System and method for authorizing access to network services by using information obtained from subscriber equipment
JP6277194B2 (en) Inheritance of universal resource identifier (URI) parameters
KR102496890B1 (en) Information processing device, client device, and data processing method
CN112367666B (en) Method, device and system for allowing pNF in 5G core network to pass NRF authentication cNF
CN109391686B (en) Processing method of access request and CDN node server
US10708326B2 (en) Secure media casting bypassing mobile devices
EP2835947A1 (en) Method, terminal, and server for generating media information and ahs system thereof
US20150074234A1 (en) Content system and method for chunk-based content delivery
CN112449216A (en) Method for obtaining file according to authorization
KR102379069B1 (en) Broadcast apparatus and method for authenticating broadcast data
KR102457620B1 (en) Network security system and operation method thereof
CN109525867B (en) Load balancing method and device and mobile terminal
KR20170006513A (en) Contents provision server, media play device and computer program for providing authentication service
CN102316118A (en) Method for rapidly accessing web portal and client thereof
CN115278345A (en) Video transmitting method, system, device and non-volatile storage medium
CN116471256A (en) Domain name resolution method, device, equipment, storage medium and product
CN113905034A (en) Video acquisition method, system, device and medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20210305

RJ01 Rejection of invention patent application after publication