CN117951654A - Content authorization method and content authorization management device with trusted memory certificate mechanism - Google Patents
Content authorization method and content authorization management device with trusted memory certificate mechanism Download PDFInfo
- Publication number
- CN117951654A CN117951654A CN202211323515.6A CN202211323515A CN117951654A CN 117951654 A CN117951654 A CN 117951654A CN 202211323515 A CN202211323515 A CN 202211323515A CN 117951654 A CN117951654 A CN 117951654A
- Authority
- CN
- China
- Prior art keywords
- content authorization
- content
- certification
- uplink
- authorization
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000013475 authorization Methods 0.000 title claims abstract description 315
- 238000000034 method Methods 0.000 title claims abstract description 40
- 230000007246 mechanism Effects 0.000 title claims abstract description 26
- 238000012545 processing Methods 0.000 claims description 94
- 238000012795 verification Methods 0.000 claims description 24
- 238000007726 management method Methods 0.000 description 61
- 238000003860 storage Methods 0.000 description 21
- 238000010586 diagram Methods 0.000 description 14
- 238000004891 communication Methods 0.000 description 7
- 230000006870 function Effects 0.000 description 7
- 230000004044 response Effects 0.000 description 7
- 238000004590 computer program Methods 0.000 description 5
- 230000005540 biological transmission Effects 0.000 description 4
- 230000008569 process Effects 0.000 description 4
- 238000003491 array Methods 0.000 description 2
- 230000008901 benefit Effects 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 239000000835 fiber Substances 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000001902 propagating effect Effects 0.000 description 2
- RYGMFSIKBFXOCR-UHFFFAOYSA-N Copper Chemical compound [Cu] RYGMFSIKBFXOCR-UHFFFAOYSA-N 0.000 description 1
- 238000012550 audit Methods 0.000 description 1
- 229910052802 copper Inorganic materials 0.000 description 1
- 239000010949 copper Substances 0.000 description 1
- 238000013524 data verification Methods 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000009826 distribution Methods 0.000 description 1
- 230000014509 gene expression Effects 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 238000000926 separation method Methods 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000012384 transportation and delivery Methods 0.000 description 1
Abstract
The present disclosure relates to a content authorization method and a content authorization management device with a trusted forensic mechanism. The method comprises the following steps: receiving a content authorization request of a client; responding to the content authorization request, and issuing a content authorization license to the client; and sending the content authorization data to a blockchain system for uplink certification, wherein the content authorization data comprises the content authorization license or authorization record information in the content authorization license.
Description
Technical Field
The present invention relates to digital rights management technology, and in particular, to a content authorization method and a content authorization management device with a trusted forensic mechanism.
Background
With the rapid development of network audiovisual content, content operation platforms are gradually concentrated, and most of content producers need to provide content to users through the content operation platforms, and the content producers and the content operation platforms share content benefits. At present, the two account separation is carried out according to the content playing condition, which is completely dependent on the content playing data provided by the single side of the content operation platform, so that the public trust can not be ensured, and the prosperous development of content creation is hindered to a certain extent. Therefore, there is a need to develop a technical solution that can enhance the credibility of content play data.
Disclosure of Invention
The invention aims to provide a content authorization method and a content authorization management device with a trusted certification mechanism, which can enhance the credibility of content playing data.
In a first aspect of the embodiments of the present disclosure, there is provided a content authorization method with a trusted forensic mechanism, applied to a content authorization management device, the method including: receiving a content authorization request of a client; responding to the content authorization request, and issuing a content authorization license to the client; and sending the content authorization data to a blockchain system for uplink certification, wherein the content authorization data comprises the content authorization license or authorization record information in the content authorization license.
Optionally, the content authorization data further includes the content authorization request.
Optionally, the content authorization request includes a user identifier and a content identifier; the content authorization permissions include a content identifier, a content key, and a rights description; the authorization record information in the content authorization license comprises a content identifier and a rights description.
Optionally, the method further comprises: performing signature verification on the content authorization data; and under the condition that the verification is passed, the step of sending the content authorization data to the blockchain system for uplink certification is executed.
Optionally, the method further comprises: and before the content authorization data is sent to the blockchain system for uplink certification, the content authorization data is encrypted.
Optionally, the encryption process employs a hash algorithm.
Optionally, the method further comprises: the content authorization data is signed before being sent to the blockchain system for uplink certification.
Optionally, the method further comprises: after the content authorization data is sent to the blockchain system, receiving a uplink certification result fed back by the blockchain system; and signing and storing the log information related to the uplink certification result.
Optionally, the sending the content authorization data to the blockchain system for uplink certification includes: and sending the content authorization data to a blockchain system for uplink certification according to the preset uplink parameters.
In a second aspect of the disclosed embodiments, a content authorization management device with a trusted forensic mechanism is provided. The content authorization management device with the trusted memory certification mechanism comprises a memory and a processor; the memory has instructions stored therein that, when executed by the processor, implement the method of any of the first aspects of the disclosed embodiments.
In a third aspect of the disclosed embodiments, a content authorization management device with a trusted forensic mechanism is provided. The content authorization management device with the trusted certification mechanism comprises an authorization processing module and a certification processing engine; the authorization processing module is used for receiving a content authorization request of a client and responding to the content authorization request to issue a content authorization license to the client; and sending content authorization data to the forensic processing engine; the license processing engine is used for sending the content authorization data to the blockchain system for uplink license, wherein the content authorization data comprises the content authorization license or authorization record information in the content authorization license.
Optionally, the content authorization data further includes the content authorization request.
Optionally, the content authorization request includes a user identifier and a content identifier; the content authorization permissions include a content identifier, a content key, and a rights description; the authorization record information in the content authorization license comprises a content identifier and a rights description.
Optionally, the authorization processing module is further configured to sign the content authorization data first, and then send the content authorization data to the certificate storing processing engine; the certification processing engine is also used for carrying out signature verification on the content authorization data received from the authorization processing module, and sending the content authorization data to the blockchain system for uplink certification under the condition that the verification is passed.
Optionally, the certification processing engine is further configured to encrypt the content authorization data before sending the content authorization data to the blockchain system for uplink certification.
Optionally, the certification processing engine is further configured to sign the content authorization data before sending the content authorization data to the blockchain system for uplink certification.
Optionally, the authorization processing module is further configured to sign the content authorization data first, and then send the content authorization data to the certificate storing processing engine; the certification processing engine is further used for carrying out signature verification on the content authorization data received from the authorization processing module, carrying out encryption processing on the content authorization data under the condition that verification is passed, signing the encrypted content authorization data, and sending the signed content authorization data to the blockchain system for uplink certification.
Optionally, the certification processing engine is further configured to receive a uplink certification result fed back by the blockchain system after sending the content authorization data to the blockchain system; and signing and storing the log information related to the uplink certification result.
Optionally, the certification processing engine is further configured to send the content authorization data to the blockchain system for uplink certification according to a preset uplink parameter.
Optionally, the authorization processing module and the certification processing engine are deployed in a trusted execution environment of the content authorization management device.
The content authorization method and the content authorization management device with the trusted memory card mechanism provided by the embodiment of the disclosure receive the content authorization request of the client, issue the content authorization permission to the client in response to the content authorization request, and send the content authorization permission or the authorization record information in the content authorization permission to the blockchain system for uplink memory card, so that multiparty mutual trust of the content authorization data can be realized, and the credibility of the content playing data is enhanced.
Other features of the present invention and its advantages will become apparent from the following detailed description of exemplary embodiments of the invention, which proceeds with reference to the accompanying drawings.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description, serve to explain the principles of the invention.
Fig. 1 is a block diagram showing a hardware configuration of a content authority management device in which an embodiment of the present invention can be implemented.
FIG. 2 illustrates a flow chart of a method of content authorization with trusted memory certification mechanism in accordance with an embodiment of the present invention;
FIG. 3 shows a schematic diagram of a streaming process of media content according to an embodiment of the invention;
FIG. 4 illustrates a block diagram of a content authorization management device with trusted memory certification mechanism in accordance with an embodiment of the present invention;
Fig. 5 shows a block diagram of a content authorization management device with trusted forensic mechanism according to an embodiment of the present invention.
Detailed Description
Various exemplary embodiments of the present invention will now be described in detail with reference to the accompanying drawings. It should be noted that: the relative arrangement of the components and steps, numerical expressions and numerical values set forth in these embodiments do not limit the scope of the present invention unless it is specifically stated otherwise.
The following description of at least one exemplary embodiment is merely exemplary in nature and is in no way intended to limit the invention, its application, or uses.
Techniques, methods, and apparatus known to one of ordinary skill in the relevant art may not be discussed in detail, but are intended to be part of the specification where appropriate.
In all examples shown and discussed herein, any specific values should be construed as merely illustrative, and not a limitation. Thus, other examples of exemplary embodiments may have different values.
It should be noted that: like reference numerals and letters denote like items in the following figures, and thus once an item is defined in one figure, no further discussion thereof is necessary in subsequent figures.
The illustrative embodiments provide a content authorization method and a content authorization management device with a trusted memory certification mechanism, which relate to digital rights management (DIGITAL RIGHTS MANAGEMENT, DRM) technology. DRM is a technique used to control, protect the usage rights of media content, such that a user must be authorized to use, view, etc., the associated media content, which may be, for example, music, movies, software, etc.
The hardware configuration of the content authority management device in the present illustrative embodiment may be respectively shown with reference to fig. 1. The configuration of the content authority management apparatus may include, but is not limited to, a processor 1110, a memory 1120, an interface device 1130, a communication device 1140, an input device 1150, an output device 1160. The processor 1110 may include, but is not limited to, a central processing unit CPU, a microprocessor MCU, and the like. The memory 1120 may include, but is not limited to, ROM (read Only memory), RAM (random Access memory), nonvolatile memory such as a hard disk, and the like. Interface device 1130 may include, but is not limited to, a USB interface, a serial interface, a parallel interface, and the like. The communication device 1140 can be capable of wired or wireless communication, for example, and may specifically include WiFi communication, bluetooth communication, 2G/3G/4G/5G communication, and the like. Input devices 1150 include, but are not limited to, a keyboard, mouse, touch screen, microphone, and the like. Output devices 1160 include, but are not limited to, a display screen, speakers, and the like. The hardware configuration of the content authority management apparatus may include only a part of the above-described devices.
The configuration of the content authority management device shown in fig. 1 is merely illustrative and is in no way meant to be any limitation on the embodiments of the present specification, applications or uses thereof. It will be appreciated by those skilled in the art that although a number of means of the content authority management apparatus have been described above, embodiments of the present specification may relate to only some of the means. For example, the content authority management apparatus may involve only a processor, a memory, and a communication means. Those skilled in the art can devise instructions in accordance with the schemes disclosed in this specification. How the instructions control the processor to operate is well known in the art and will not be described in detail here.
The content authorization management device in the embodiment of the disclosure is a security device which is subjected to security authentication and accords with DRM standards. In one example, the content authorization management device may provide a trusted execution environment (Trusted Execution Environment, TEE). The trusted execution environment may be used for digital rights management, mobile payment and sensitive data protection. In one example, the trusted execution environment includes hardware resources, an interactive interface, and a secure operating system that are isolated from the outside.
Referring to fig. 2, an embodiment of the present disclosure provides a content authorization method with a trusted forensic mechanism, which is applied to a content authorization management device, and includes steps S102 to S106.
Step S102, receiving a content authorization request of a client.
Step S104, in response to the content authorization request, a content authorization license is issued to the client. In one example, the content authorization request includes a user identification, a content identification.
Step S106, the content authorization data is sent to the blockchain system for uplink certification, and the content authorization data comprises the content authorization license or authorization record information in the content authorization license. In one example, the content authorization license includes a content identification, a content key, and a rights description. In one example, the authorization record information in the content authorization license includes a content identification and a rights description.
In one example, the content authorization data further includes a content authorization request, that is, the content authorization management device sends the content authorization request to the blockchain system for up-chain certification.
The streaming process of media content is described below in conjunction with the illustration of fig. 3: after the digital media content is produced by the content producer, the content is encrypted by the content encryption system and then submitted to the content operation platform. The content operation platform distributes content to the user terminal based on a CDN (Content Delivery Network, content distribution network) system of the platform. The terminal is installed with a media content operation Application (APP) and a DRM client. After the user requests the media content operation application, the DRM client sends a content authorization request to the content authorization management device corresponding to the content operation platform to request the content authorization. After receiving the content authorization request of the DRM client, the content authorization management device inquires an encryption algorithm and a content encryption key corresponding to the content from the key management system according to the content identifier, generates a content authorization license according to the ordering condition of the user, and returns the content authorization license to the DRM client for decryption playing. The content authorization request may include a user identification, a terminal identification, and a content identification. The content authorization license may include information such as content identification, content key, rights description, user identification, terminal certificate, etc. The rights description is used to describe the user's operational rights to the media content, which may include, for example, permissions, constraints, obligations, lifetime, etc. After receiving the content authorization request from the DRM client and feeding back the content authorization license to the DRM client, the content authorization management device sends the content authorization data to the blockchain system for uplink certification.
In one example, the content authorization management device performs signature verification on the content authorization data to determine the authenticity and integrity of the content authorization data, and performs the step of sending the content authorization data to the blockchain system for uplink certification if the verification passes.
In one example, in step S106, the content authorization management device encrypts the content authorization data before sending the content authorization data to the blockchain system for uplink certification. For example, the content authorization management device encrypts the content authorization data by using a hash algorithm, and sends the encrypted content authorization data to the blockchain system for uplink certification. The security of the content authorization data can be ensured by encrypting the content authorization data and then storing the content authorization data in a uplink manner.
In one example, in step S106, the content authorization management device signs the content authorization data before sending the content authorization data to the blockchain system for uplink certification. That is, the content authorization management device signs the content authorization data using the digital certificate of the content authorization management device, and then sends the content authorization data to the blockchain system for uplink certification. And the blockchain system performs signature verification on the content authorization data sent by the content authorization management equipment after receiving the content authorization data, and performs uplink certification under the condition that the verification is passed.
In one example, in step S106, the content authorization management device encrypts the content authorization data, signs the encrypted content authorization data, and sends the signed content authorization data to the blockchain system for uplink certification before sending the content authorization data to the blockchain system for uplink certification. For example, the content authorization management device encrypts the content authorization data by using a hash algorithm, signs the encrypted content authorization data by using a digital certificate of the content authorization management device, and then sends the signed content authorization data to the blockchain system for uplink certification. And the blockchain system performs signature verification on the content authorization data sent by the content authorization management equipment after receiving the content authorization data, and performs uplink certification under the condition that the verification is passed.
In one example, after step S106, the method may further include steps S108-S110. Step S108, after the content authorization data is sent to the blockchain system, the uplink certification result fed back by the blockchain system is received. Step S110, signing and storing the log information related to the uplink certification result. The content authorization management device receives the uplink certification result, records the certification log, marks a time stamp on the certification log and carries out digital signature, so that the credibility of the certification data is ensured, and the certification log is used for data audit when needed in the future.
In one example, the content authorization management device sends the content authorization data to the blockchain system for uplink certification according to the preset uplink parameters. The content authority management device is provided with a port for interfacing with an external blockchain system, and the content authority management device can be configured with uplink parameters. The uplink parameters may be used to define single data uplink or packed data uplink, real-time uplink or timing uplink, timing uplink time, etc. The single data uplink is that each piece of content authorized data is independently uplink, and the package data uplink is that a plurality of pieces of content authorized data are packaged and uplink together. The real-time uplink is to uplink the content authorization data in real time after the content authorization is completed. The content authorization data is regularly uplink, i.e. according to the agreed time. The content operation platform can negotiate with the content producer and the blockchain party to determine the uplink parameters and is configured in the content authorization management device.
According to the content authorization method with the trusted certificate mechanism, the content authorization management device receives the content authorization request of the client, issues the content authorization permission to the client in response to the content authorization request, and sends the content authorization permission or authorization record information in the content authorization permission to the blockchain system for uplink certificate storage, so that multiparty mutual trust of content authorization data can be realized, and the trusted degree of content playing data can be enhanced.
Referring to fig. 4, an embodiment of the present disclosure provides a content authorization management device with a trusted forensic mechanism, which is pre-configured with an authorization processing module and a forensic processing engine.
The authorization processing module and the certification processing engine can be software modules or chip modules. The authorization processing module and the certification processing engine are both deployed in a safe and trusted execution environment, all the processing such as data verification, format processing, data signing and the like are executed in the safe environment, and can be automatically executed according to set parameters, the data cannot be tampered, and the data processing accords with the relevant requirements of electronic digital compliance. That is, the authorization processing module and the forensic processing engine are both trusted modules.
And the authorization processing module is used for receiving the content authorization request of the client, issuing the content authorization permission to the client in response to the content authorization request and sending the content authorization data to the certification processing engine.
In one example, the authorization processing module may be a DRM server. The content authorization data includes a content authorization license or authorization record information in the content authorization license. In one example, the content authorization data further includes a content authorization request. The content authorization request includes a user identifier, a content identifier, and further may further include a terminal identifier. The content authorization license includes the content identifier, the content key, the rights description, and further may further include information such as a user identifier, a terminal certificate, and the like. The authorization record information in the content authorization license comprises a content identifier and a rights description, and further can also comprise a user identifier and a terminal identifier.
And the certification processing engine is used for sending the content authorization data to the blockchain system for uplink certification.
In one example, a port of the content authorization management device that interacts with an external blockchain system is available for the forensic processing engine to output the stored content authorization data to the blockchain system. In one example, the content authority management device and the blockchain system may establish mutual trust between the two parties in a digital certificate manner, and then the blockchain system may add a port of the content authority management device to a white list, allowing the content authority management device to perform uplink certification through the port.
That is, the authorization processing module is mainly responsible for receiving the content authorization data request of the terminal, generating a content authorization response, and synchronizing the content authorization data request and the related data of the content authorization response to the certification processing engine. The certification processing engine is mainly responsible for carrying out related certification processing on the content authorization data according to the trusted certification requirement.
In one example, the authorization processing module is further configured to sign the content authorization data using a digital certificate of the authorization processing module and then send the content authorization data to the certification processing engine. The certification processing engine is also used for carrying out signature verification on the content authorization data received from the authorization processing module so as to determine the authenticity and the integrity of the content authorization data, and the content authorization data is sent to the blockchain system for uplink certification under the condition that the verification is passed.
In one example, the forensic processing engine is further configured to encrypt the content authorization data prior to sending the content authorization data to the blockchain system for uplink forensic processing. For example, the certification processing engine encrypts the content authorization data by using a hash algorithm, and sends the encrypted content authorization data to the blockchain system for uplink certification. The security of the content authorization data can be ensured by encrypting the content authorization data and then storing the content authorization data in a uplink manner.
In one example, after the license storage processing engine receives the content authorization data, the content authorization data is preprocessed, for example, after privacy protection processing and encryption processing are performed on the content authorization data, formatting processing is performed according to the data requirement of the uplink license storage port, and then the content authorization data is sent to the blockchain system for uplink license storage.
In one example, the forensic processing engine is further configured to sign the content authorization data using a digital certificate of the forensic processing engine to protect the authenticity and integrity of the content authorization data prior to sending the content authorization data to the blockchain system for uplink forensic purposes. And the blockchain system performs signature verification on the content authorization data sent by the certification processing engine after receiving the content authorization data, and performs uplink certification under the condition that verification passes.
In one example, the authorization processing module is further configured to sign the content authorization data using a digital certificate of the authorization processing module and then send the content authorization data to the certification processing engine. The certification processing engine is also used for carrying out signature verification on the content authorization data received from the authorization processing module so as to determine the authenticity and the integrity of the content authorization data, carrying out encryption processing on the content authorization data under the condition that verification is passed, signing the encrypted content authorization data by using a digital certificate of the certification processing engine, and sending the signed content authorization data to the blockchain system for uplink certification. And the blockchain system performs signature verification on the content authorization data sent by the certification processing engine after receiving the content authorization data, and performs uplink certification under the condition that verification passes.
In one example, the forensic processing engine is further configured to receive a feedback of the uplink forensic result from the blockchain system after sending the content authorization data to the blockchain system. And signing and storing the log information related to the uplink certification result. In one example, the forensic processing engine receives the uplink forensic results, records the forensic log, time stamps the forensic log and digitally signs it to ensure the trustworthiness of the forensic data for data auditing when needed at a later time.
In one example, the certification processing engine is further configured to send the content authorization data to the blockchain system for uplink certification according to the preset uplink parameters. The content authority management device is provided with a port for interfacing with an external blockchain system, and the certification processing engine can be configured with uplink parameters. The uplink parameters may be used to define single data uplink or packed data uplink, real-time uplink or timing uplink, timing uplink time, etc. The single data uplink is that each piece of content authorized data is independently uplink, and the package data uplink is that a plurality of pieces of content authorized data are packaged and uplink together. The real-time uplink is to uplink the content authorization data in real time after the content authorization is completed. The content authorization data is regularly uplink, i.e. according to the agreed time. The content operation platform may negotiate with the content producer and the blockchain party to determine the uplink parameters and configure the uplink parameters in the certification processing engine.
According to the content authorization scheme with the trusted certificate mechanism, a certificate processing engine is added in the content authorization management device, an authorization processing module receives a content authorization request of a client, a content authorization license is issued to the client in response to the content authorization request, and the certificate processing engine sends the content authorization license or authorization record information in the content authorization license to a blockchain system for uplink certificate storage, so that the credibility of content playing data can be enhanced, multiparty mutual trust of the content authorization data can be realized, and the credibility of the content playing data is enhanced.
The content authorization management device with the trusted certificate mechanism provided by the embodiment of the disclosure realizes automatic trusted uplink certificate of data of terminal multicast authorization by adding a certificate processing engine in the existing copyright protection management system of the platform.
Referring to fig. 5, an embodiment of the present disclosure provides a content authorization management device with a trusted memory certificate mechanism, including a processor 810 and a processor 820, where the processor 820 stores instructions that, when executed by the processor 810, implement the content authorization method with a trusted memory certificate mechanism according to any one of the foregoing embodiments.
Embodiments of the present disclosure provide a computer-readable storage medium having instructions stored therein that when executed by a processor implement the content authorization method with trusted memory certification mechanism of any of the previous embodiments.
The present invention may be a system, method, and/or computer program product. The computer program product may include a computer readable storage medium having computer readable program instructions embodied thereon for causing a processor to implement aspects of the present invention.
The computer readable storage medium may be a tangible device that can hold and store instructions for use by an instruction execution device. The computer readable storage medium may be, for example, but not limited to, an electronic storage device, a magnetic storage device, an optical storage device, an electromagnetic storage device, a semiconductor storage device, or any suitable combination of the foregoing. More specific examples (a non-exhaustive list) of the computer-readable storage medium would include the following: portable computer disks, hard disks, random Access Memory (RAM), read-only memory (ROM), erasable programmable read-only memory (EPROM or flash memory), static Random Access Memory (SRAM), portable compact disk read-only memory (CD-ROM), digital Versatile Disks (DVD), memory sticks, floppy disks, mechanical coding devices, punch cards or in-groove structures such as punch cards or grooves having instructions stored thereon, and any suitable combination of the foregoing. Computer-readable storage media, as used herein, are not to be construed as transitory signals per se, such as radio waves or other freely propagating electromagnetic waves, electromagnetic waves propagating through waveguides or other transmission media (e.g., optical pulses through fiber optic cables), or electrical signals transmitted through wires.
The computer readable program instructions described herein may be downloaded from a computer readable storage medium to a respective computing/processing device or to an external computer or external storage device over a network, such as the internet, a local area network, a wide area network, and/or a wireless network. The network may include copper transmission cables, fiber optic transmissions, wireless transmissions, routers, firewalls, switches, gateway computers and/or edge content authorization management devices. The network interface card or network interface in each computing/processing device receives computer readable program instructions from the network and forwards the computer readable program instructions for storage in a computer readable storage medium in the respective computing/processing device.
Computer program instructions for carrying out operations of the present invention may be assembly instructions, instruction Set Architecture (ISA) instructions, machine-related instructions, microcode, firmware instructions, state setting data, or source or object code written in any combination of one or more programming languages, including an object oriented programming language such as SMALLTALK, C ++ or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The computer readable program instructions may be executed entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or content authorization management device. In the case of remote computers, the remote computer may be connected to the user computer through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computer (e.g., connected through the internet using an internet service provider). In some embodiments, aspects of the present invention are implemented by personalizing electronic circuitry, such as programmable logic circuitry, field Programmable Gate Arrays (FPGAs), or Programmable Logic Arrays (PLAs), with state information for computer readable program instructions, which can execute the computer readable program instructions.
Various aspects of the present invention are described herein with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each block of the flowchart illustrations and/or block diagrams, and combinations of blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer-readable program instructions.
These computer readable program instructions may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions/acts specified in the flowchart and/or block diagram block or blocks. These computer readable program instructions may also be stored in a computer readable storage medium that can direct a computer, programmable data processing apparatus, and/or other devices to function in a particular manner, such that the computer readable medium having the instructions stored therein includes an article of manufacture including instructions which implement the function/act specified in the flowchart and/or block diagram block or blocks.
The computer readable program instructions may also be loaded onto a computer, other programmable data processing apparatus, or other devices to cause a series of operational steps to be performed on the computer, other programmable apparatus or other devices to produce a computer implemented process such that the instructions which execute on the computer, other programmable apparatus or other devices implement the functions/acts specified in the flowchart and/or block diagram block or blocks.
The flowcharts and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of instructions, which comprises one or more executable instructions for implementing the specified logical function(s). In some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions. It is well known to those skilled in the art that implementation by hardware, implementation by software, and implementation by a combination of software and hardware are all equivalent.
The foregoing description of embodiments of the invention has been presented for purposes of illustration and description, and is not intended to be exhaustive or limited to the embodiments disclosed. Many modifications and variations will be apparent to those of ordinary skill in the art without departing from the scope and spirit of the various embodiments described. The terminology used herein was chosen in order to best explain the principles of the embodiments, the practical application, or the technical improvements in the marketplace, or to enable others of ordinary skill in the art to understand the embodiments disclosed herein. The scope of the invention is defined by the appended claims.
Claims (10)
1. A method of content authorization with trusted forensic mechanism, applied to a content authorization management device, the method comprising:
receiving a content authorization request of a client;
Responding to the content authorization request, and issuing a content authorization license to the client;
and sending the content authorization data to a blockchain system for uplink certification, wherein the content authorization data comprises the content authorization license or authorization record information in the content authorization license.
2. The method according to claim 1, wherein the method further comprises:
Performing signature verification on the content authorization data;
and under the condition that the verification is passed, the step of sending the content authorization data to the blockchain system for uplink certification is executed.
3. The method according to claim 1, wherein the method further comprises:
Before the content authorization data is sent to a blockchain system for uplink certification, the content authorization data is encrypted; and/or the number of the groups of groups,
The content authorization data is signed before being sent to the blockchain system for uplink certification.
4. The method according to claim 1, wherein the method further comprises:
After the content authorization data is sent to the blockchain system, receiving a uplink certification result fed back by the blockchain system;
And signing and storing the log information related to the uplink certification result.
5. A content authorization management device with a trusted memory certification mechanism, comprising a memory and a processor;
stored in the memory are instructions which, when executed by the processor, implement the method of any one of claims 1-4.
6. A content authorization management device with a trusted forensic mechanism, comprising an authorization processing module and a forensic processing engine;
The authorization processing module is used for receiving a content authorization request of a client and responding to the content authorization request to issue a content authorization license to the client; and sending content authorization data to the forensic processing engine; wherein the content authorization data includes the content authorization license or authorization record information in the content authorization license;
the certification processing engine is used for sending the content authorization data to the blockchain system for uplink certification.
7. The apparatus of claim 6, wherein the device comprises a plurality of sensors,
The authorization processing module is further used for signing the content authorization data and then sending the content authorization data to the certification processing engine;
The certification processing engine is also used for carrying out signature verification on the content authorization data received from the authorization processing module, and sending the content authorization data to the blockchain system for uplink certification under the condition that the verification is passed.
8. The apparatus of claim 6, wherein the device comprises a plurality of sensors,
The certification processing engine is further used for encrypting the content authorization data before the content authorization data is sent to the blockchain system for uplink certification; and/or the number of the groups of groups,
The certification processing engine is further configured to sign the content authorization data before sending the content authorization data to the blockchain system for uplink certification.
9. The apparatus of claim 6, wherein the device comprises a plurality of sensors,
The certification processing engine is further used for receiving an uplink certification result fed back by the blockchain system after the content authorization data is sent to the blockchain system; and signing and storing the log information related to the uplink certification result.
10. The device of any of claims 6-9, wherein the authorization processing module and the forensic processing engine are deployed in a trusted execution environment of the content authorization management device.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211323515.6A CN117951654A (en) | 2022-10-31 | 2022-10-31 | Content authorization method and content authorization management device with trusted memory certificate mechanism |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211323515.6A CN117951654A (en) | 2022-10-31 | 2022-10-31 | Content authorization method and content authorization management device with trusted memory certificate mechanism |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117951654A true CN117951654A (en) | 2024-04-30 |
Family
ID=90796880
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211323515.6A Pending CN117951654A (en) | 2022-10-31 | 2022-10-31 | Content authorization method and content authorization management device with trusted memory certificate mechanism |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117951654A (en) |
-
2022
- 2022-10-31 CN CN202211323515.6A patent/CN117951654A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102024127B (en) | Control platform, user terminal, distribution system and method of application software | |
| US9225520B2 (en) | System and method for deterministic generation of a common content encryption key on distinct encryption units | |
| US20080209231A1 (en) | Contents Encryption Method, System and Method for Providing Contents Through Network Using the Encryption Method | |
| CN103942470A (en) | Electronic audio-visual product copyright management method with source tracing function | |
| CN110636043A (en) | File authorization access method, device and system based on block chain | |
| MXPA04001292A (en) | Publishing digital content within a defined universe such as an organization in accordance with a digital rights management (drm) system. | |
| CN110611657A (en) | File stream processing method, device and system based on block chain | |
| CN115242379A (en) | System and method for distributed verification of online identity | |
| CN102281300A (en) | digital rights management license distribution method and system, server and terminal | |
| TW201524177A (en) | Authentication and authorization platform system and method with multiple communication channels | |
| US20140059341A1 (en) | Creating and accessing encrypted web based content in hybrid applications | |
| KR101377352B1 (en) | Digital rights management (drm) method and equipment in small and medium enterprise (sme) and method for providing drm service | |
| CN113378119B (en) | Software authorization method, device, equipment and storage medium | |
| Wang et al. | CS-DRM: a cloud-based SIM DRM scheme for mobile internet | |
| CN103136459A (en) | Copyright identification method and system for encrypted digital contents | |
| CN107306254B (en) | Digital copyright protection method and system based on double-layer encryption | |
| CN115065487B (en) | Privacy protection cloud computing method and cloud computing method for protecting financial privacy data | |
| EA035157B1 (en) | Digital rights management method for media content, drm client and serving end | |
| CN114780923A (en) | Electronic seal management and control method and system | |
| CN110737905B (en) | Data authorization method, data authorization device and computer storage medium | |
| US8745375B2 (en) | Handling of the usage of software in a disconnected computing environment | |
| KR101220180B1 (en) | Method and system of sharing digital contents applied DRM between apparatuses in theater | |
| CN112804563B (en) | Media file playing method and device and storage medium | |
| CN110602075A (en) | File stream processing method, device and system for encryption access control | |
| JP2008312064A (en) | Information processor and control method thereof, and computer program |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination |