CN1893638A - Real-time identifying method of interaction type network television user - Google Patents
Real-time identifying method of interaction type network television user Download PDFInfo
- Publication number
- CN1893638A CN1893638A CN 200510046820 CN200510046820A CN1893638A CN 1893638 A CN1893638 A CN 1893638A CN 200510046820 CN200510046820 CN 200510046820 CN 200510046820 A CN200510046820 A CN 200510046820A CN 1893638 A CN1893638 A CN 1893638A
- Authority
- CN
- China
- Prior art keywords
- user
- authentication
- request
- server
- authorization
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
Abstract
The method includes authentication procedure of turning on TV set, and content service procedure. The authentication procedure of turning on TV set includes steps: building connection between electronic navigation guide server and authentication authorization charging server; network set-top box (STB) sends a request of authenticating device ID to the charging server; after authentication of device ID, STB sends a request of authorizing user to the charging server; the charging server sends response of authorizing user to carry out authorization; building connection between the charging server and video server; sending request of authorized playing to the charging server; content service procedure includes steps: STB sends out program request; after obtaining playing authorization, user sends request for playing content. The invention can carry out authentication in realtime. Authentication for both parties, and MD5 cryptographic algorithm are adopted to guarantee security of system.
Description
Technical field
The present invention relates to the IPTV technology, particularly relate to user's real-time authentication technology.
Background technology
Web TV (IPTV) be with the IP set-top box as main connection carrier, with TV as main display device, with remote controller as main input equipment, with broadband IP network as the main transmission medium transmission information content.IPTV is a kind of platform that obtains with exchange of the information content, and the directional flow of the information content by between service end and user side produces a lot of application, character image for example, audio frequency, the obtaining and exchanging of video and data.The standard that requires of IPTV and traditional online computing has bigger difference, both combined the content of computer realms such as IP technology, digital multimedia, combine the service request of the notion and the field of broadcast televisions of a lot of home appliances again, the transfer of data of IPTV and reception rely on IP network fully, therefore can realize the interaction between content and the user completely.Traditional online computing is based on keyboard and mouse, complicated operation, and the QoS quality requirement is low, looks audio frequency and occurs pausing in to a certain degree.
In IPTV, when service is provided to the user, need carry out authentication and authorization to the user, it mainly is the authority of wanting the legitimacy of identifying user identity and authorizing user capture respective service with legal identity, with the access rights of control user to the difference service, handle in real time customer charging information, by the time, by flow, by interior or charge by multiple modes such as monthly payments from streaming media server.
Therefore, need provide a kind of method of interaction type network television user real-time authentication, the user's real-time authentication that can unify to concentrate to various application.
Summary of the invention
The objective of the invention is to take into full account the shortcoming that the conventional flow media management system exists, develop IPTV steaming media platform of new generation system, to be applied as prerequisite, with the service is target, build the IPTV Streaming Media operation management platform of unified management and service, on this platform, realize to manage, can run, can expand, compatible broadband stream media system.
The invention provides a kind of authentication method that integrates authentication and authorization.
Authentication, mandate, accounting server (OSS AAA) according to OSS of the present invention, it is the authentication and accounting system that integrates authentication in conjunction with streaming medium content service market demand and future development trend proposition at present, employing has more the RADIUS Extended Protocol of fail safe, for the streaming medium content service provider provides comprehensive authentication solution, user's real-time authentication that system can unify to concentrate to various application.
This Verification System is the video-on-demand service that is used for issue charge on broadband network, makes the user can obtain streaming media service nearby; Simultaneity factor can be automatically according to user's the request and the distribution of pouplarity schedule programs in whole system of program, and the user is assigned to the most rational node according to the distribution of program, valuable storage resources is utilized greatly, make the user obtain better service simultaneously.
According to the user's real-time identifying method that the invention provides a kind of IPTV, comprise start verification process and content service process, wherein:
The start verification process comprises:
Set up being connected between electronic navigation guide server and the authentication and authorization charging server;
By network machine top box to this authentication and authorization charging server requesting service authentication;
After the equipment identities authentication, network machine top box sends user-authorization-request to this authentication and authorization charging server, sends the subscriber authorisation response by this authentication and authorization charging server and authorizes;
Set up the connection between this authentication and authorization charging server and the video server;
Send the play authorization request to this authentication and authorization charging server;
The content service process comprises:
Network machine top box sends program request;
After obtaining play authorization, send the play content request by the user.
User's real-time identifying method of IPTV of the present invention can carry out real-time authentication to the user, concurrent processing ability height, can be competent at real-time Large Volume Data Processing tasks, can organize the authentication logic as required arbitrarily, adopt security mechanisms such as mutual authentication, md5 encryption algorithm to guarantee the fail safe of system.
Description of drawings
Fig. 1 is IPTV logical network topology figure.
Fig. 2 is the live reciprocal process schematic diagram of IPTV.
Fig. 3 is an IPTV program request reciprocal process schematic diagram.
Embodiment
The authentication of system mainly is the identification to user identity, the identification of user identity is adopted the mode of username and password; When the user opened an account, username and password was recorded in the IC-card, and was recorded in simultaneously in the aaa server, and IC-card is inserted among the IP-STB (set-top box), and IP-STB therefrom reads for information about, comprised the address of AAA (authentication, mandate, charging) server.When the user opened IP-STB, when perhaps IC-card being inserted IP-STB, system used challenge handshake authentication protocol (CHAP) to authenticate, and key can not reappear historical requests not in transmission over networks, and level security is better.
When the user asks media play or other service, need further carry out authorization check, need order earlier just and can watch as some direct broadcast band, the IC-card user need check whether abundance etc. of the surplus amount of money that prestores in the card.After IP-STB sent to EPG (electronic program guides) server or web portal website (Portal) with request, EPG server or web portal website were earlier to aaa server request authorization check; After mandate is passed through, EPG server or web portal website can produce unique resource identification that a random number is authorized as this request, client with this unique resource identification as authorization code to streaming media server request media play, streaming media server is by coming verification client's request to EPG server or web portal site requests, this unique resource identification also lost efficacy immediately, perhaps expire and cease to be in force automatically, can effectively guarantee the legitimacy that the user asks like this, prevent that the disabled user is by obtaining resource address or repeating historical requests and usurp resource.
Put server when Streaming Media and provide when service for the user, the media play server sends a charging start information to aaa server; Provide when service when the streaming media playing server ends up being the user, send a charging ending message to aaa server; Aaa server carries out expense calculating according to these information and charging policy.
The EPG server is verified the authorization requests user by this challenge word and User IP, and primary mandate challenge (ChallengePWD) is returned by set-top box authorization response (STB_AUTH_RESP) message, and later challenge is all newly-generated by EPG.
Fig. 1 represents the logical network topology of IPTV.Streaming media server is connected with the IP-STB and the webserver (Web server) respectively by network (for example WAN/LAN), and is connected with database with aaa server, and this database also is connected with this webserver.Aaa server is connected to billing database and network.
Below in conjunction with Fig. 2 with 3 concrete narration IPTVs are live and the authentication reciprocal process of program request.
Fig. 2 is the live reciprocal process schematic diagram of IPTV.Referring to Fig. 2, between aaa server and the EPG server, between IP-STB and the EPG server and the reciprocal process between aaa server and the video server as follows:
The verification process of at first starting shooting.After user's start, initialization EPG server.The EPG server sends connecting request to aaa server, and aaa server is confirmed that the back beams back for this EPG server to connect and responded and connect.IP-STB at first sends " ID authentication request " (a stb ID authentication request) to EPG, the EPG server is transmitted to aaa server as transparent network with this request, after aaa server is identified the identity of IP-STB, produce a challenge (ChallengePWD) (character string that generates at random), and ChallengePWD returned to EPG, EPG should respond (authentication response) again and be transmitted to IP-STB; IP-STB sends " user-authorization-request " (a stb authorization requests) to the EPG server subsequently, and " user-authorization-request " information comprises subscriber card number, authentication ciphertext (utilizing the user key+challenge of md5 encryption), traffic identification sign indicating number.The EPG server is transmitted to aaa server with this request, aaa server carries out Certificate Authority according to these information to the user, then authorization message " stb authorization response " information is returned to the EPG server, the EPG server is transmitted to IP-STB with this authorization message (subscriber authorisation response) again.After the EPG server obtained this checking result, the result resolved to this checking, if passed through checking, the EPG server will generate user's data (Profile) according to the information of this card user, comprise EPG information and user's private configuration information.Reorganization authentication is responded bag user's data information is added on the bag the inside, and adds to during user conversation tabulates for this user generates a user conversation (Session), is used for the connection of leading subscriber and the request content of preserving each user.Should recombinate simultaneously to wrap sends back to the IP-STB client again, and IP-STB extracts the user from user's data broadcasting channel information plays to the user, and with user's information document terminate-and-stay-resident.If the EPG server does not have this user's any private configuration information in the database when generating user's data, then be responsible for user's essential information (user name, state etc. are undetermined) is added database by the EPG server, and, this user is empty subscriber data for generating a content, and the content that resides in the electronic program information tabulation in the internal memory added in user's the data, form the XML form and send to IP-STB.After IP-STB is authorized, send connecting request to aaa server, after aaa server is received this request of connecting, beaming back the response that connects to this video server and connect by this video server.IP-STB finishes and being connected of aaa server subsequently.
After the start authentication is passed through, just enter the content service process, this process can repeat, the start verification process of need not going further.
When the user serves by IP-STB access stream medium living broadcast, as watch live telecast, IP-STB at first issues the EPG server with " program request " (service requesting information), and the EPG server is initiated the play authorization request to aaa server.Aaa server carries out play authorization to this program request, then play authorization result (play authorization response) is returned to the EPG server.The EPG server is confirmed and can be initiated the playing programs request to video server after the user provides service.Video server is user's transmission " play content " after receiving the playing programs request.
When the user did not need the video frequency program service, aaa server sends removed connection request to the EPG server, and the EPG server is beamed back the dismounting connection response, disconnects the connection between them then.This video server sends to aaa server and removes connection request, and aaa server is beamed back the dismounting connection response to this video server, disconnects then connecting.
Fig. 3 represents IPTV program request reciprocal process schematic diagram.After user's start, carry out the start verification process identical with Fig. 2.At first set up being connected between EPG server and the aaa server.When IP-STB starts shooting, IP-STB at first sends one " ID authentication request " to EPG, EPG is transmitted to aaa server with this request, after aaa server is identified the identity of IP-STB, produce a challenge (ChallengePWD) (character string that generates at random), and ChallengePWD returned to the EPG server, the EPG server should respond (authentication response) again and be transmitted to IP-STB.IP-STB sends one " user-authorization-request " to the EPG server subsequently, " user-authorization-request " information comprises subscriber card number, authentication ciphertext (utilizing the user key+challenge of md5 encryption), traffic identification sign indicating number, the EPG server is transmitted to aaa server with this request, AAA authorizes the user according to these information, authorization message is returned to the EPG server, and the EPG server is transmitted to IP-STB with this authorization message (subscriber authorisation response) again.
After the start authentication is passed through, just enter the content service process, this process can repeat, and need not to carry out the start verification process again.
When the user served by IP-STB access stream media-on-demand, as film of program request, IP-STB at first issued Web server with " program request " (service requesting information), and Web server is transmitted to video server with this request.After video server is received " program request ", initiate " play authorization request " to aaa server.Aaa server carries out play authorization to this program request, then play authorization result (play authorization response) is returned to video server.Video server is confirmed can be after the user provides service, for the user provides " play content ".When the user asks the play authorization of program browsing, IP-STB will generate the EPG operation interface according to EPG information and user-selected interface scheme, the user can select classification further to browse programme information by the mode step at this interface, in the process of browsing, if the user finds a film of oneself liking or program, sending the play content request by video server to IP-STB play-overs, be this film of program request or program, IP-STB just sends to the EPG server with this user's information and broadcast keyword, the EPG server according to these information to aaa server request mandate, after authorized, the EPG server sends to the broadcast address that content distribution (CDN) server requests CDN server returns a shortest path with the keyword of this film or program, return to IP-STB then and play in good time, the EPG server is recorded in this playing request user's session the inside simultaneously.If user's request is a trusteeship service, EPG then is responsible for opening the portal page of this SP operator, if this user is in navigation process, add the private collection of channel to oneself, the user has sent the request of adding, and IP-STB adds this channel last of self-defined tabulation the inside, there to automatically, and IP-STB will revise user's collection table of comparisons simultaneously, and change sent to the EPG server, the EPG server is preserved and is changed user conversation.Be called the prompting program if the user can also add the program of certain period when browsing programme televised live, IP-STB will be responsible for adding the data of this information to the user, submits to the EPG server to preserve.During user's request program, at first send " program request " to the WEB server by IP-STB, the WEB server is transmitted user's program request according to the address that the CDN server returns to video server, video server sends " play authorization request information; aaa server sends " play authorization response " message by the checking back to video server, and video server provides request program or refuses this order request to the user according to the aaa server authorization conditions to aaa server after receiving program request.
After content play was finished, video server was initiated " request of chargeing " to aaa server.Aaa server returns the affirmation bag that charges (the request response of chargeing) and confirms.Then aaa server sends and removes connection request to the EPG server, and the EPG server is beamed back the dismounting connection response, disconnects the connection between them then.Video server sends " dismounting connection request " to aaa server, and aaa server returns " dismounting connection response " and removes to video server and connects.
Aaa server has improved the concurrent processing ability of system greatly by technology such as Buffer Pool, thread pool, algorithm optimizations, can be competent at real-time Large Volume Data Processing tasks.The fault tolerance of aaa server has increased the fail safe and the reliability of system.Aaa server provides detailed running log, is easy to fix a breakdown, and has increased the maintainability of system.Aaa server has higher real-time, stability, reliability, extensibility, maintainability, fail safe, is the good selection of streaming medium content service provider.Aaa server can be developed the functional module and the interface of customization according to user's concrete business demand.
The embodiment that narrates the real-time identifying method of interaction type network television user of the present invention above in conjunction with the accompanying drawings particularly is illustrative, rather than determinate.Under the situation that does not break away from the spirit and scope of the present invention, those of ordinary skill in the art can carry out various modifications, change and alternative according to the foregoing description.
Claims (7)
1. user's real-time identifying method of an IPTV comprises start verification process and content service process, wherein:
The start verification process comprises:
Set up being connected between electronic navigation guide server and the authentication and authorization charging server;
By network machine top box to this authentication and authorization charging server requesting service authentication;
After the equipment identities authentication, network machine top box sends user-authorization-request to this authentication and authorization charging server, sends the subscriber authorisation response by this authentication and authorization charging server and authorizes;
Set up the connection between this authentication and authorization charging server and the video server;
Send the play authorization request to this authentication and authorization charging server;
The content service process comprises:
Network machine top box sends program request;
After obtaining play authorization, send the play content request by the user.
2. according to user's real-time identifying method of the IPTV of claim 1, the step of wherein said equipment identities authentication comprises the authentication ciphertext that authentication and authorization charging server produces a challenge conduct and IP-STB carries out coded communication, and this authentication ciphertext adopts md5 encryption to obtain by random number and user cipher.
3. according to user's real-time identifying method of the IPTV of claim 1, the step of wherein said transmission user-authorization-request comprises and sends user's card number, authentication ciphertext, traffic identification sign indicating number.
4. according to user's real-time identifying method of the IPTV of claim 1, wherein the step of being authorized by this authentication and authorization charging server transmission subscriber authorisation response comprises the data that generates the user according to the information of this card user, the programme information that the user orders, the charge information of program.
5. according to user's real-time identifying method of the IPTV of claim 1, wherein content service process can repeat repeatedly.
6. according to user's real-time identifying method of the IPTV of any claim of claim 1-5, wherein also comprise:
After the checking of having passed through the play content request, IP-STB extracts the user from user's data broadcasting channel information plays to the user.
7. according to user's real-time identifying method of the IPTV of any claim of claim 1-5, wherein also comprise step:
After the checking of having passed through the play content request, the user asks the play authorization of program browsing;
Send the request program request by video server to IP-STB and play-over program;
After authorized, IP-STB plays this program in good time.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200510046820 CN1893638A (en) | 2005-07-07 | 2005-07-07 | Real-time identifying method of interaction type network television user |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200510046820 CN1893638A (en) | 2005-07-07 | 2005-07-07 | Real-time identifying method of interaction type network television user |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN1893638A true CN1893638A (en) | 2007-01-10 |
Family
ID=37598075
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 200510046820 Pending CN1893638A (en) | 2005-07-07 | 2005-07-07 | Real-time identifying method of interaction type network television user |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1893638A (en) |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101489097A (en) * | 2009-01-19 | 2009-07-22 | 深圳市同洲电子股份有限公司 | Digital television management system and method |
| WO2010075759A1 (en) * | 2008-12-31 | 2010-07-08 | 深圳市同洲电子股份有限公司 | Method and system of turning on and presenting of digital television |
| CN101102476B (en) * | 2007-08-08 | 2010-12-08 | Ut斯达康通讯有限公司 | A method for identifying media asset objects |
| CN101534433B (en) * | 2009-04-22 | 2011-06-22 | 北京航空航天大学 | Streaming media encryption method |
| WO2011088651A1 (en) * | 2010-01-21 | 2011-07-28 | 中兴通讯股份有限公司 | Internet protocol television system and implementation method thereof |
| CN102413369A (en) * | 2011-11-14 | 2012-04-11 | 深圳市同洲电子股份有限公司 | On-demand method and on-demand system of digital television time-shifting programs |
| CN101668017B (en) * | 2009-09-16 | 2012-09-26 | 杭州华三通信技术有限公司 | Authentication method and equipment |
| CN103442256A (en) * | 2013-08-30 | 2013-12-11 | Tcl集团股份有限公司 | Electronic program menu implementation method and system based on HTML5 |
| CN103731686B (en) * | 2013-12-20 | 2017-03-15 | 深圳市九洲电器有限公司 | A kind of method of operating of bookmark, device and Set Top Box |
| CN102223567B (en) * | 2011-06-24 | 2017-10-17 | 中兴通讯股份有限公司 | A kind of remote medical service system and method |
| CN110324725A (en) * | 2019-07-03 | 2019-10-11 | 福建广电网络集团股份有限公司 | A kind of interactive television platform agreement transferring system |
| CN111225247A (en) * | 2019-12-23 | 2020-06-02 | 安徽海豚新媒体产业发展有限公司 | User authentication method and system for IPTV integrated broadcast control platform system |
-
2005
- 2005-07-07 CN CN 200510046820 patent/CN1893638A/en active Pending
Cited By (18)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101102476B (en) * | 2007-08-08 | 2010-12-08 | Ut斯达康通讯有限公司 | A method for identifying media asset objects |
| WO2010075759A1 (en) * | 2008-12-31 | 2010-07-08 | 深圳市同洲电子股份有限公司 | Method and system of turning on and presenting of digital television |
| WO2010081376A1 (en) * | 2009-01-19 | 2010-07-22 | 深圳市同洲电子股份有限公司 | Digital television management system and method |
| CN101489097B (en) * | 2009-01-19 | 2014-04-30 | 深圳市龙视传媒有限公司 | Digital television management system and method |
| CN101489097A (en) * | 2009-01-19 | 2009-07-22 | 深圳市同洲电子股份有限公司 | Digital television management system and method |
| CN101534433B (en) * | 2009-04-22 | 2011-06-22 | 北京航空航天大学 | Streaming media encryption method |
| CN101668017B (en) * | 2009-09-16 | 2012-09-26 | 杭州华三通信技术有限公司 | Authentication method and equipment |
| CN101800883B (en) * | 2010-01-21 | 2013-08-07 | 中兴通讯股份有限公司 | Internet protocol television system and realizing method thereof based on wireless data card |
| WO2011088651A1 (en) * | 2010-01-21 | 2011-07-28 | 中兴通讯股份有限公司 | Internet protocol television system and implementation method thereof |
| US9084027B2 (en) | 2010-01-21 | 2015-07-14 | Zte Corporation | Internet protocol television system and implementation method thereof |
| CN102223567B (en) * | 2011-06-24 | 2017-10-17 | 中兴通讯股份有限公司 | A kind of remote medical service system and method |
| CN102413369A (en) * | 2011-11-14 | 2012-04-11 | 深圳市同洲电子股份有限公司 | On-demand method and on-demand system of digital television time-shifting programs |
| CN102413369B (en) * | 2011-11-14 | 2014-12-10 | 深圳市龙视传媒有限公司 | On-demand method and on-demand system of digital television time-shifting programs |
| CN103442256A (en) * | 2013-08-30 | 2013-12-11 | Tcl集团股份有限公司 | Electronic program menu implementation method and system based on HTML5 |
| CN103442256B (en) * | 2013-08-30 | 2017-08-04 | Tcl集团股份有限公司 | A kind of method and system that electric program menu is realized based on HTML5 |
| CN103731686B (en) * | 2013-12-20 | 2017-03-15 | 深圳市九洲电器有限公司 | A kind of method of operating of bookmark, device and Set Top Box |
| CN110324725A (en) * | 2019-07-03 | 2019-10-11 | 福建广电网络集团股份有限公司 | A kind of interactive television platform agreement transferring system |
| CN111225247A (en) * | 2019-12-23 | 2020-06-02 | 安徽海豚新媒体产业发展有限公司 | User authentication method and system for IPTV integrated broadcast control platform system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN1893638A (en) | Real-time identifying method of interaction type network television user | |
| US20210168183A1 (en) | Public/private communications paths | |
| KR101512321B1 (en) | / Method and apparatus for providing/receiving service of plurality of service providers | |
| US20090180614A1 (en) | Content protection of internet protocol (ip)-based television and video content delivered over an ip multimedia subsystem (ims)-based network | |
| CA2488844C (en) | Access control and key management system for streaming media | |
| CA2516966C (en) | Redirection of streaming content | |
| EP1788773A1 (en) | Method and apparatuses to request delivery of a media asset and to establish a token in advance | |
| US8555057B2 (en) | System and method for securing a network | |
| CN1845578A (en) | Flush type system and method of IP set-top box | |
| CN101459826B (en) | Copyright protection method for video play-on-demand system | |
| US8813115B2 (en) | Service access method, device, and system | |
| WO2005076531A1 (en) | Multimedia information on demand system and the method thereof | |
| CN101521577A (en) | Method, system and home gateway for authentication voucher uniform management based on home gateway | |
| WO2008037581A1 (en) | Method for single sign-on when using a set-top box | |
| US20120240148A1 (en) | IPTV System and Implementation Method for Relieving Binding Between an EPG and a Multimedia Node | |
| CN112165596A (en) | Monitoring video data transmission method and device, terminal equipment and storage medium | |
| CN105828174A (en) | Media content sharing method and media content sharing device | |
| CN101945102A (en) | Method, server and system for authenticating IPTV (intelligent personal television) user validation based on IMS (IP Multimedia Subsystem) | |
| CN101159849B (en) | Living broadcast method for interactive network television system | |
| CN101374225A (en) | Time-shifting method for interactive network television system | |
| CN101115188B (en) | Living broadcast method for interactive network television system | |
| CN102497269B (en) | A kind of bill method for authenticating and system | |
| WO2007137500A1 (en) | Public video system and implementation method | |
| CN1851776A (en) | Network television broad band business terminal system and method for providing broad band business | |
| CN102510526A (en) | Stream media service system based on distributed cluster file system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |