CN116388997A - Authentication management method and system for broadcast control terminal - Google Patents
Authentication management method and system for broadcast control terminal Download PDFInfo
- Publication number
- CN116388997A CN116388997A CN202310248425.3A CN202310248425A CN116388997A CN 116388997 A CN116388997 A CN 116388997A CN 202310248425 A CN202310248425 A CN 202310248425A CN 116388997 A CN116388997 A CN 116388997A
- Authority
- CN
- China
- Prior art keywords
- broadcast control
- control terminal
- target
- authentication
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000007726 management method Methods 0.000 title claims abstract description 148
- 238000000034 method Methods 0.000 claims abstract description 24
- 230000008569 process Effects 0.000 description 7
- 238000004891 communication Methods 0.000 description 6
- 230000005540 biological transmission Effects 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 4
- 238000012545 processing Methods 0.000 description 4
- 230000009471 action Effects 0.000 description 2
- 230000006978 adaptation Effects 0.000 description 2
- 230000006872 improvement Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3239—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0884—Network architectures or network communication protocols for network security for authentication of entities by delegation of authentication, e.g. a proxy authenticates an entity to be authenticated on behalf of this entity vis-à-vis an authentication entity
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
Abstract
The application discloses a broadcast control terminal authentication management method and system. Acquiring a target device information abstract reported by a target broadcast control terminal through an authentication node server, and encrypting a unique identifier of the target broadcast control terminal and the target device information abstract to generate a target authentication information abstract under the condition that the device information abstract stored in the authentication node server contains the target device information abstract; forwarding the unique identifier of the target broadcast control terminal and the target authentication information abstract to a broadcast control management platform through the broadcast control server; and encrypting the unique identifier of the target broadcast control terminal and the equipment information abstract corresponding to the unique identifier of the target broadcast control terminal stored in the database server through the broadcast control management platform to generate a theoretical authentication information abstract, and determining that the target broadcast control terminal is successfully authenticated under the condition that the target authentication information abstract is consistent with the theoretical authentication information abstract. By adopting the method, the reliability of validity authentication of the broadcast control terminal can be improved.
Description
Technical Field
The present application relates to the field of security authentication technologies, and in particular, to a method and system for authentication management of a broadcast control terminal.
Background
With the continuous development of the Internet and multimedia technology, the digital broadcasting control platform is widely applied to the fields of financial securities, network education, community advertising and the like. The digital broadcasting control terminal has the characteristics of convenient installation, diversified propaganda materials and rich video effect, and is widely deployed in places such as financial securities business points, teaching points, community elevators and the like to provide information propaganda service for people.
Because of the wide deployment of digital broadcast control terminals, the communication security and the equipment security of each terminal face serious challenges. The conventional authentication method of the digital broadcast control terminal is identity information matching, and sensitive information such as unique identification, MAC address (all are called Media Access Control Address) and the like of the terminal needs to be reported to the digital broadcast control platform.
However, this method lacks protection of sensitive information of the digital broadcast control terminal, and still has a great potential safety hazard. Therefore, how to perform reliable identity authentication on the digital broadcast control terminal to identify whether the digital broadcast control terminal is a legal device, so as to ensure the safety of the digital broadcast control terminal is a problem to be solved.
Disclosure of Invention
Aiming at least one defect or improvement requirement of the prior art, the invention provides a broadcast control terminal authentication management method and system, which can improve the reliability of authenticating the validity of the broadcast control terminal, thereby ensuring the safety of the broadcast control terminal.
To achieve the above object, according to a first aspect of the present invention, there is provided a broadcast control terminal authentication management method, including:
acquiring a target equipment information abstract reported by a target broadcast control terminal through an authentication node server;
encrypting, by the authentication node server, the unique identifier of the target broadcast control terminal and the target device information digest to generate a target authentication information digest when the device information digest stored in the authentication node server contains the target device information digest;
forwarding the unique identification of the target broadcast control terminal and the target authentication information abstract to a broadcast control management platform through a broadcast control server, wherein the broadcast control server is respectively connected with the authentication node server and the broadcast control management platform through a network;
encrypting the unique identifier of the target broadcast control terminal and the equipment information abstract corresponding to the unique identifier of the target broadcast control terminal stored in the database server through the broadcast control management platform to generate a theoretical authentication information abstract; the database server is connected with the broadcast control management platform in a network manner and is used for storing data to be processed by the broadcast control management platform;
and determining that the target broadcast control terminal is successfully authenticated under the condition that the target authentication information abstract is consistent with the theoretical authentication information abstract through the broadcast control management platform.
Further, the number of the authentication node servers is one, and before the target device information abstract reported by the target broadcast control terminal is obtained through the authentication node servers, the broadcast control terminal authentication management method further comprises the steps of creating at least one broadcast control terminal through a broadcast control management platform, and generating a unique identifier and a device information abstract of each broadcast control terminal; storing the device information abstract of each broadcasting control terminal through a database server; synchronizing the device information abstract of each broadcast control terminal to an authentication node server through the broadcast control server; and storing the device information abstract of each broadcasting control terminal through the authentication node server.
Further, the number of the authentication node servers is at least two, before the target device information abstract reported by the target broadcast control terminal is obtained through the authentication node servers, the broadcast control terminal authentication management method further comprises the steps of creating at least one broadcast control terminal through a broadcast control management platform, generating a unique identifier and a device information abstract of each broadcast control terminal, and binding one authentication node server for each broadcast control terminal; storing the device information abstract of each broadcasting control terminal through a database server; synchronizing the device information abstract of each broadcast control terminal to an authentication node server bound with the broadcast control terminal through the broadcast control server; and storing, by each authentication node server, a device information digest of at least one broadcast control terminal bound thereto.
Further, at least one broadcast control terminal is created through the broadcast control management platform, and a unique identifier and an equipment information abstract of each broadcast control terminal are generated.
Further, the binding relation between the broadcast control terminal and the authentication node server is modified through the broadcast control management platform.
According to a second aspect of the present invention, there is also provided a broadcast control terminal authentication management system, which adopts a distributed architecture, and includes a broadcast control management platform, a database server, a broadcast control server, at least one authentication node server and at least one broadcast control terminal, where the broadcast control management platform is connected with the database server through a network, and the broadcast control server is respectively connected with the broadcast control management platform and the at least one authentication node server through a network, and each authentication node server is connected with the at least one broadcast control terminal through a network;
the authentication node server is used for acquiring the information abstract of the target equipment reported by the target broadcast control terminal;
the authentication node server is further used for encrypting the unique identifier of the target broadcast control terminal and the target equipment information abstract to generate a target authentication information abstract under the condition that the equipment information abstract stored in the authentication node server contains the target equipment information abstract;
the broadcast control server is used for forwarding the unique identifier of the target broadcast control terminal and the target authentication information abstract to the broadcast control management platform;
the broadcast control management platform is used for encrypting the unique identifier of the target broadcast control terminal and the equipment information abstract corresponding to the unique identifier of the target broadcast control terminal stored in the database server to generate a theoretical authentication information abstract; the database server is used for storing data which needs to be processed by the broadcast control management platform;
and the broadcast control management platform is also used for determining that the target broadcast control terminal is successfully authenticated under the condition that the target authentication information abstract is consistent with the theoretical authentication information abstract.
Further, the number of the authentication node servers is one, and the broadcast control management platform is also used for creating at least one broadcast control terminal and generating a unique identifier and an equipment information abstract of each broadcast control terminal; the database server is also used for storing the equipment information abstract of each broadcasting control terminal; the broadcast control server is also used for synchronizing the device information abstract of each broadcast control terminal to the authentication node server; the authentication node server is further used for storing the device information abstract of each broadcast control terminal.
Further, the number of the authentication node servers is at least two, and the broadcast control management platform is also used for creating at least one broadcast control terminal, generating a unique identifier and an equipment information abstract of each broadcast control terminal, and binding one authentication node server for each broadcast control terminal; the database server is also used for storing the equipment information abstract of each broadcasting control terminal; the broadcast control server is also used for synchronizing the equipment information abstract of each broadcast control terminal to an authentication node server bound with the broadcast control terminal; the authentication node server is further used for storing the device information abstract of at least one broadcast control terminal bound with the authentication node server.
Further, the broadcast control management platform is further configured to create at least one broadcast control terminal, generate a unique identifier and a device information abstract of each broadcast control terminal, and set a state of each broadcast control terminal as an illegal device or a legal device.
Further, the broadcast control management platform is further used for modifying the binding relationship between the broadcast control terminal and the authentication node server.
In general, the above technical solutions conceived by the present invention, compared with the prior art, enable the following beneficial effects to be obtained:
(1) According to the broadcast control terminal authentication management method, the target broadcast control terminal reports the target device information abstract instead of the target device information, and the target authentication information abstract is generated based on the target device information abstract, namely, the transmission of the target device information is not involved in the whole authentication process, so that the sensitive information of the broadcast control terminal can be protected, the reliability of the device validity authentication of the broadcast control terminal is improved, and the purpose of ensuring the device safety of the broadcast control terminal is achieved.
(2) By adopting the authentication management method of the broadcast control terminal, provided by the invention, the authentication node server and the broadcast control management platform work cooperatively, namely, the authentication node server performs preliminary authentication on the equipment information abstract of the broadcast control terminal and generates the authentication information abstract, and the broadcast control management platform only needs to process the correctness of the authentication information abstract, so that compared with the prior art, the authentication is performed only through the broadcast control management platform, and the communication burden and authentication processing burden of the broadcast control management platform can be reduced.
(3) By adopting the broadcast control terminal authentication management system provided by the invention, a distributed broadcast control terminal authentication management system is established through the deployment of the broadcast control management platform, the broadcast control server, the authentication node server and the broadcast control terminals, and the authentication node server can be properly increased along with the increase of the broadcast control terminals, so that the broadcast control management platform completes cooperative authentication of a plurality of broadcast control terminals through the authentication node server, thereby ensuring the authentication efficiency and stable operation of the system.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are required to be used in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a flow chart of a broadcast control terminal authentication management method according to an embodiment of the present application;
fig. 2 is a schematic diagram of a broadcast control terminal authentication management system according to an embodiment of the present application;
fig. 3 is a flowchart of a broadcast control terminal authentication management method according to another embodiment of the present application.
Detailed Description
The present invention will be described in further detail with reference to the drawings and examples, in order to make the objects, technical solutions and advantages of the present invention more apparent. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the invention. In addition, the technical features of the embodiments of the present invention described below may be combined with each other as long as they do not collide with each other.
The terms first, second and the like in the description and in the claims of the present application and in the above-described figures, are used for distinguishing between different objects and not for describing a particular sequential order. Furthermore, the terms "comprise" and "have," as well as any variations thereof, are intended to cover a non-exclusive inclusion. For example, a process, method, system, article, or apparatus that comprises a list of steps or elements is not limited to only those listed steps or elements but may include other steps or elements not listed or inherent to such process, method, article, or apparatus.
As shown in fig. 1, a method for managing authentication of a broadcast control terminal is provided, and the method is applied to the broadcast control terminal authentication management system shown in fig. 2. The system comprises a broadcast control terminal authentication management system, a broadcast control terminal authentication management system and a broadcast control terminal authentication management system, wherein the broadcast control terminal authentication management system adopts a distributed architecture and comprises a broadcast control management platform, a database server, a broadcast control server, at least one authentication node server and at least one broadcast control terminal, wherein the broadcast control management platform is connected with the database server through a network, the broadcast control server is respectively connected with the broadcast control management platform and the at least one authentication node server through a network, and each authentication node server is connected with the at least one broadcast control terminal through a network. The authentication management method of the broadcast control terminal comprises the following steps:
and step 101, acquiring a target device information abstract reported by a target broadcast control terminal through an authentication node server.
The target broadcast control terminal is the broadcast control terminal to be authenticated currently. Because the broadcast control terminal is widely deployed, not every broadcast control terminal is legal equipment, the broadcast control terminal needs to be subjected to identity authentication before being accessed into the broadcast control terminal authentication management system so as to ensure the safety of the equipment.
The target device information abstract is the device information abstract of the target broadcast control terminal. The device information includes attribute information such as a unique identification (also referred to as an ID), an IP address (also referred to as Internet Protocol Address), a MAC address, a factory number, and a hard disk serial number of the broadcast control terminal. The device information abstract is obtained by encrypting the device information through an information abstract algorithm, and the information abstract algorithm can be an MD5 information abstract algorithm.
Step 102, through the authentication node server, in the case that the device information abstract stored in the authentication node server contains the target device information abstract, the unique identifier of the target broadcast control terminal and the target device information abstract are encrypted, so as to generate the target authentication information abstract.
The target authentication information abstract is the authentication information abstract of the target broadcast control terminal. The authentication information abstract of the broadcast control terminal is obtained by encrypting the unique identification of the broadcast control terminal and the equipment information abstract of the broadcast control terminal through an MD5 information abstract algorithm.
It should be noted that, because the broadcast control terminal authentication management method is applied to the distributed broadcast control terminal authentication management system, the system includes at least one authentication node server, and each authentication node server can perform preliminary authentication on at least one broadcast control terminal bound in advance. Therefore, when the identity of the target broadcast control terminal is authenticated, preliminary authentication needs to be performed through the authentication node server bound with the target broadcast control terminal, but not through other authentication node servers.
Illustratively, in the case that the broadcast control terminal authentication management system includes one authentication node server, preliminary authentication is performed on the target broadcast control terminal through the authentication node server: judging whether the equipment information abstract stored in the authentication node server contains the target equipment information abstract, and if so, encrypting the unique identification of the target broadcast control terminal and the target equipment information abstract to generate a target authentication information abstract; if the target equipment information abstract is not contained, determining that the preliminary authentication of the target broadcast control terminal fails, wherein the target broadcast control terminal is illegal equipment.
Under the condition that the broadcast control terminal authentication management system comprises at least two authentication node servers, preliminary authentication is carried out on the target broadcast control terminal through the current authentication node server: judging whether the equipment information abstract stored in the current authentication node server contains the target equipment information abstract, and if so, encrypting the unique identification of the target broadcast control terminal and the target equipment information abstract to generate a target authentication information abstract; if the target equipment information abstract is not contained, carrying out preliminary authentication on the target broadcast control terminal again through any authentication node server except the current authentication node server: judging whether the stored device information abstract contains the target device information abstract or not: if one authentication node server contains the target equipment information abstract, encrypting the unique identification of the target broadcast control terminal and the target equipment information abstract to generate a target authentication information abstract; if all authentication node servers except the current authentication node server do not contain the target equipment information abstract, determining that the target broadcast control terminal fails to perform preliminary authentication, wherein the target broadcast control terminal is illegal equipment.
And step 103, forwarding the unique identification of the target broadcast control terminal and the target authentication information abstract to a broadcast control management platform through a broadcast control server, wherein the broadcast control server is respectively connected with the authentication node server and the broadcast control management platform through a network.
In an exemplary case that the broadcast control terminal authentication management system includes an authentication node server, the broadcast control server forwards the unique identifier of the target broadcast control terminal and the target authentication information abstract to the broadcast control management platform, and the broadcast control server is respectively connected with the authentication node server and the broadcast control management platform through the broadcast control server in a network.
In the case that the broadcast control terminal authentication management system comprises at least two authentication node servers, the broadcast control server forwards the unique identification of the target broadcast control terminal and the target authentication information abstract to the broadcast control management platform, and the broadcast control server is respectively connected with each authentication node server in the at least two authentication node servers through the broadcast control server, and the broadcast control server is also connected with the broadcast control management platform through the network.
Step 104, encrypting the unique identifier of the target broadcast control terminal and the equipment information abstract corresponding to the unique identifier of the target broadcast control terminal stored in the database server through the broadcast control management platform to generate a theoretical authentication information abstract; the database server is connected with the broadcast control management platform in a network manner and is used for storing data which needs to be processed by the broadcast control management platform.
The database server is connected with the broadcast control management platform in a network manner and is used for storing data which needs to be processed by the broadcast control management platform. Because the broadcast control management platform comprises the equipment management module, the material management module, the online management module, the log management module and other functional modules, the data to be processed by the broadcast control management platform comprises all the data of the functional modules, wherein the data comprise the equipment information abstract corresponding to the unique identification of each broadcast control terminal. The theoretical authentication information abstract is obtained by encrypting an MD5 information abstract algorithm.
By way of example, the device information abstract corresponding to the unique identifier of the target broadcast control terminal is obtained from the database server according to the received unique identifier of the target broadcast control terminal through the broadcast control management platform; and encrypting the equipment information abstract corresponding to the unique identifier of the target broadcast control terminal and the unique identifier of the target broadcast control terminal obtained from the database server to generate a theoretical authentication information abstract.
And 105, determining that the target broadcast control terminal is successfully authenticated under the condition that the target authentication information abstract is consistent with the theoretical authentication information abstract through the broadcast control management platform.
Illustratively, judging whether the target authentication information abstract is consistent with the theoretical authentication information abstract or not through a broadcast control management platform; if the authentication is consistent, the target broadcast control terminal is determined to be successfully authenticated, and the target broadcast control terminal is legal equipment and can be accessed into the broadcast control terminal authentication management system; if the authentication of the target broadcast control terminal is inconsistent, determining that the authentication of the target broadcast control terminal fails, wherein the target broadcast control terminal is illegal equipment.
In the broadcast control terminal authentication management method, the target broadcast control terminal reports the target device information abstract instead of the target device information, and the target authentication information abstract is generated based on the target device information abstract, namely, the transmission of the target device information is not involved in the whole authentication process, so that the sensitive information of the broadcast control terminal can be protected, the reliability of the device validity authentication of the broadcast control terminal is improved, and the purpose of ensuring the device safety of the broadcast control terminal is achieved.
Secondly, the system is applied to a broadcast control terminal authentication management system adopting a distributed architecture, the broadcast control management platform is mainly responsible for authentication processing, the broadcast control server is mainly responsible for message forwarding between the broadcast control management platform and the authentication node server, and the database server is mainly responsible for storing data required to be processed by the broadcast control management platform, so that the communication burden and the storage burden of the broadcast control management platform are reduced; and the authentication node server is mainly responsible for isolating the authentication link from the broadcast control management platform, namely, the authentication node server performs preliminary authentication on the equipment information abstract of the broadcast control terminal and generates the authentication information abstract, and the broadcast control management platform only needs to process the correctness of the authentication information abstract, so that compared with the authentication only through the broadcast control management platform in the traditional technology, the authentication processing burden of the broadcast control management platform is reduced through the cooperative work of the authentication node server and the broadcast control management platform.
In one embodiment, the number of authentication node servers is one, and before step 101, the broadcast control terminal authentication management method further includes creating at least one broadcast control terminal through a broadcast control management platform, generating a unique identifier and an equipment information abstract of each broadcast control terminal, and setting a state of each broadcast control terminal as illegal equipment; storing, by a database server, a device information digest of each broadcast control terminal generated by a broadcast control management platform; synchronizing the device information abstract of each broadcast control terminal to an authentication node server through the broadcast control server; and storing the device information abstract of each broadcasting control terminal through the authentication node server.
In one embodiment, the number of authentication node servers is at least two, before step 101, the broadcast control terminal authentication management method further includes creating at least one broadcast control terminal through a broadcast control management platform, generating a unique identifier and an equipment information abstract of each broadcast control terminal, setting a state of each broadcast control terminal as illegal equipment, and binding one authentication node server for each broadcast control terminal; storing, by a database server, a device information digest of each broadcast control terminal generated by a broadcast control management platform; synchronizing the device information abstract of each broadcast control terminal to an authentication node server bound with the broadcast control terminal through the broadcast control server; and storing, by each authentication node server, a device information digest of at least one broadcast control terminal bound thereto.
Wherein, through broadcasting the management platform of accuse, establish at least one and broadcast accuse terminal, produce unique identification and equipment information abstract of every broadcasting accuse terminal, include: and creating at least one broadcast control terminal through the broadcast control management and management platform, configuring equipment information for each broadcast control terminal, encrypting the equipment information through an MD5 information abstract algorithm, and generating an equipment information abstract of each broadcast control terminal. The device information comprises attribute information such as unique identification of the broadcast control terminal, IP address, MAC address, factory number, hard disk serial number and the like.
In this embodiment, under the condition that the number of authentication node servers is at least two, at least one broadcast control terminal is created through the broadcast control management platform, and one authentication node server is bound for each broadcast control terminal, so that a distributed broadcast control terminal authentication management system is created through deployment of the broadcast control management platform, the database server, the broadcast control server, the at least two authentication node servers and the at least one authentication node server, and the requirements that the broadcast control terminal needs to be increased and the authentication node server needs to be increased along with the increase of service types related to the broadcast control management platform can be met.
In one embodiment, the method for managing authentication of the broadcast control terminal further includes deleting the created broadcast control terminal, modifying a binding relationship between the broadcast control terminal and the authentication node server, or modifying a state of the broadcast control terminal from an illegal device to a legal device through the broadcast control management platform. The broadcast control management platform enables the broadcast control server and the corresponding bound authentication node server to perform corresponding operation by deleting the broadcast control terminal, distributing the terminal and enabling or disabling a certain broadcast control terminal, so that the cooperative work of the authentication node server and the broadcast control management platform is ensured.
In one embodiment, as shown in fig. 3, there is provided a broadcast control terminal authentication management method, including the steps of:
step 1: creating a broadcast control terminal by the broadcast control management platform, generating an identity ID of the broadcast control terminal, setting equipment information such as an IP address, an MAC address, a factory number, a hard disk serial number and the like for the broadcast control terminal, carrying out MD5 encryption on the identity ID and the equipment information of each broadcast control terminal by an MD5 information digest algorithm, and generating an equipment information digest of each broadcast control terminal; and synchronizing the identity ID and the equipment information abstract of each broadcast control terminal to the authentication node server through the broadcast control server.
Step 2: the target broadcast control terminal reports the information abstract and the identity ID of the target equipment to the authentication node server; preliminary authentication is carried out on the target broadcast control terminal through the authentication node server, if the target equipment information abstract exists in the authentication node server or a database connected with the authentication node server, namely, the target equipment information abstract is correct, MD5 encryption is carried out according to the identity ID of the target broadcast control terminal and the target equipment information abstract, and the target authentication information abstract is obtained through calculation; otherwise, determining that the preliminary authentication fails.
Step 3: under the condition that the preliminary authentication fails, the authentication node server reports the identity ID and the target authentication information abstract of the target broadcast control terminal to the broadcast control server, and the broadcast control server forwards the identity ID and the target authentication information abstract of the target broadcast control terminal to the broadcast control management platform; under the condition that the preliminary authentication fails, the authentication node server reports the message that the target broadcast control terminal is illegal equipment to the broadcast control server, and the broadcast control server forwards the message that the target broadcast control terminal is illegal equipment to the broadcast control management platform, so that the authentication is finished.
Step 4: the broadcast control management platform receives the identity ID of the target broadcast control terminal and the target authentication information abstract which are forwarded by the broadcast control server, searches the equipment information abstract corresponding to the identity ID of the target broadcast control terminal from the data stored in the database server, encrypts the equipment information abstract corresponding to the identity ID of the target broadcast control terminal and the identity ID of the target broadcast control terminal according to the searched equipment information abstract and the identity ID of the target broadcast control terminal, calculates to obtain the authentication information abstract, compares the authentication information abstract with the received target authentication information abstract, and determines that the authentication is successful if the authentication information abstract is consistent, namely the target authentication information abstract is correct; otherwise, determining that the authentication fails, the target broadcast control terminal is illegal equipment, and ending the authentication.
In the embodiment, the identity authentication is performed on the broadcast control terminal based on the equipment information abstract and the authentication information abstract, and the transmission of sensitive information of the broadcast control terminal is not involved, so that the equipment safety of the broadcast control terminal is ensured. And secondly, performing preliminary authentication on the equipment information abstract of the broadcast control terminal through the authentication node server and generating an authentication information abstract, wherein the broadcast control management platform only needs to process the correctness of the authentication information abstract, so that compared with the authentication performed only through the broadcast control management platform in the traditional technology, the broadcast control terminal authentication management method reduces the communication burden and authentication processing burden of the broadcast control management platform.
In addition, a distributed broadcast control terminal authentication management system is established through the deployment of a broadcast control management platform, a broadcast control server, an authentication node server and a broadcast control terminal, the authentication node server can be properly increased along with the increase of the broadcast control terminals, and the broadcast control management platform completes cooperative authentication of a plurality of broadcast control terminals through the authentication node server, so that the authentication efficiency and stable operation of the system are ensured.
The broadcast control management platform can configure terminal information of the broadcast control terminal in real time, the terminal information is forwarded to the authentication node server by the broadcast control server, and the authentication node server completes information interaction and reporting with the terminal information, so that an external network communication link does not directly transmit equipment sensitive information, an internal network completes link authentication data transmission by the broadcast control server and the authentication node server, communication burden of the broadcast control management platform is reduced, a safe broadcast control terminal authentication management system is formed, and state management of the broadcast control terminal of the whole network is realized. The multi-authentication node server is deployed, so that the authentication requirements of the distributed digital broadcast control terminals with different scales and different data forms are met, the deployment cost of the broadcast control terminals is reduced, the use efficiency of the system is greatly improved, and the deployment safety of the broadcast control terminals in the people-stream dense areas such as banking sites, financial security sites and communities is ensured.
It should be noted that, for simplicity of description, the foregoing method embodiments are all expressed as a series of action combinations, but it should be understood by those skilled in the art that the present application is not limited by the order of actions described, as some steps may be performed in other order or simultaneously in accordance with the present application. Further, those skilled in the art will also appreciate that the embodiments described in the specification are all preferred embodiments, and that the acts and modules referred to are not necessarily required in the present application.
In the foregoing embodiments, the descriptions of the embodiments are emphasized, and for parts of one embodiment that are not described in detail, reference may be made to related descriptions of other embodiments.
The foregoing is merely exemplary embodiments of the present disclosure and is not intended to limit the scope of the present disclosure. That is, equivalent changes and modifications are contemplated by the teachings of this disclosure, which fall within the scope of the present disclosure. Embodiments of the present disclosure will be readily apparent to those skilled in the art from consideration of the specification and practice of the disclosure herein. This application is intended to cover any adaptations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a scope and spirit of the disclosure being indicated by the claims.
The technical features of the above embodiments may be arbitrarily combined, and all possible combinations of the technical features in the above embodiments are not described for brevity of description, however, as long as there is no contradiction between the combinations of the technical features, they should be considered as the scope of the description.
It will be readily appreciated by those skilled in the art that the foregoing description is merely a preferred embodiment of the invention and is not intended to limit the invention, but any modifications, equivalents, improvements or alternatives falling within the spirit and principles of the invention are intended to be included within the scope of the invention.
Claims (10)
1. The authentication management method for the broadcast control terminal is characterized by comprising the following steps of:
acquiring a target equipment information abstract reported by a target broadcast control terminal through an authentication node server;
encrypting, by the authentication node server, the unique identifier of the target broadcast control terminal and the target device information digest to generate a target authentication information digest when the device information digest stored in the authentication node server contains the target device information digest;
forwarding the unique identifier of the target broadcast control terminal and the target authentication information abstract to a broadcast control management platform through a broadcast control server, wherein the broadcast control server is respectively connected with the authentication node server and the broadcast control management platform through a network;
encrypting the unique identifier of the target broadcast control terminal and the equipment information abstract corresponding to the unique identifier of the target broadcast control terminal stored in a database server through the broadcast control management platform to generate a theoretical authentication information abstract; the database server is connected with the broadcast control management platform in a network manner and is used for storing data to be processed by the broadcast control management platform;
and determining that the target broadcast control terminal is successfully authenticated under the condition that the target authentication information abstract is consistent with the theoretical authentication information abstract through the broadcast control management platform.
2. The method of claim 1, wherein the number of authentication node servers is one, and before the target device information digest reported by the target broadcast control terminal is obtained by the authentication node servers, the method further comprises:
creating at least one broadcast control terminal through the broadcast control management platform, and generating a unique identifier of each broadcast control terminal and the equipment information abstract;
storing the device information abstract of each broadcast control terminal through the database server;
synchronizing the device information abstract of each broadcast control terminal to the authentication node server through the broadcast control server;
and storing the device information abstract of each broadcast control terminal through the authentication node server.
3. The method of claim 1, wherein the number of authentication node servers is at least two, and before the target device information summary reported by the target broadcast control terminal is obtained by the authentication node servers, the method further comprises:
creating at least one broadcast control terminal through the broadcast control management platform, generating a unique identifier of each broadcast control terminal and the equipment information abstract, and binding one authentication node server for each broadcast control terminal;
storing the device information abstract of each broadcast control terminal through the database server;
synchronizing the device information abstract of each broadcast control terminal to an authentication node server bound with the broadcast control terminal through the broadcast control server;
and storing, by each authentication node server, a device information digest of at least one broadcast control terminal bound thereto.
4. A method according to claim 2 or 3, wherein creating, by the broadcast control management platform, at least one broadcast control terminal, generating a unique identification of each broadcast control terminal and the device information digest, comprises:
and creating at least one broadcast control terminal through the broadcast control management platform, generating a unique identifier of each broadcast control terminal and the equipment information abstract, and setting the state of each broadcast control terminal as illegal equipment or legal equipment.
5. A method as claimed in claim 3, wherein the method further comprises:
and modifying the binding relationship between the broadcast control terminal and the authentication node server through the broadcast control management platform.
6. The system is characterized by adopting a distributed architecture, comprising a broadcast control management platform, a database server, a broadcast control server, at least one authentication node server and at least one broadcast control terminal, wherein the broadcast control management platform is connected with the database server through a network, the broadcast control server is respectively connected with the broadcast control management platform and the at least one authentication node server through a network, and each authentication node server is connected with at least one broadcast control terminal through a network;
the authentication node server is used for acquiring a target equipment information abstract reported by a target broadcast control terminal;
the authentication node server is further configured to encrypt, when the device information digest stored in the authentication node server includes the target device information digest, the unique identifier of the target broadcast control terminal and the target device information digest, to generate a target authentication information digest;
the broadcast control server is used for forwarding the unique identifier of the target broadcast control terminal and the target authentication information abstract to a broadcast control management platform;
the broadcast control management platform is used for encrypting the unique identifier of the target broadcast control terminal and the equipment information abstract corresponding to the unique identifier of the target broadcast control terminal stored in the database server to generate a theoretical authentication information abstract; the database server is used for storing data which needs to be processed by the broadcast control management platform;
the broadcast control management platform is further configured to determine that the target broadcast control terminal is successfully authenticated when the target authentication information abstract is consistent with the theoretical authentication information abstract.
7. The system of claim 6, wherein the number of authentication node servers is one, the broadcast control management platform is further configured to create at least one broadcast control terminal, and generate a unique identifier for each broadcast control terminal and the device information digest;
the database server is further used for storing the device information abstract of each broadcast control terminal;
the broadcast control server is further configured to synchronize the device information abstract of each broadcast control terminal to the authentication node server;
the authentication node server is further configured to store a device information summary of each broadcast control terminal.
8. The system of claim 6, wherein the number of authentication node servers is at least two, the broadcast control management platform is further configured to create at least one broadcast control terminal, generate a unique identifier of each broadcast control terminal and the device information digest, and bind one authentication node server for each broadcast control terminal;
the database server is further used for storing the device information abstract of each broadcast control terminal;
the broadcast control server is further configured to synchronize the device information abstract of each broadcast control terminal to an authentication node server bound to the broadcast control terminal;
the authentication node server is further configured to store a device information digest of at least one broadcast control terminal bound to the authentication node server.
9. The system of claim 7 or 8, wherein the broadcast control management platform is further configured to create at least one broadcast control terminal, generate a unique identifier of each broadcast control terminal and the device information digest, and set a state of each broadcast control terminal as an illegal device or a legal device.
10. The system of claim 8, wherein the broadcast control management platform is further configured to modify a binding relationship between the broadcast control terminal and the authentication node server.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310248425.3A CN116388997A (en) | 2023-03-13 | 2023-03-13 | Authentication management method and system for broadcast control terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310248425.3A CN116388997A (en) | 2023-03-13 | 2023-03-13 | Authentication management method and system for broadcast control terminal |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116388997A true CN116388997A (en) | 2023-07-04 |
Family
ID=86960697
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310248425.3A Pending CN116388997A (en) | 2023-03-13 | 2023-03-13 | Authentication management method and system for broadcast control terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116388997A (en) |
-
2023
- 2023-03-13 CN CN202310248425.3A patent/CN116388997A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111970129B (en) | Data processing method and device based on block chain and readable storage medium | |
| CN109766673B (en) | Alliance type audio and video copyright block chain system and audio and video copyright chaining method | |
| CN109409122B (en) | File storage method, electronic device and storage medium | |
| CN108876374B (en) | Block chain network identity document authentication method and system | |
| US20220394026A1 (en) | Network identity protection method and device, and electronic equipment and storage medium | |
| CN111079136B (en) | Fog computing intrusion detection feature sharing system based on block chain technology | |
| CN104954330B (en) | A kind of methods, devices and systems to be conducted interviews to data resource | |
| CN110909379B (en) | Storage cluster permission determination method, device, equipment and storage medium | |
| CN112152778B (en) | Node management method and device and electronic equipment | |
| CN113055176B (en) | Terminal authentication method and system, terminal device, P2P verification platform and medium | |
| CN111405223A (en) | Video processing method, device and equipment | |
| CN114338242B (en) | Cross-domain single sign-on access method and system based on block chain technology | |
| CN112235290B (en) | Block chain-based Internet of things equipment management method and first Internet of things equipment | |
| CN113255014B (en) | Data processing method based on block chain and related equipment | |
| CN112448946A (en) | Log auditing method and device based on block chain | |
| US20230325833A1 (en) | Blockchain-based data processing method and apparatus, device, storage medium, and program product | |
| CN111461720A (en) | Identity verification method and device based on block chain, storage medium and electronic equipment | |
| CN114629713B (en) | Identity verification method, device and system | |
| CN113765675A (en) | Transaction data processing method, device, equipment and medium | |
| US20240163118A1 (en) | Blockchain-based data processing method, device, and readable storage medium | |
| CN114116637A (en) | Data sharing method, device, equipment and storage medium | |
| CN117407437A (en) | Block chain-based data processing method, equipment and readable storage medium | |
| CN115225640B (en) | CDN trusted digital content supervision method and system based on block chain | |
| CN113872986B (en) | Power distribution terminal authentication method and device and computer equipment | |
| CN115866586A (en) | Intelligent security authentication and identification system based on big data |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |