CN1863046A - Key managing method of IPTV service platform digital copyright managing system - Google Patents
Key managing method of IPTV service platform digital copyright managing system Download PDFInfo
- Publication number
- CN1863046A CN1863046A CN 200510068791 CN200510068791A CN1863046A CN 1863046 A CN1863046 A CN 1863046A CN 200510068791 CN200510068791 CN 200510068791 CN 200510068791 A CN200510068791 A CN 200510068791A CN 1863046 A CN1863046 A CN 1863046A
- Authority
- CN
- China
- Prior art keywords
- key
- content
- user terminal
- time
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention relates to a digital copyright managing system key managing method that includes the following steps: the user terminal sending information key to server; the key server sending key object back to user terminal and taking decryption to the user terminal. The key object would gain information key after taking decrypt and the information key would be invalidation after a set time. The invention enhances safety.
Description
Technical field
The present invention relates to towards the system for numeral copyright management of extensive carrier class IPTV business platform, promptly in the content key administrative mechanism of IPTV system user terminal.
Background technology
Extensive carrier class IPTV business platform provides high-quality audio frequency and video service for the terminal use, and wins enough interests for content supplier and operator.For extensive carrier class IPTV business platform, fail safe and low cost, high-performance, high reliability, good demands such as manageability, network friendly and user friendly have status of equal importance.The security requirement of IPTV business platform: 1) have only the registered user could ask the service of charge audio frequency and video; 2) validated user can only use various audio frequency and video services in the extent of competence of regulation; 3) can resist the pirate audio-video frequency content of method that the assailant adopts numeral or simulation.The IPTV business platform relies on customer certification system to satisfy the demands 1, relies on the problem of piracy of MacroVision or CGMS/SCMS technique guarantee analog audio-video content.For the anti-piracy problem of the digital audio/video frequency content in demand 2 and the demand 3, the IPTV business platform needs the support of system for numeral copyright management (DRMS).
System for numeral copyright management is made of content production, key management and three subsystems of empowerment management.The content production subsystem is finished the content key of encryption, all encrypted contents of content by the key management subsystem maintenance.The empowerment management subsystem is divided into the authorization server of server end and two parts of authorization control device of client, wherein server end is determined user's authority and is generated right object, and client is used encrypted content according to right object control user according to the mode of authorization.
Right object has defined the service regeulations of media content.Right object is made up of right object itself and right attribute.Right object itself has defined the processing mode of user to content.According to the difference of processing mode, right object is divided into use, exchange and derives from.The attribute of right object is to use the user type of the cost of right, the number of times that uses right and time, use right respectively.The personal information that also comprises the user in the right object, so right object can only be organized use by specific user or user.The authorization control device is used to resolve right object, and the control user uses media content according to the rule of right object definition.
The granting of content key is relevant with mandate.In traditional IPTV business platform, media content and content key are grasped by operator, so content key is embedded in the right object.The authorization control device obtains right object, and uses content key according to the rule of right object definition.The appearance of content operator has brought new demand to system for numeral copyright management, and promptly media content is grasped by operator, and content key is grasped fundamentally to control media content by content supplier.Present system for numeral copyright management can not provide enough supports for the demand.In addition, right object is controlled and is updated in by end user's playback equipment and has big leak in the fail safe, because the assailant can adopt variety of way to attack behind closing device is stored in right object in the equipment, as the attribute of modification right object or obtain content key.
Because the deficiency that the vested in possession object is provided and employment mechanism exists, we have proposed a kind of simple key administrative mechanism of terminaloriented.Rely on this method, the IPTV user terminal no longer receives and uses right object, but determines the term of validity of content key in terminal by the temporal information that comprises in the key object.
Summary of the invention
Key management method according to system for numeral copyright management of the present invention, comprise: user terminal sends the content key application to key server, key server is to user terminal " return " key" object, key object is decrypted at user terminal, wherein key object obtains content key after deciphering, and this content key was through promptly losing efficacy after the scheduled time.
Preferably, aforementioned key object is to generate in key proxy (Key agent), and key proxy is calculated the key pot life and the difference of current time that defines in the right object, and content key and this difference are together encrypted with client public key.
Useful is, aforementioned key object obtains aforementioned content key and difference through deciphering, and content key was through promptly losing efficacy after the time of this difference.
Further preferably, the content key after the described deciphering is present in the memory headroom of user terminal.
According to another improvement project, in described key object, reserve 64, to increase the control mark position of server end.
Specifically, the present invention has following main feature:
1. support of the present invention separates right object with content key, right object exists only in the server end of IPTV system, and key object (comprising content key and temporal information) is given user terminal after being encrypted by client public key;
2. on user terminal, the content key after the deciphering exists only in the privately owned memory headroom of deciphering module, and will be abandoned after media content finishes or surpasses the term of validity;
3. the present invention reserves 64 in key object, so server end can increase new control mark position;
4. the present invention supports business such as LiveTV, VoD, Time Shift TV, PPV and TVoD.
Description of drawings
Fig. 1 has provided the flow chart that obtains of key object,
Fig. 2 has provided management and the use flow process of key object at user terminal, and
Fig. 3 has provided the example of key time queue.
Embodiment
Fig. 1 has provided the flow chart that obtains of key object.Subscriber equipment sends the content key application to EPGServer (Electronic Program Guides Server, electronic program guide server), comprises program ID, user ID, right object ID and client public key in the application; EPG Server is forwarded to USC (User Session Controller, user conversation controller) with request; USC forms the key solicitation message with the right object and the client public key of right object ID correspondence, and message is mail to Key Agent Mgnt (key proxy management); KeyAgent Mgnt is forwarded to Key Agent (key proxy) with the key solicitation message; If KeyAgent is cached with required key, then calculates the key pot life that defines in the right object and the difference (is unit with the second) of current time, and content key and difference are together encrypted with client public key; If Key Agent does not have the required content key of buffer memory, then apply for corresponding key to Key Server (key server); Key Agent generates key object in the back of returning that obtains Key Server; Key object returns subscriber equipment by Key Agent Mgnt, USC, EPG Server.
Fig. 2 has provided management and the use flow process of key object at user terminal.Controller (controller) obtains key object from Browser (browser); Controller utilizes RSAModule (RSA module) to obtain the content key and the term of validity thereof from key object, and gives Key Mgnt (key management) with it; Key Mgnt calculates the position of content key in key time queue Key TimeQueue (for example with reference to key time queue shown in Figure 3), and specific algorithm is as follows:
Key Mgnt obtains first list item of Key_Time_Queue, is defined as item.As long as the delta_time of item is smaller or equal to the deadline_time of key object, then the deadline_time of the key object deadline_time that equals key object deducts the deadline_time of item.If item is not last list item of Key_Time_Queue, then Key Mgnt gets next item, and repeats aforesaid operations.If the delta_time of item is greater than the deadline_time of key object, then the delta_time of the item delta_time that equals item deducts the deadline_time of key object.
The term of validity of content key is among the Key Time Queue, the deadline_time of all key objects between this key object and the current time (being Delta_Time) and; Key Mgnt counts down to the Delta_Time of Key_1, and equals key object to be abandoned in 0 o'clock at Delta_Time.All the elements key exists only in the internal memory.
The concrete form of the key object of Key Agent is as follows:
<?xml?version=″1.0″encoding=″utf-8″?>
<Key_Object>
<Version>1.0</Version>
<Right_ID>right_id_1</Right_ID>
<User_ID>user_id</User_ID>
<Content_ID>content_id</Content_ID>
<Status>0x01</Status>
<Markup>0x01</Markup>
<Key_Num>0x02</Key_Num>
<Key_Info>
<List>
<Encrypt_Algorithm>AES</Encrypt_Algorithm>
<Key_Length>0x80</Encrypt_Algorithm>
<Pub_Key_Algorithm>RSA</Pub_Key_Algorithm>
<Key>XXXX</Key>
</List>
<List>
<Encrypt_Algorithm>AES</Encrypt_Algorithm>
<Key_Length>0x80</Encrypt_Algorithm>
<Pub_Key_Algorithm>RSA</Pub_Key_Algorithm>
<Key_Value>XXXX</Key_Value>
</List>
</Key_Info>
<Deadline_Time>XXXX</Deadline_Time>
<Extend_Flag>XXXX</Extend_Flag>
</Key_object>
The attribute declaration of key object is as follows:
| Attribute | Describe | Data type |
| Version | The version number of key object | Int(32bits) |
| Right_ID | The right object sign | Int(80bits) |
| User_ID | User ID | Int(80bits) |
| Content_ID | Content identification (single program) | Int(32bits) |
| Package_ID | Content identification (one group of program) | Int(32bits) |
| Status | Whether be newly-generated License | Int(8bits) |
| Key_Num | Number of keys | Int(8bits) |
| Encrypt_Algori thm | Cryptographic algorithm | String |
| Key_Length | The length of content key | Int(8bits) |
| Key_Value | The value of content key | Int(128bits) |
| Deadline_Time | The key term of validity | Int(32bits) |
| Extend_Flag | The control mark position | Int(64bits) |
Claims (5)
1. the key management method of a system for numeral copyright management, comprise: user terminal sends the content key application to key server, key server is to user terminal " return " key" object, key object is decrypted at user terminal, it is characterized in that: key object obtains content key after deciphering, and this content key was through promptly losing efficacy after the scheduled time.
2. the key management method of system for numeral copyright management as claimed in claim 1, it is characterized in that: aforementioned key object is to generate in key proxy, key proxy is calculated the key pot life and the difference of current time that defines in the right object, and content key and this difference are together encrypted with client public key.
3. the key management method of system for numeral copyright management as claimed in claim 2 is characterized in that: aforementioned key object obtains aforementioned content key and difference through deciphering, and content key was through promptly losing efficacy after the time of this difference.
4. the key management method of system for numeral copyright management as claimed in claim 3, it is characterized in that: the content key after the described deciphering is present in the memory headroom of user terminal.
5. the key management method of system for numeral copyright management as claimed in claim 1 is characterized in that: reserve 64 in described key object, to increase the control mark position of server end.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200510068791 CN1863046A (en) | 2005-05-11 | 2005-05-11 | Key managing method of IPTV service platform digital copyright managing system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200510068791 CN1863046A (en) | 2005-05-11 | 2005-05-11 | Key managing method of IPTV service platform digital copyright managing system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN1863046A true CN1863046A (en) | 2006-11-15 |
Family
ID=37390381
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 200510068791 Pending CN1863046A (en) | 2005-05-11 | 2005-05-11 | Key managing method of IPTV service platform digital copyright managing system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1863046A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9358470B2 (en) | 2007-01-05 | 2016-06-07 | Microsoft Technology Licensing, Llc | Television viewing on gaming consoles |
-
2005
- 2005-05-11 CN CN 200510068791 patent/CN1863046A/en active Pending
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9358470B2 (en) | 2007-01-05 | 2016-06-07 | Microsoft Technology Licensing, Llc | Television viewing on gaming consoles |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7296154B2 (en) | Secure media path methods, systems, and architectures | |
| JP4500677B2 (en) | How to distribute digital content | |
| CN100442835C (en) | Digital copyright and digital watermark protecting method for video program | |
| US20130283051A1 (en) | Persistent License for Stored Content | |
| US20080065548A1 (en) | Method of Providing Conditional Access | |
| US20090044241A1 (en) | Broadcasting content protection/management system | |
| US8812852B2 (en) | Method and system for marking digital content | |
| CN1933393A (en) | Inter-entity coupling method, apparatus and system for content protection | |
| GB2417653A (en) | Multicast delivery of program information using session description messages | |
| CN104009838A (en) | Multimedia content piecewise encryption method | |
| US20230325473A1 (en) | Media authentication | |
| CN1801695A (en) | Digital copyright managing system and managing method for digital family network | |
| CN1744706A (en) | Method for protecting broadband video-audio broadcasting content | |
| CN103051638A (en) | Multimedia data encryption method and multimedia data encryption distributing system | |
| CN1863046A (en) | Key managing method of IPTV service platform digital copyright managing system | |
| Bloom | Digital cinema content security and the DCI | |
| CN1320797C (en) | A method for large-scale living broadcast of digital content | |
| KR20220036916A (en) | How to watermark a video fragment with 2 or more variants | |
| CN111314317A (en) | Digital content playback management system based on block chain | |
| WO2019068911A1 (en) | A method for delivering digital content to at least one client device | |
| CN1339893A (en) | Conditioned receiving system based on storage and its file authorizing, enciphering and deciphering method | |
| CN117241067B (en) | Video security retrieval method and system based on fingerprint watermark | |
| Nam et al. | Interlock system for DRM interoperability of streaming contents | |
| CN112016060A (en) | Digital encryption method applied to examination management | |
| Hwang et al. | Protection of MPEG‐2 Multicast Streaming in an IP Set‐Top Box Environment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Open date: 20061115 |