WO2010105469A1 - Procédé d'authentification et système d'accès conditionnel à une diffusion multimédia mobile - Google Patents

Procédé d'authentification et système d'accès conditionnel à une diffusion multimédia mobile Download PDF

Info

Publication number
WO2010105469A1
WO2010105469A1 PCT/CN2009/073976 CN2009073976W WO2010105469A1 WO 2010105469 A1 WO2010105469 A1 WO 2010105469A1 CN 2009073976 W CN2009073976 W CN 2009073976W WO 2010105469 A1 WO2010105469 A1 WO 2010105469A1
Authority
WO
WIPO (PCT)
Prior art keywords
authentication
terminal
channel
module
receiving module
Prior art date
Application number
PCT/CN2009/073976
Other languages
English (en)
Chinese (zh)
Inventor
宋玉林
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Priority to BRPI0923999A priority Critical patent/BRPI0923999A2/pt
Publication of WO2010105469A1 publication Critical patent/WO2010105469A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication

Definitions

  • the present invention relates to the field of mobile multimedia broadcasting in China, and in particular, to an authentication method and system for receiving mobile multimedia broadcast conditions.
  • CMMB China Mobile Multimedia Broadcasting
  • the CMMB is a broadcast one-way data transmission channel, so that in addition to audio and video signals that can transmit television programs and broadcast programs, various electronic data can be transmitted through it.
  • CMMB mainly provides broadcast TV services for small-screen portable handheld terminals such as mobile phones and PDAs, as well as terminals such as car TVs.
  • CMMB terminal playback clearing is relatively simple; for playing encrypted stream, CMMB proposes "Mobile multimedia broadcasting-Conditional Access System (MMB-CAS), MMB-CAS can be mobile multimedia broadcasting service. Provides protection during transmission, that is, protection for unidirectional channels and bidirectional channels of services. Mobile multimedia broadcast operators usually add MMB-CAS conditional access control mechanisms for mobile multimedia services during broadcast. MMMMB-CAS, mobile The multimedia broadcast operator can authorize the specified user or user group for the service or service package, so that only authorized users or user groups can receive related services.
  • MMB-CAS Mobile multimedia broadcasting-Conditional Access System
  • MMB-CAS is divided into two parts: the front-end subsystem and the terminal subsystem.
  • the location in the mobile multimedia broadcasting system is shown in Figure 1.
  • the bidirectional channel (such as the short message channel) is optional, and can provide a point-to-point data interaction channel between the front end and the mobile multimedia receiving terminal.
  • the conditional access system defined and specified in this section can be applied to both unidirectional channels (such as broadcast channels) and to the combination of unidirectional channels and bidirectional channels.
  • the MMB-CAS can authorize the user through the front-end authorization information to the terminal, or use the encryption authorization and the electronic wallet function together, and realize the user self-authorization through the terminal local interaction mode.
  • the MMB-CAS can also use the bidirectional channel to communicate with the terminal in a peer-to-peer manner. User authorization.
  • MMB-CAS is based on a four-layer key model. As shown in Figure 2, a key security management and authorization control management and distribution mechanism is established, and the scrambling technology is used to implement conditional reception of services.
  • the entire key model includes the user registration layer, authorization/security management layer, authorization control layer, and service scrambling layer.
  • the model is characterized by key layer protection; each key has its own life cycle; the lower layer key is encrypted by the upper layer key and transmitted.
  • the user registration layer implements the preset of the user key (UK) in the terminal security module, or implements user key distribution in the two-way registration mode.
  • the UK is used to encrypt/decrypt the Service Encryption Key (SEK).
  • the front end uses the UK to encrypt the SEK information, generates an EMM, transmits it to the terminal through a broadcast or two-way channel, and the terminal decrypts to obtain the SEK.
  • the SEK is used to encrypt/decrypt the control word (CW, Control Word).
  • the security management layer implements secure transmission of system signaling data from the front end to the terminal.
  • the system signaling is usually encapsulated in the EMM by using UK encryption, transmitted to the terminal through a broadcast or bidirectional channel, and the terminal decrypts to obtain system signaling.
  • the authorization control layer implements secure transfer of authorization control information (ECM) data from the front end to the terminal.
  • ECM authorization control information
  • the front end uses the SEK to encrypt the CW, generates the ECM, transmits it to the terminal through the broadcast channel, and decrypts the terminal to obtain the CW.
  • CW is used to scramble/descramble the transmitted traffic.
  • the service scrambling layer implements secure transmission of business data from the front end to the terminal.
  • the front end uses CW to scramble the service and transmit it to the terminal through the broadcast channel.
  • the terminal uses CW to descramble the scrambled service.
  • the Entitlement Manager Message (EMM) carrying the service key is distributed through the broadcast channel, and can also be distributed through the bidirectional channel under the condition of an optional bidirectional channel.
  • EMM Entitlement Manager Message
  • the user key can be preset in the security module of the MMB-CAS terminal in Figure 1, and can be distributed through the bidirectional channel in the case of an optional bidirectional channel.
  • the technical problem to be solved by the present invention is to solve the problem of low security of data transmission using a single channel in a mobile multimedia broadcast condition receiving system.
  • the present invention provides an authentication method for mobile multimedia broadcast condition receiving, the method comprising:
  • the front end authenticates the terminal requesting the specific key.
  • the front end group specifies the specific key and sends the specific key to the terminal through the bidirectional channel and the unidirectional channel.
  • the process of authenticating the terminal by the front end is as follows: the front end sends an authentication parameter to the terminal, and the terminal sends the authentication response result after obtaining the authentication parameter And the front end determines, according to the result of the authentication response, whether the authentication is successful.
  • the front end when the front end sends the authentication parameter to the terminal, the front end sends the authentication parameter to the terminal through the bidirectional channel and the unidirectional channel.
  • the method further includes:
  • the front end generates a random value corresponding to the terminal when the terminal opens an account and sends the random value to the terminal;
  • the front end analyzes the random value to obtain the number of authentication parameters and the number of transmission authentication parameters of each channel, and according to the obtained number of authentication parameters and the number of transmission parameters transmitted by each channel, randomness A specific authentication parameter delivered by the bidirectional channel and delivered through the unidirectional channel is determined.
  • the authentication response result includes an authentication parameter and an authentication response value, and determining whether the authentication succeeds is performed according to the following process: the front end first determines the received authentication parameter and the front end storage Whether the authentication parameters are consistent, if not, the terminal is considered to be illegal, and the authentication fails. If the agreement is consistent, the front end further calculates an authentication response value according to the authentication parameter, and the front end determines the calculated authentication response value. Whether the authentication response value sent by the terminal is consistent. If the authentication is successful, the authentication succeeds. If the authentication is inconsistent, the authentication fails.
  • the front end transmits the authentication parameter, the specific key to the terminal, and the terminal sends an authentication response result to the front end, and one end of the sending information passes
  • the random value is encrypted after the transmitted information is sent, and the received information is received.
  • the terminal decrypts the received information by the random value.
  • the specific key is a user key or a bearer service key.
  • the bidirectional channel is a short message channel, and the unidirectional channel is a broadcast channel.
  • the invention further provides a system for receiving mobile multimedia broadcast conditions, the system comprising: a front end and a terminal, the front end comprising a front end service control module, a first bidirectional channel transmission and reception module and a unidirectional channel transmission module
  • the terminal includes a terminal service control module, a second bidirectional channel transmission and reception module, and a unidirectional channel receiving module, where:
  • the terminal service control module is configured to: after the terminal opens the account, send information that is requested by the specific key to the front end, and after the terminal obtains the authentication parameter from the front end, pass the authentication response result Transmitting and receiving the first bidirectional channel sending and receiving module sent by the second bidirectional channel transmitting and receiving module to the front end;
  • the front-end service control module is configured to send an authentication parameter to the terminal and receive the authentication response result at the front end after the front end receives the information sent by the terminal requesting the specific key. And determining, according to the result of the authentication response, whether the authentication is successful, and if the authentication is successful, sending, by the first bidirectional channel sending and receiving module and the unidirectional channel sending module, the specific key to the corresponding end of the terminal.
  • the front end includes a front end random value generation and maintenance module, and the front end random value generation and maintenance module is configured to generate a random value corresponding to the terminal when the terminal opens an account and pass the first
  • the bidirectional channel transmitting and receiving module sends the random value to the second bidirectional channel transmitting and receiving module of the terminal;
  • the front end service control module is further configured to analyze the random value to obtain the number of authentication parameters and transmit authentication of each channel.
  • the number of parameters and according to the number of the obtained authentication parameters and the number of transmission authentication parameters of each channel, randomly determine the sending and receiving module sent by the first bidirectional channel and the unidirectional channel sending module Specific authentication parameters.
  • the present invention further provides a front end for mobile multimedia broadcast conditional reception, the front end includes a front end service control module, a first bidirectional channel transmission and reception module, and a unidirectional channel transmission module, where The front-end service control module is configured to: after the front end receives the information sent by the terminal requesting the specific key, send the authentication parameter to the terminal; and
  • the front end After the front end receives the authentication response result, it is determined whether the authentication is successful according to the result of the authentication response. If the authentication succeeds, the first bidirectional channel sending and receiving module and the unidirectional channel sending module send the specific secret. The key is sent to the second bidirectional channel transmitting and receiving module and the unidirectional channel receiving module of the terminal.
  • the front end further includes a front end random value generation and maintenance module, where the front end random value generation and maintenance module is configured to generate a random value corresponding to the terminal and send and receive through the first bidirectional channel when the terminal opens an account. Sending, by the module, the generated random value to the second bidirectional channel sending and receiving module of the terminal;
  • the front-end service control module is further configured to analyze the random value to obtain the number of authentication parameters and the number of transmission authentication parameters of each channel, and transmit the authentication parameters according to the obtained number of authentication parameters and each channel.
  • the number, the specific authentication parameter sent by the first bidirectional channel sending and receiving module and sent by the unidirectional channel sending module is determined.
  • the present invention also provides a mobile multimedia broadcast condition receiving terminal, the terminal includes a terminal service control module, a second bidirectional channel transmission and reception module, and a unidirectional channel receiving module, wherein the terminal service control module is configured to: After the terminal is opened, the information sent by the specific key is sent to the front end, and after the terminal obtains the authentication parameter from the front end, the authentication response result is sent to the second bidirectional channel sending and receiving module.
  • the first bidirectional channel of the front end transmits and receives a module.
  • the present invention implements data transmission in the authentication process by combining a unidirectional channel and a bidirectional channel, thereby improving the security of information transmission.
  • FIG. 1 is a block diagram of a conventional mobile multimedia broadcast condition receiving system
  • FIG. 2 is a schematic diagram of a four-layer key of a conventional mobile multimedia broadcast condition receiving system
  • 3 is a block diagram of a system for receiving mobile multimedia broadcast conditions according to a preferred embodiment of the present invention
  • FIG. 4 is a flow chart showing the operation of the system of FIG.
  • FIG. 5 is a flow chart of an authentication method for mobile multimedia broadcast conditional reception according to a preferred embodiment of the present invention.
  • the invention provides an authentication method and system for mobile multimedia broadcast condition receiving, which realizes data transmission in the authentication process, and performs data transmission than a single broadcast channel or a simple bidirectional channel, and the authentication security is higher.
  • a system for receiving a mobile multimedia broadcast condition includes a
  • the MMB-CAS terminal 31 includes a terminal RAND maintenance module 311, a terminal service control module 312, a second short message transmission and reception module 313, and a broadcast receiving module 314.
  • the front end RAND generation maintenance module 321 is configured to generate and store RAND (random value), and the front end service control module 322 is configured to control the front end business operation.
  • the RAND generation module 321 of the MMB-CAS front end 32 When the MMB-CAS terminal 31 is opened, the RAND generation module 321 of the MMB-CAS front end 32 generates a RAND corresponding to the MMB-CAS terminal 31.
  • RAND has a certain validity period. If the RAND expires, the front end RAND generation maintenance module 321 of the MMB-CAS front end 32 sends a text message to the MMB-CAS terminal 31, and the number of authentication parameters that the RAND knows after analysis and each channel The information of the number of transmission authentication parameters, RAND is used to encrypt or decrypt the transmitted information.
  • the present invention is mainly directed to the security protection performed when the user registration layer and the authorization key of the authorization and security management layer are authenticated.
  • the protection principle applied in the two layers is the same.
  • the authentication process is described in detail below.
  • FIG. 4 is a flow chart showing the operation of a mobile multimedia broadcast conditional receiving system according to a preferred embodiment of the present invention, the process comprising the steps of:
  • the terminal service control module 312 sends the first request to the MMB-CAS front end 32 by using the second short message sending and receiving module 313 by short message. SMS sending and receiving module 323;
  • the front end service control module 322 determines that there are several authentication parameters and the number of each channel transmission authentication parameter according to the RAND analysis, and the first sending of the first short message is performed by the broadcast sending module 324.
  • the sending and receiving module 323 sends the number of the authentication parameters, and the RAND of the maintenance module 321 is used to encrypt the authentication parameters by the RAND of the front end RAND, so that the confidentiality of the information sent by the two channels can be ensured, and the information is not easily captured by the other party. ;
  • the terminal service control module 312 After receiving the broadcast and short message channel information, the broadcast service receiving module 314 and the second short message sending and receiving module 313 of the MMB-CAS terminal 31, the terminal service control module 312 analyzes the number of RAND analysis authentication parameters stored by the terminal RAND maintenance module 311, and The number of identification parameters transmitted by each channel, so that the complete content of the message can be effectively obtained, and after the authentication parameters are completely received, the required original text is obtained by RAND decryption. After obtaining the original text, an authentication response value is calculated by an algorithm negotiated with the MMB-CAS front end 32, and then the authentication response result (all authentication parameters and the authentication response value) is encrypted by RAND and sent through the second short message. The receiving module 313 sends the short message to the first short message sending and receiving module 323 of the MMB-CAS front end 32;
  • the MMB-CAS front end By analyzing RAND, you can know the complete content of the message. For example: The MMB-CAS front end generates a specific five parameters, and the five parameters are different. The analysis RAND can know the number of two channels sent, and the specific allocation is random. The MMB-CAS terminal 31 can obtain all the parameters according to the total number of authentication parameters and the number of transmissions of the two channels;
  • the specific operation is to obtain the authentication response value corresponding to the authentication parameter through some algorithms.
  • the MMB-CAS front end 32 generates five authentication parameters: al, a2, 23, a4, a5.
  • the algorithm uses these parameters as input parameters.
  • the front end service control module 322 After receiving the authentication parameter and the authentication response value from the MMB-CAS terminal 31, the front end service control module 322 decrypts all the authentication parameters according to the RAND and the MMB-CAS front end 32. The authentication response value is compared with the authentication parameter stored by the front-end service control module 322. If the parameters are inconsistent, the MMB-CAS terminal 31 is considered to be illegal, and the request of the MMB-CAS terminal 31 is directly rejected.
  • the front-end service control module 322 calculates an authentication response value according to the same algorithm of the MMB-CAS terminal 31 according to the authentication parameter, if the authentication response value calculated by the MMB-CAS front end 32 and the MMBA-CAS terminal 31 calculate the The weighted response values are equal, indicating that the authentication is successful, and the specific key is grouped by an algorithm.
  • the RAND is encrypted and then sent by the broadcast sending module 324 and sent by the first short message sending and receiving module 323 to deliver the grouped specific key.
  • the terminal service control module 312 reassembles the encrypted specific key by the same algorithm and decrypts the RAND to obtain the original specific key. If the authentication parameters are valid, the authentication response values are not equal, and the request of the MMB-CAS terminal 31 is also rejected.
  • FIG. 5 is a flow chart of an authentication method for mobile multimedia broadcast conditional reception according to a preferred embodiment of the present invention, the method comprising the steps of:
  • S501 MMB-CAS terminal opening account
  • the MMB-CAS front end generates RAND and sends RAND to the MMB-CAS terminal through the short message channel;
  • the MMB-CAS terminal requests a specific key (user key or service key), and sends a request to the MMB-CAS front end through the short message channel;
  • the MMB-CAS front end After receiving the request message, the MMB-CAS front end determines the number of authentication parameters sent by the broadcast channel and sent through the short message channel according to the number of the authentication parameters and the number of the transmission authentication parameters of each channel.
  • the encryption parameter is encrypted by RAND before being sent, so that the confidentiality of the information sent by the two channels can be ensured, and it is not easy to be captured by the other party;
  • the specific operation is to obtain the authentication response value corresponding to the authentication parameter through some algorithms, for example:
  • the MMB-CAS front end 32 generates five authentication parameters: al, a2, 23, a4, a5.
  • the algorithm performs some operations on these parameters as input parameters, such as the function F( );
  • the MMB-CAS front end After receiving the authentication parameter and the authentication response value from the MMB-CAS terminal, the MMB-CAS front end decrypts all the authentication parameters and the authentication response value according to the RAND, and then receives the authentication parameter and the MMB-CAS. Comparison of authentication parameters stored in the front end. If the parameters are inconsistent, the MMB-CAS terminal is considered illegal and directly rejects the request of the MMB-CAS terminal. If consistent, the front end MMB-CAS uses the same algorithm as the MMB-CAS terminal according to the authentication parameters. Calculate an authentication response value. If the authentication response value calculated by the MMB-CAS front end is equal to the authentication response value calculated by the MMB-CAS terminal, the authentication is successful. If the authentication parameters are valid, the authentication response values are not equal. Reject the request from the MMB-CAS terminal.
  • the MMB-CAS front end uses an algorithm to group the specific key, and then uses RAND encryption to deliver the grouped specific key through the broadcast channel and the short message channel, for example: a 200-byte specific key It is divided into several packets, each packet has information about the upper and lower two packets, and then these packets are randomly transmitted through two channels, so that the terminal can be packaged once after receiving the terminal.
  • the MMB-CAS terminal After receiving the specific key, the MMB-CAS terminal reassembles the encrypted specific key and decrypts it by RAND to obtain the original specific key.
  • the use of the broadcast channel and the short message channel authentication makes the UK and the SEK are issued safely and effectively improves the security of information transmission.
  • the present invention realizes data transmission in an authentication process by combining a unidirectional channel and a bidirectional channel, thereby improving the security of information transmission.

Abstract

L'invention porte sur un procédé d'authentification et un système d'accès conditionnel (CAS) à une diffusion multimédia mobile (MMS); et le procédé d'authentification comprend les étapes suivantes : un frontal authentifie un terminal qui demande une clé spéciale, et lorsque l'authentification est réussie, le frontal groupe la clé spéciale et transmet la clé spéciale au terminal par un canal bidirectionnel et un canal unidirectionnel. Le système comprend le frontal et le terminal. L'invention permet la transmission de données dans le processus d'authentification par le procédé de combinaison du canal bidirectionnel avec le canal unidirectionnel, et améliore la sécurité de la transmission d'informations.
PCT/CN2009/073976 2009-03-17 2009-09-16 Procédé d'authentification et système d'accès conditionnel à une diffusion multimédia mobile WO2010105469A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
BRPI0923999A BRPI0923999A2 (pt) 2009-03-17 2009-09-16 método para a autenticação no acesso condicional de transmissão de multimídia móvel, sistema de acesso condicional de transmissão de multimídia móvel, extremidade anterior de acesso condicional de transmissão de multimídia móvel e terminal de acesso condicional de transmissão de multimídia móvel.

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN2009101057824A CN101505462B (zh) 2009-03-17 2009-03-17 一种移动多媒体广播条件接收的鉴权方法及系统
CN200910105782.4 2009-03-17

Publications (1)

Publication Number Publication Date
WO2010105469A1 true WO2010105469A1 (fr) 2010-09-23

Family

ID=40977479

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2009/073976 WO2010105469A1 (fr) 2009-03-17 2009-09-16 Procédé d'authentification et système d'accès conditionnel à une diffusion multimédia mobile

Country Status (3)

Country Link
CN (1) CN101505462B (fr)
BR (1) BRPI0923999A2 (fr)
WO (1) WO2010105469A1 (fr)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101505462B (zh) * 2009-03-17 2011-08-24 中兴通讯股份有限公司 一种移动多媒体广播条件接收的鉴权方法及系统
CN102045639B (zh) * 2009-10-10 2015-06-10 中兴通讯股份有限公司 订购关系鉴权方法、系统和移动多媒体广播条件接收系统
CN101860406B (zh) * 2010-04-09 2014-05-21 北京创毅视讯科技有限公司 一种中央处理器、移动多媒体广播的装置、系统及方法
CN101917671B (zh) * 2010-08-06 2014-07-16 中兴通讯股份有限公司 一种鉴权参数的管理方法及终端
CN102075704A (zh) * 2010-12-30 2011-05-25 北京牡丹电子集团有限责任公司 Cmmb移动视频传输系统的发射设备

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1104496A1 (fr) * 1998-08-13 2001-06-06 La Poste Dispositif de controle d'acces entre une clef et une serrure electroniques
CN1631038A (zh) * 2002-02-07 2005-06-22 诺基亚公司 混合网络加密/解密方案
CN1980121A (zh) * 2005-11-29 2007-06-13 北京书生国际信息技术有限公司 电子签名移动终端、系统及方法
KR20080000950A (ko) * 2006-06-28 2008-01-03 주식회사 케이티프리텔 휴대 단말기가 ic 칩을 이용하여 암호화 방송을 복호하는방법 및 그 휴대 단말기
CN101262335A (zh) * 2008-04-23 2008-09-10 中兴通讯股份有限公司 手机电视业务密钥分发的方法及系统
CN101505462A (zh) * 2009-03-17 2009-08-12 中兴通讯股份有限公司 一种移动多媒体广播条件接收的鉴权方法及系统

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1104496A1 (fr) * 1998-08-13 2001-06-06 La Poste Dispositif de controle d'acces entre une clef et une serrure electroniques
CN1631038A (zh) * 2002-02-07 2005-06-22 诺基亚公司 混合网络加密/解密方案
CN1980121A (zh) * 2005-11-29 2007-06-13 北京书生国际信息技术有限公司 电子签名移动终端、系统及方法
KR20080000950A (ko) * 2006-06-28 2008-01-03 주식회사 케이티프리텔 휴대 단말기가 ic 칩을 이용하여 암호화 방송을 복호하는방법 및 그 휴대 단말기
CN101262335A (zh) * 2008-04-23 2008-09-10 中兴通讯股份有限公司 手机电视业务密钥分发的方法及系统
CN101505462A (zh) * 2009-03-17 2009-08-12 中兴通讯股份有限公司 一种移动多媒体广播条件接收的鉴权方法及系统

Also Published As

Publication number Publication date
CN101505462A (zh) 2009-08-12
BRPI0923999A2 (pt) 2019-12-17
CN101505462B (zh) 2011-08-24

Similar Documents

Publication Publication Date Title
CN109218825B (zh) 一种视频加密系统
KR100724935B1 (ko) 컨텐츠 보호를 위한 개체 간 연동 방법 및 장치, 그리고 그시스템
KR100747755B1 (ko) 데이터 스트림을 가상 스마트 카드 클라이언트 시스템에암호화하는 절차 및 스트리밍 서버
CN101103630B (zh) 授权多媒体组播的方法和系统
US9055047B2 (en) Method and device for negotiating encryption information
CN109151508B (zh) 一种视频加密方法
EP2426873B1 (fr) Procede d'execution du service de donnees en temps reel et systeme de service de donnees en temps reel
JP4856723B2 (ja) メディアサーバと加入者機器との間においてメディアデータを暗号化して伝送するための方法、装置および/またはコンピュータプログラム製品
JP2005510184A (ja) 機密保護インターネット・プロトコル権利管理アーキテクチャ用の鍵管理プロトコルおよび認証システム
WO2008046323A1 (fr) Procédé, système et appareil pour la protection de service de télévision pour téléphone mobile
CN101174946A (zh) 内容发送装置、内容接收装置和内容加密方法
CN101076109A (zh) 数字电视双向ca系统和基于该系统的节目订购/取消方法
EP2510663A1 (fr) Procédé et agencement pour permettre une lecture de contenu multimédia
CN102724568A (zh) 认证凭证
WO2007109999A1 (fr) Procédé, système, matériel d'abonné et serveur multimédia pour la protection numérique des droits d'auteur
CN101448130A (zh) 监控系统中数据加密保护的方法、系统和设备
US20060104442A1 (en) Method and apparatus for receiving broadcast content
WO2010105469A1 (fr) Procédé d'authentification et système d'accès conditionnel à une diffusion multimédia mobile
WO2009024071A1 (fr) Système, procédé et dispositif pour réaliser une sécurité de contenu multimédia iptv
US8417933B2 (en) Inter-entity coupling method, apparatus and system for service protection
CN1946018B (zh) 一种媒体流的加密及解密方法
CN102340702A (zh) IPTV网络播放系统及其基于USB Key的权限管理及解扰方法
CN100521771C (zh) 一种融合互联网和有线电视网络环境下的有条件接收系统
US8745382B2 (en) Method, apparatus, computer program, data storage medium and computer program product for preventing reception of media data from a multicast service by an unauthorized apparatus
WO2009094812A1 (fr) Procédés et appareils pour assurer la sécurité de flux multimédia point à point

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09841752

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 09841752

Country of ref document: EP

Kind code of ref document: A1

REG Reference to national code

Ref country code: BR

Ref legal event code: B01A

Ref document number: PI0923999

Country of ref document: BR

ENP Entry into the national phase

Ref document number: PI0923999

Country of ref document: BR

Kind code of ref document: A2

Effective date: 20110913