KR20160112578A - And image content using a multi-network mesh network real-time transmission / content protection apparatus and method - Google Patents

And image content using a multi-network mesh network real-time transmission / content protection apparatus and method Download PDF

Info

Publication number
KR20160112578A
KR20160112578A KR1020150038564A KR20150038564A KR20160112578A KR 20160112578 A KR20160112578 A KR 20160112578A KR 1020150038564 A KR1020150038564 A KR 1020150038564A KR 20150038564 A KR20150038564 A KR 20150038564A KR 20160112578 A KR20160112578 A KR 20160112578A
Authority
KR
South Korea
Prior art keywords
content
network
key
contents
transmission
Prior art date
Application number
KR1020150038564A
Other languages
Korean (ko)
Inventor
서원석
Original Assignee
주식회사 스마트구루
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 주식회사 스마트구루 filed Critical 주식회사 스마트구루
Priority to KR1020150038564A priority Critical patent/KR20160112578A/en
Publication of KR20160112578A publication Critical patent/KR20160112578A/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/60Network streaming of media packets
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • H04L41/0823Configuration setting characterised by the purposes of a change of settings, e.g. optimising configuration for enhancing reliability
    • H04L41/0826Configuration setting characterised by the purposes of a change of settings, e.g. optimising configuration for enhancing reliability for reduction of network costs
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/40Support for services or applications
    • H04L65/403Arrangements for multi-party communication, e.g. for conferences
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Multimedia (AREA)
  • Computer Security & Cryptography (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)

Abstract

HLS, and DASH, it is possible to realize high-efficiency network transmission through multi-network configuration between nodes in a smooth stream type content transmission method in a unit of HTTP based file, and to realize a high- A video content networking system capable of supplying content; And a unit for encrypting contents using a separate encryption key for a unit content file such as an HLS segment or a DASH chunk and supplying a key for decryption, a key issuing method using a double security key, Even if the encryption key is leaked, a content protection device that can be used only by the device is implemented.

Description

[0001] The present invention relates to an apparatus and method for real-time transmission / content protection of video contents using a multi-network and a network,

The present invention relates to an apparatus and method for real-time transmission / content protection of video contents using multiple networks and a network, and more particularly, to an HLS (Dynamic Live Streaming) / DASH (Dynamic Adaptive Streaming over HTTP) A method for real-time transmission / content protection of video contents using multiple network and mesh network for transmitting contents with technology and divided transmission networking and grid network transmission technology and preventing content leakage by AES encryption technology and key management method will be.

As the spread of multimedia contents spreads, it becomes an important part for transmission of contents through a network. In the streaming type transmission, the file unit transmission method of the progressive download type such as HLS and DASH is spreading due to the simplicity of the structure and the ease and compatibility of the server configuration.

HLS is a method that divides streaming data into segment files of MPEG-2 Transport stream type, transmits through HTTP protocol, and transmits information of segment file of m3u8 type to player in the manner established by Apple USA. Compared to the existing RTSP (Real-Time Streaming Protocol) method, the player does not control the play and data transfer in the server that provides the content. Instead, the player obtains information about each segment and downloads it through HTTP It has the structural simplicity of being able to simply configure each client as long as it can support HTTP. DASH is a method jointly established by MPEG (Moving Picture Expert Group) and ISO (ISO / IEC 23009-1). It is an adaptive streaming method using HTTP like HLS. Supports two types of files: MP4 (ISO Base Media File Format) and MPEG-2 Transport Stream. A stream information file called an MPD (xml format) Provide information.

Although both methods are different from each other, they are commonly networked in Smooth streaming (streaming formatted data segment or chunk) method, and Adaptive streaming (quality of content according to QoS of network - amount of data per hour) Select content to dynamically change).

On the other hand, a conventional technique for digital cinema content processing is disclosed in Patent Document 1 below.

The prior art disclosed in Patent Document 1 includes a content analyzing unit for extracting cryptographic keys and content data of received cinema content, media information to be converted, and information about cinema content, a decryption unit for decrypting content data based on a cryptographic key, A media generating unit for generating distributable media content by converting the decrypted content data based on the media information to be converted, and an authority information processor for generating package media content by combining the authority information and the distributable media content, Digital Cinema content is processed so that it can be redistributed at home.

Korean Patent Publication No. 10-2011-0071748 (published on June 29, 2011)

However, it is difficult to transmit movie contents or video data of UHD image quality in real time in the Internet environment, and it is disadvantageous in that it takes a lot of cost to operate a high capacity network line.

In many cases, high-quality video data such as movie contents or UHD-quality video has a capacity such that the amount of data per unit time can not be transmitted in real-time in a general Internet environment. For example, in the case of a UHD image, if a 30 Mbps image is to be served in real time, if the network speed of the client side is about 16 Mbps, it may be difficult to transmit in real time. In addition, in the case of distributing content in a centralized manner, a high-capacity network line is required to secure a server network, and it is costly to configure and operate a CDN (Contents Distribution Network).

In addition, HLS and DASH have the characteristic that original copy can be leaked in case of copyright protection of contents. In order to compensate for this, HLS applies encryption using AES, but if the encryption key is leaked, It becomes a situation that can not be done.

In the present invention, a technique for solving the problem of the transmission speed and the content protection related to the transmission of the above-mentioned video contents will be described.

In order to achieve the above object, the present invention provides a real-time video streaming system capable of real-time video production, and a client transmitting content, which can form multiple networks, A network management system that can configure a network and configure its transmission policy, a playback system that can play content and receive it, use HTTPS technology for content protection, and issue a split encryption key transmission, And a content protection system capable of performing a content protection function. In addition, multimedia data transmission between a plurality of nodes generated in a streaming system is characterized in that a divided network transmission scheme and a mesh network transmission scheme are adopted.

The method of transmitting, receiving, and reproducing in the reproduction system in the content creation includes: (a) acquiring information of the reproduction system and registering the information in the content protection system; (b) requesting the content protection system to receive the content rights to play the content in the content playback system and determining whether to acquire rights to the content rights; (c) compressing and encoding the image, issuing an encryption key for the content, and encrypting and distributing the content; (d) receiving the content; (e) decrypting the received content to generate a reproducible content.

The step (a) may include: (a1) receiving, by the playback system, an authorized certificate for the content protection system from an authorized certification authority; (a2) checking the validity of the public key certificate received in the reproducing system; (a3) collecting system information of the reproduction system; (a5) encrypting information of the reproduction system using the certificate; (a6) transmitting the encrypted data to the content protection system; (a7) extracting information of the encrypted reproduction system using the public certificate; (a9) acquiring approval of a system administrator for system registration; (a8) registering system information in a database and issuing an ID; (a9) transmitting the issued ID to the reproducing system.

Wherein (b) comprises: (b1) obtaining information of the reproduction system; (b2) generating an encryption key based on the system information; (b3) encrypting the system information using the generated encryption key; (b4) transmitting the encrypted information and the system ID; (b5) obtaining system information according to a playback system in the content protection system; (b6) generating a public key using system information according to the transmitted reproduction system; (b7) extracting system information from the received encrypted data using the generated encryption key; (b8) comparing extracted system information with system information obtained from a DB; (b9) determining authorization and denial of authority according to the result of the comparison; (b10) determining whether the rights acquisition and rejection transmitted from the content protection system are authorized; (b11) starting to receive the content according to whether the authority is acquired or to terminate the system.

(C) compressing and encoding an image, issuing an encryption key for the content, and encrypting and distributing the content, the method comprising the steps of: (c1) receiving a real-time uncompressed image generated by a device such as a camera; (c2) encoding and compressing the image; (c3) generating unit contents such as segments and chunks; (c4) requesting a content encryption key with the content protection system; (c5) generating an encryption key for the unit content; (c6) storing information of the unit contents and an encryption key; (c6) transmitting the encryption key to the playback system; (c7) receiving an encryption key in the streaming system; (c8) encrypting the content based on the received encryption key; (c9) distributing the content.

(D) receiving the content includes: (d1) classifying the network layer and setting a network policy for dividing and transmitting the content; (d2) transmitting from the first streaming system to the first lower node according to the set network policy; (d3) repeatedly retransmitting the content to the lower network node and the neighbor node through the established network policy after the first reception is completed; (d4) correcting / correcting the policy by applying the measured network quality through each step; (d5) dividing transmission / reception of a network through multiple networks between transmission nodes.

The step (e) of decrypting the received content to generate a reproducible content includes: (e1) acquiring information of the unit content; (e2) transmitting information of the received unit contents to the contents protection system; (e3) receiving information of the unit contents in the contents protection system; (e4) obtaining an encryption key based on information of the received unit contents; (e5) obtaining an encryption key of the reproduction system generated in (b2); (e6) duplicating the decryption key of the unit content through the encryption key of the playback system; (e7) transmitting the generated double encrypted data to the reproducing system; (e8) receiving encrypted data in a playback system; (e9) acquiring information of the reproduction system to obtain an encryption key of the reproduction system; (e10) extracting a decryption key of a unit content with an encryption key of the obtained reproduction system; (e11) restoring original content using the extracted content decryption key; (e12) reproducing the restored contents.

According to the present invention, in order to overcome the limitation of the network capacity of the streaming server that provides the original image for transmitting the centralized real-time streaming video contents, the present invention uses a high-cost system such as CDN On the contrary, it is to reduce the network cost by using a mesh network in which a peer to peer (P2P) scheme is introduced between each receiving node of a multi-distributed network. In addition, it is possible to use multiple networks between each node, thereby enabling a higher capacity content to be supplied per unit time.

Furthermore, even in distributing very high-capacity data such as digital cinema, it is possible to reduce transmission time and cost by using a network.

In addition, according to the present invention, it is possible to prevent leakage of real-time contents from a playback apparatus through a public certificate system and a dual security key system in an environment where it is difficult to fundamentally prevent the leakage of contents due to the structure of a file- There are advantages.

FIG. 1 is a network configuration diagram of a video content real-time transmission technique and a content protection apparatus using multiple networks and a network according to a preferred embodiment of the present invention; FIG.
FIG. 2 is a block diagram of a video content real-time transmission technique and a content protection apparatus using a multi-network and a mesh network according to a preferred embodiment of the present invention;
3 is a block diagram of an embodiment of the streaming system of FIG.
FIG. 4 is a block diagram of an embodiment of the network management system of FIG. 1;
FIG. 5 is a configuration diagram of an embodiment of the reproduction system of FIG. 1,
FIG. 6 is a block diagram of an embodiment of the content protection system of FIG. 1; FIG.
Figure 7 is an illustration of an embodiment of the inventive segmentation network and its effect.
8 is a block diagram of a mesh network embodiment of the present invention.
9 is a block diagram of an embodiment of the arm / decoder of the present invention
10 is a data structure diagram of an embodiment of a dual security key of the present invention,
Figure 11 is an operational flowchart of a system according to a preferred embodiment of the present invention,
FIG. 12 is a flowchart of the system registration process in FIG. 11,
FIG. 13 is a flowchart of a receiving authority checking process in FIG. 11,
FIG. 14 is a flowchart of the image production and distribution process in FIG. 11,
FIG. 15 is a flow chart of multiple network transmission in the image production and distribution process in FIG. 11,
FIG. 16 is a flow chart of a network transmission in the image production and distribution process in FIG. 11,
FIG. 17 is a flowchart of a process of reproducing contents in FIG. 11; FIG.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS Hereinafter, a video content real-time transmission technique and a content protection apparatus and method using a multi-network and a mesh network according to a preferred embodiment of the present invention will be described in detail with reference to the accompanying drawings.

FIG. 1 is a system configuration diagram of a video content real-time transmission technique and a content protection apparatus using a multi-network and a mesh network according to a preferred embodiment of the present invention. FIG. Fig.

The video content real-time transmission technique and the content protection apparatus using the multiple networks and the mesh network according to the preferred embodiment of the present invention may be applied to a streaming system 100 using HLS / DASH, a network 200 such as the Internet, a content protection system 300 A network management system 400, a playback system 500, and a database 600.

The streaming system 100 receives real-time image information, generates encoded content, generates a segment / chunk type unit content file such as HLS / DASH, and transmits the content to a content encryption / Key, and transmits the encrypted content to the playback system 500 through the HTTP protocol.

As shown in FIG. 3, the streaming system 100 includes a real-time encoder 110 that receives image information and compresses in real time, and a content protection system 300 that receives an encryption key for the content, A segment generator 130 for generating the encrypted image data in the form of transmission using the HLS / DASH with a predetermined unit length, and an HTTP / And a web server 140 for transmitting the image to the playback system 500 via the Internet.

4, when the streaming system 100 and the playback system 500 operate as a transmitting / receiving node on a mesh network, each of the nodes may transmit data in some form on the network And a network analyzer 420 for analyzing the network performance and delivering data for policy establishment to the network policy generator.

The playback system 500 requests the streaming system 100 for a reception right and confirms the reception right to receive and play the content in a streaming manner.

5, the playback system 500 includes a streaming client 510 capable of receiving content from the streaming system 100, an arm / decoder 120 capable of decoding the received content, And a web server 530 for transmitting data when operating as a transmitting node on a mesh network.

The content protection system 300 checks the system registration information of the corresponding reproduction system 500 in the database 600, determines whether the system registration information exists, and transmits the system registration information to the streaming system. The reason for not transmitting to the direct playback server is that when the system attempts to access the contents of the web server 140 of the streaming system in order to confirm the registration, It is the role that can be controlled at the web server level.

As shown in FIG. 5, the contents protection system 300 includes an encryption / decryption unit and a system-specific reception right management module 310 capable of generating a dual security key.

The streaming system 100 always acts as the transmitting node of the contents in the transmitting step, and the reproducing system 500 operates as the receiving node depending on the situation. At this time, as shown in FIG. 7, it is possible to divide and transmit the transmission network at the time of data transmission between the nodes, so that the transmission network can be used to transmit a large amount of contents. For example, LTE mobile network and general wired Internet network can be configured to use QoS (Quality of Service) guaranteed by both networks at the same time.

As shown in FIG. 7, in transmitting the contents in the system, a network may be configured and transmitted. Assuming that the total amount of QoS required to transmit data in real time is 5 when the transmission step is divided into two steps as shown in FIG. 7, the unit content data (HLS segement or DASH chunk) The playback system 500, which is operating as a client in the first stage while transmitting the second unit content when the first unit content data is transmitted in the transmission step 1, As a content transmission server. In this case, if two playback systems in transmission step 1 transmit to playback systems 500 in transmission step 2 at a rate of QoS 2 and receive data at a rate of QoS 1 from the streaming system, Can achieve a QoS gain of 16 more arithmetically than a QoS of 30, which is required for transmission in a total of six systems in real time. In this case, after the delay time of the transmission and reception of the first content unit data, the content is transmitted in real time even in the second step. Thus, if each reproduction system can be used as a transmission point and partial transfer of data as much as necessary to each other can be achieved, a tremendous gain in network cost can be achieved.

The encryption / decryption unit 120 is an apparatus capable of encrypting and decrypting the content encryption key and the content encryption key used in the system by using the double security key D100 for more securely. 9, a public key certificate interpretation module 121 for performing encryption / decryption using a public key certificate, a non-keying key encryption / decryption module for performing encryption / decryption using the asymmetric key extracted from the public key certificate A system-specific symmetric encryption key generation module 123 for extracting system information from the system and generating a system-specific symmetric encryption key for performing double security by combining the system information, and a system using the extracted symmetric key And a symmetric key encryption / decryption module 124 capable of performing encryption / decryption.

In this case, the duplicate security key D100 is more robust against attempting to extract an encryption key by extracting an encryption key through packet sniffing in the network when distributing a symmetric encryption key capable of decrypting contents through HTTP Provide content security. For example, HLS typically provides content protection through AES, ensuring content security with high speed and strong encryption capabilities. However, because of the nature of AES, it has the disadvantage that it can be decrypted easily when the encryption key and initialization vector are leaked.

Although a general HLS player downloads a content file and deletes the file after playing it by the smooth streaming method, the structure of the HLS is very simple and has a disadvantage that it is vulnerable to hacking imitating a client, packet interception, and the like Since the public key of the public certificate is a system that anyone can use, it is possible to use a system that imitates the client mentioned above, such as masquerade, replay, modification of message or denial of service Hacking techniques, and the like. In order to provide a strong security performance by supplementing the security key once more, the present invention can implement a situation in which a data structure, such as a dual security key, is introduced so that a content can not be reproduced even if a public key of the content is leaked. Also, it is preferable to use HTTPS (HTTP over Secured Socket Layer), which is basically a protocol for enhancing security of HTTP.

The duplicate security key D100 includes the content encryption symmetric key D110, as shown in FIG. The duplicate security key can make it impossible to extract the encryption key used for encrypting contents having different encryption keys for different systems even if the authorized certificate system is leaked by hacking or the like. The symmetric encryption key generation module for each system extracts system information and generates an encryption key from the unique information. At this time, in order to further enhance the security, it is possible to strengthen the security more aggressively by changing the encryption key periodically when encrypting each content, and sometimes changing the encryption generation algorithm through the unique information of the system-specific encryption key generation module. It is preferable that the reproducing system 500, the streaming system 100, and the contents protection system 300 are constructed so as to be adaptable to the changed algorithm.

In addition, when the decrypted original contents are stored in the file, the file access right of the other process is excluded, and the dummy data is overwritten and deleted in the main part of the file before deleting the file, It is desirable to prevent leakage.

10 is a flowchart showing a transmission method and a reproduction method of the system according to the present invention, and S represents a step.

The video content real-time transmission technique and the content protection method using the multiple networks and the mesh network according to the present invention may include registering the system information in the content protection system 300 in the playback system 100, A step S300 of creating and distributing contents, a step S400 of receiving through a divided network, a step S500 of transmitting and receiving through a network, And receiving and reproducing the content (S600).

In operation S100, as shown in FIG. 12, a step S101 of receiving a public certificate for the contents protection system through a public certification authority in the reproduction system; Reviewing the validity of the received authorized certificate (S102); Collecting information of the reproduction system (S103); Encrypting information of the reproduction system using the certificate (S104); Transmitting the encrypted data to the contents protection system 300 (S105); Receiving encrypted data in the content protection system (S106); Acquiring the approval of the manager (S108); Registering system-specific information in the system information database and issuing an ID to the system (S109); Transmitting the generated ID (S110); And receiving the issued ID and storing the received ID in a playback system (S111).

In operation (S200), the playback system 500 obtains a streaming right through the streaming system 100 as shown in FIG. 13, and includes extracting system information (S201); A system-specific encryption key generation step (S202); Transmitting the encrypted system information to the streaming system 100 (S203); Receiving encrypted system information in the streaming system (S204); Requesting the contents protection system 300 to confirm the authority of the system (S205); Acquiring system information according to login information of the playback system 100 in the content protection system 300 (S206); A step (S207) of generating symmetric encryption for each system based on the information extracted from the DB; Extracting unique information of the reproduction system 300 from the received login information using the symmetric key (S208); Comparing the received system information with system information fetched from the DB (S209); Accepting or rejecting the reception right according to whether or not the system information is matched (S210); Confirming whether the authority is acquired (S211); And finally (S212) starting the reception of the content or ending the system. In this process, when the content is transmitted in the next step, the web server 140 of the streaming system 100 acquires the rights through the streaming system 100 without requesting the content protection system 300 directly, It is more efficient because it can manage the authority.

In operation S300, as shown in FIG. 14, the streaming system 100 receives the uncompressed image S301. Encoding the effect in the real-time encoder 110 (S302); Requesting a content encryption key (S303); A step (S304) of generating an encryption key of the unit content in the content protection system (300); Storing information of unit contents and an encryption key (S305); Transmitting an encryption key (S306); Transmitting the generated encryption key (S307); Receiving (S308) the encryption key generated in the content protection system in the streaming system 100; In the decoder Generating a unit content in the segment generator 130 (S310); A mesh network and multiple network transmissions (S311).

As shown in FIG. 15, the step (S400) is a step of receiving contents through multiple networks, and is a step (S401) of starting contents reception in the reproduction system 500; Measuring the speed of the networks used (S402); A step (S403) of determining the position and length of a content part to be received for each network according to the network speed; Receiving the content through each network (S404); Integrating the divided received contents (S406); Delivering the integrated content to the decoder 520 (S406); (S407) of determining whether or not to terminate the process; And terminating the reproduction (S408).

In step S500, as shown in FIG. 16, a step S501 of establishing a network network policy in the network management system 400; Distributing the network policy to the playback system 500 (S502); Receiving a network policy in the playback system 500 (S503); Analyzing the network policy (S504); A relative node analysis step (S505) to receive in the network policy; Dividing and receiving the content at the correspondent node (S506); (S507) of integrating the divided received contents; Measuring the performance of each network based on the reception time and the data amount (S508); Transmitting the network performance to the network management system 400 (S509); Reviewing (S509) whether the playback system 500 operates as a content transmitting node in the network policy; A step S511 of posting the received content to the web server 530 when operating as a transmitting node in the previous step S510; Receiving (S512) a network performance report transmitted in the step (S509) in the network management system; And a step S513 of re-establishing a policy for the connection state or the data distribution amount of the mesh network according to the network state of each transmission node.

As shown in FIG. 17, the step (S600) includes a step (S601) of requesting transmission of contents in a process of receiving and reproducing contents; Transmitting the content in the streaming system 100 (S602); Receiving contents (S603); Transmitting the information of the content and the system ID information and requesting the encryption key of the content (S604); Receiving content information and a system ID (S605); A step (S606) of generating a system-specific encryption key via an ID; A step of inquiring an encryption key of the content (S607); The system information of the reproduction system 500 is retrieved from the DB in step S608; Generating a duplicate security key using the encryption key and the public key of the system (S5608); (S610) receiving the duplicate secret key (S611) in the reproducing system (500), generating a system-specific encryption key for decrypting the duplicate secret key (S612 A step (S613) of decrypting the content (S614); a step of decrypting the content (S615); a step of outputting the decoded multimedia data to the A / V device S616).

Although the present invention has been described in detail with reference to the above embodiments, it is needless to say that the present invention is not limited to the above-described embodiments, and various modifications may be made without departing from the spirit of the present invention.

The present invention is applied to a technique for obtaining an efficient transmission rate while reducing the cost of a network when multimedia contents are transmitted using a network, and is applied to a technique for preventing the leakage of contents.

100: Streaming system
110: real time encoder
120: Amplifier
121: Authorized certificate interpretation module
122: Asymmetric key decryption module
123: Symmetric encryption key generation module by system
124: symmetric key encryption / decryption module
130: Segment Generator
113: Web server
300: Content Protection System
310: Receive rights management module for each system
400: Network management system
410: Network Policy Generator
420: Network Analyzer
500: Playback system
510: Streaming Client
520 decoder
530 Web server for playback system

Claims (5)

For multimedia contents transmission, in progressive downloading through HTTP protocol such as HLS / DASH or streaming transmission with smooth streaming method, multiple networks are configured in transmission of contents, differentiated according to the quality and speed of each constituent network, A system for receiving content; And
A network management system that configures a network capable of transmitting through a network in the form of a mesh network and establishes a network policy in which each receiving node can perform a role of a transmission point again for each layer without using data such as a CDN; And
In the network structure, the network policy is applied, the divided contents are received from a plurality of server nodes, and the contents are reassembled and reproduced in a form that can be integrated and displayed. In addition, And a playback system capable of distributing contents to a plurality of users via a network.
The transmission system according to claim 1, wherein the transmission system dynamically grasps the state of each network when transmitting using multiple networks, loads and balances the start position and the length of the contents to be transmitted from the server on a per network basis, A real time transmission / content protection device for video contents using a network and a mesh network.
A system for encrypting multimedia contents by unit content, acquiring the encryption key of the reproduction system, re-encrypting the encrypted content key with the encryption key, and protecting the content by generating a duplicate security key using an asymmetric encryption method based on the public key certificate; And
Wherein the encrypted content key is decrypted and decrypted into image content that can be extracted and reproduced by receiving and decoding the double secret key through the network and reproducing the encrypted key.
The system according to claim 3, further comprising: a streaming system capable of encrypting contents by applying different encryption keys to the unit contents; And
And real time transmission / content protection apparatus using the network and the network, wherein the encryption key is stored for each content in response to the request of the streaming system, and the playback system is registered and the reception rights thereof can be controlled.
And a symmetric encryption key is generated by extracting system information of each reproduction system in addition to an asymmetric key encryption system based on a public key certificate using a dual encryption key. Transmission / content protection method.




KR1020150038564A 2015-03-20 2015-03-20 And image content using a multi-network mesh network real-time transmission / content protection apparatus and method KR20160112578A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020150038564A KR20160112578A (en) 2015-03-20 2015-03-20 And image content using a multi-network mesh network real-time transmission / content protection apparatus and method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020150038564A KR20160112578A (en) 2015-03-20 2015-03-20 And image content using a multi-network mesh network real-time transmission / content protection apparatus and method

Publications (1)

Publication Number Publication Date
KR20160112578A true KR20160112578A (en) 2016-09-28

Family

ID=57101506

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020150038564A KR20160112578A (en) 2015-03-20 2015-03-20 And image content using a multi-network mesh network real-time transmission / content protection apparatus and method

Country Status (1)

Country Link
KR (1) KR20160112578A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20200121019A (en) * 2019-04-15 2020-10-23 주식회사 활엔터테인먼트 Grid digital cinema content distribution system

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20110071748A (en) 2009-12-21 2011-06-29 한국전자통신연구원 Apparatus and method for processing a digital cinema contents

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20110071748A (en) 2009-12-21 2011-06-29 한국전자통신연구원 Apparatus and method for processing a digital cinema contents

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20200121019A (en) * 2019-04-15 2020-10-23 주식회사 활엔터테인먼트 Grid digital cinema content distribution system

Similar Documents

Publication Publication Date Title
US11822626B2 (en) Secure web RTC real time communications service for audio and video streaming communications
US10057277B2 (en) System and method for partial URL signing with applications to dynamic adaptive streaming
US10698985B2 (en) Extending data confidentiality into a player application
EP3239877B1 (en) Streamlined digital rights management
US10389689B2 (en) Systems and methods for securely streaming media content
KR101617340B1 (en) System and method for signaling segment encryption and key derivation for adaptive streaming
US9742736B2 (en) Ethernet decoder device and method to access protected content
KR101312910B1 (en) Protecting digital media of various content types
JP6384699B2 (en) Token-based authentication and authorization information signaling and exchange for adaptive streaming
JP5021639B2 (en) Protected content transport using streaming control and transport protocols
US20040199771A1 (en) Method for tracing a security breach in highly distributed content
CN107707504B (en) Streaming media playing method and system, server and client
CN108881205B (en) HLS streaming media safe playing system and playing method
US10623409B2 (en) Controlling access to IP streaming content
KR20080103599A (en) Method, system, subscriber equipment and multi-media server for digital copylight protection
US20210377600A1 (en) Systems and methods for data processing, storage, and retrieval from a server
US20150199498A1 (en) Flexible and efficient signaling and carriage of authorization acquisition information for dynamic adaptive streaming
CN101980500B (en) Digital signature-based point-to-point flow control method and system
KR20160112578A (en) And image content using a multi-network mesh network real-time transmission / content protection apparatus and method
JP6104401B2 (en) Asymmetric content distribution of media content
WO2011013196A1 (en) Information processing device
CN115883883A (en) Safe transmission method and system for broadcast and television live broadcast signals
Deen et al. Broadcast encryption: paving the road to practical content protection systems
WO2008127092A2 (en) Device and method for gaining conditional access to a data network