WO2010127540A1 - Procédé et système de distribution d'émissions de télévision - Google Patents

Procédé et système de distribution d'émissions de télévision Download PDF

Info

Publication number
WO2010127540A1
WO2010127540A1 PCT/CN2009/075402 CN2009075402W WO2010127540A1 WO 2010127540 A1 WO2010127540 A1 WO 2010127540A1 CN 2009075402 W CN2009075402 W CN 2009075402W WO 2010127540 A1 WO2010127540 A1 WO 2010127540A1
Authority
WO
WIPO (PCT)
Prior art keywords
program
mobile terminal
certificate
cmmb
requested
Prior art date
Application number
PCT/CN2009/075402
Other languages
English (en)
Chinese (zh)
Inventor
惠毅
徐明良
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2010127540A1 publication Critical patent/WO2010127540A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/47End-user applications
    • H04N21/472End-user interface for requesting content, additional data or services; End-user interface for interacting with content, e.g. for content reservation or setting reminders, for requesting event notification, for manipulating displayed content
    • H04N21/47202End-user interface for requesting content, additional data or services; End-user interface for interacting with content, e.g. for content reservation or setting reminders, for requesting event notification, for manipulating displayed content for requesting content on demand, e.g. video on demand
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/60Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client 
    • H04N21/63Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
    • H04N21/633Control signals issued by server directed to the network components or client
    • H04N21/6332Control signals issued by server directed to the network components or client directed to client
    • H04N21/6334Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/60Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client 
    • H04N21/63Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
    • H04N21/637Control signals issued by the client directed to the server or network components
    • H04N21/6377Control signals issued by the client directed to the server or network components directed to server
    • H04N21/63775Control signals issued by the client directed to the server or network components directed to server for uploading keys, e.g. for a client to communicate its public key to the server
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/60Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client 
    • H04N21/65Transmission of management data between client and server
    • H04N21/658Transmission by the client directed to the server
    • H04N21/6581Reference data, e.g. a movie identifier for ordering a movie or a product identifier in a home shopping application
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/41Structure of client; Structure of client peripherals
    • H04N21/414Specialised client platforms, e.g. receiver in car or embedded in a mobile appliance
    • H04N21/41407Specialised client platforms, e.g. receiver in car or embedded in a mobile appliance embedded in a portable device, e.g. video client on a mobile phone, PDA, laptop

Definitions

  • the present invention relates to television program distribution technology, and more particularly to a method and system for distributing television programs. Background technique
  • CMMB China Mobile Multimedia Broadcasting
  • an object of the present invention is to provide a method and system for distributing television programs, which can distribute television programs according to the authority of the user.
  • the present invention provides a method for distributing a television program, the method comprising: When requesting the program, the mobile terminal sends a program certificate authentication request corresponding to the requested program to the China Mobile Multimedia Broadcasting CMMB program distribution platform through the access point AP;
  • the CMMB program distribution platform verifies the program digital certificate included in the program certificate authentication request and the signature of the program digital certificate by the mobile terminal, and after the verification is passed, according to the authority information in the program digital certificate, And transmitting an access code of the requested program to the mobile terminal through an AP.
  • the method further includes: before the sending, by the mobile terminal, the program certificate authentication request to the CMMB program distribution platform, the method further includes:
  • the program digital certificate in the program certificate authentication request is: a program digital certificate corresponding to the requested program that is pre-issued by the CMMB program distribution platform that the mobile terminal has queried locally to the mobile terminal;
  • the program digital certificate includes at least:
  • a mobile terminal certificate configured to identify the identity of the mobile terminal
  • the permission information indicates a receiving permission of the mobile terminal for the requested program
  • Issuer signature indicating the signature of the issuer of the program digital certificate. Verifying that the mobile terminal certificate is legal and valid, and if valid, the verification of the mobile terminal certificate is passed;
  • the rights information includes: a receiving permission of the mobile terminal for the requested program, a program identifier of the requested program, and/or a category or level of the requested program;
  • the access code of the requested program is distributed to the mobile terminal according to the rights information, specifically: after the mobile terminal has the right to receive the requested program, the access code of the requested program is included in the program certificate authentication. In response, and distributed to the mobile terminal through the AP;
  • the method further comprises: the mobile terminal receiving the program content of the requested program using the access code.
  • the program digital certificate further includes an AP certificate for identifying the identity of the AP.
  • the method further includes: adding an AP signature to the authentication request, and forwarding the template to the CMMB program distribution platform;
  • the CMMB program distribution platform parses the AP from the program certificate authentication request a certificate, and verifying whether the certificate is a legal certificate and whether the signature is correct; when the certificate is a legal certificate, and the signature of the file is correct, and the mobile terminal of the program digital certificate distribution platform determines that the mobile terminal has Receiving the requested program and distributing the access code to the mobile terminal via the UI.
  • the present invention also provides a television program distribution system, the system comprising: a mobile terminal, a UI, and a CMMB program distribution platform, wherein:
  • the CMMB program distribution platform is configured to verify a program digital certificate included in the program certificate authentication request and a signature of the program digital certificate by the mobile terminal, and after the verification is passed, according to the program digital certificate Authorization information, distributing an access code of the requested program to the mobile terminal;
  • the AP is configured to forward the program certificate authentication request sent by the mobile terminal to the CMMB program distribution platform; and is further configured to forward the access code distributed by the CMMB program distribution platform to the mobile terminal.
  • the mobile terminal transmitting a program distribution request for the program identification of the program to the CMMB program distribution platform;
  • the CMMB program distribution platform is further configured to: when determining that the requested program exists according to the program identifier, send a program certificate providing request to the mobile terminal by using an AP, and obtain a program digital certificate of the requested program.
  • the CMMB program distribution platform is further configured to determine, according to the rights information included in the program digital certificate, that the mobile terminal has the right to receive after verifying the program digital certificate and the mobile terminal's signature of the program digital certificate After the requested program, the requested program will be connected.
  • the input code is included in the program certificate authentication response, and is distributed to the mobile terminal by the AP; correspondingly, the mobile terminal is further configured to receive the program content of the requested program by using the access code.
  • the CMMB program distribution platform verifies the signature of the mobile terminal and the program digital certificate included in the program certificate authentication request of the requested program transmitted by the mobile terminal, and after the verification is passed, according to the program number
  • the permission information in the certificate distributes the access code of the requested program to the mobile terminal, and the mobile terminal can receive the corresponding program content by using the access code.
  • the above-mentioned verification of the signature of the mobile terminal and the verification of the program digital certificate can realize distributing the television program to the legitimate mobile terminal, and distributing the television programs with different rights to the mobile terminal having the corresponding signing authority.
  • FIG. 1 is a schematic flow chart of a method for distributing a television program according to the present invention
  • FIG. 2 is a schematic diagram of message interaction of a television program distribution process according to an embodiment of the present invention
  • FIG. 3 is a schematic diagram of a data structure of a program digital certificate according to an embodiment of the present invention
  • FIG. 4 is a block diagram showing the structure of a television program distribution system embodying the present invention. DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS As shown in FIG. 1, a method for distributing a television program according to the present invention includes:
  • the mobile terminal sends an CMMB to the CMMB through an access point (AP, Access Point) when requesting the program.
  • the program distribution platform transmits a program certificate authentication request corresponding to the requested program.
  • the program certificate authentication request includes a program digital certificate of the mobile terminal and a signature of the digital certificate of the program by the mobile terminal (the signature of the mobile terminal).
  • the CMMB program distribution platform verifies the signature of the mobile terminal and the program digital certificate included in the program certificate authentication request, and after the verification is passed, according to the authority information in the program digital certificate, the access code of the requested program is distributed to the mobile terminal.
  • the distribution scheme of the present invention can be implemented based on the Wireless Local Area Network Authentication and Privacy Infrastructure (WAPI), which can ensure the security of television program distribution. Contains the following steps:
  • Step 210 The mobile terminal starts the CMMB service.
  • the user can start the CMMB service by selecting the CMMB service function option provided by the mobile terminal.
  • Step 220 The mobile terminal sends a program distribution request to the CMMB program distribution platform through the AP.
  • the program distribution request includes a program that the user needs to receive (view), that is, a program identification of the requested program.
  • Step 230 The CMMB program distribution platform determines whether there is a corresponding program according to the program identifier included in the program distribution request.
  • the CMMB program distribution platform sends a program certificate providing request to the mobile terminal through the AP, requesting the mobile terminal to provide a program digital certificate corresponding to the program, and then performing step 240;
  • Step 240 The mobile terminal sends a program certificate authentication request to the CMMB program distribution platform through the AP.
  • the mobile terminal After receiving the program certificate providing request, the mobile terminal pre-issues the program digital certificate corresponding to the requested program in advance to the CMMB program distribution platform obtained by the local query, and then sends a program certificate authentication request to the CMMB program distribution platform through the AP.
  • the request includes a program digital certificate corresponding to the requested program, and a signature of the digital certificate of the program by the mobile terminal.
  • the data structure of the program digital certificate is shown in Figure 3.
  • the program digital certificate contains: Permission information: Indicates the mobile terminal's right to receive the program.
  • the rights information includes: a mobile terminal's right to receive the requested program (whether or not it is entitled to receive), the program identification of the requested program, and/or the category or level of the requested program.
  • Issuer's signature The signature of the issuer of the program digital certificate is generated by encrypting other fields in the program digital certificate using the private key owned by the issuer of the program digital certificate (the CMMB program distribution platform in this embodiment) The ciphertext.
  • Step 250 After receiving the program certificate authentication request sent by the mobile terminal, the CMMB program distribution platform verifies the program digital certificate included in the request and the signature of the mobile terminal, and if the verification is passed, step 260 is performed; if the verification fails, The program certificate authentication request is discarded, and the process ends.
  • the above verification operations on the program digital certificate include:
  • a Verify that the mobile terminal certificate in the program digital certificate is legal and valid, for example: whether the certificate has been revoked, whether the certificate has expired, etc.
  • the specific verification method can refer to document RFC3280. If valid, the verification passes.
  • the issuer signature is generated by encrypting other fields in the program digital certificate by using the private key owned by the issuer of the program digital certificate (the CMMB program distribution platform in this embodiment).
  • the private key owned by the issuer of the program digital certificate the CMMB program distribution platform in this embodiment.
  • any modification to the program's digital certificate will result in a change in the issuer's signature value. Therefore, by verifying the correctness of the issuer's signature of the program digital certificate, it can be known whether the rights information contained in the program digital certificate is complete and true.
  • Step 260 After the program digital certificate included in the program certificate authentication request and the signature verification of the mobile terminal are passed, the CMMB program distribution platform determines, according to the rights information included in the program digital certificate, whether the mobile terminal has the right to receive the requested program, such as a program.
  • step 261 is executed, and the CMMB program distribution platform sends the access code of the requested program to the mobile terminal by using the AP in the program certificate authentication response; If there is no permission to receive, step 262 is executed, and the CMMB program distribution platform sends a program distribution failure response to the mobile terminal through the AP, and the response may include a specific reason for the failure, such as the mobile terminal does not have the right to receive the program.
  • the CMMB program distribution platform may also include an access code of all programs that the mobile terminal has permission to receive in the program certificate authentication response to the mobile terminal.
  • the CMMB service operator can according to the program type (such as the service type) in the program digital certificate. ) and other rights information, and the corresponding relationship with the tariff package, to achieve refined operation, improve the experience of mobile terminal users watching mobile TV programs.
  • Step 270 After receiving the program certificate authentication response, the mobile terminal parses out the program to be received, such as the access code of program A, and uses the access code to receive the content of the program.
  • process shown in FIG. 2 may further include the following steps:
  • step 240 the mobile terminal needs to send a program certificate authentication request to the CMMB program distribution platform through the AP.
  • the AP signs the program certificate authentication request, that is, adds the AP in the program certificate authentication request.
  • the signature is then sent to the CMMB program distribution platform for the program certificate authentication request containing the AP signature.
  • the beta CMMB program distribution platform can verify the AP signature by using the AP's public key contained in the AP certificate.
  • the program certificate authentication request includes the AP certificate and the AP signature
  • the signature of the mobile terminal, the mobile terminal certificate, the issuer signature, and the rights information must be verified when the program digital certificate and the signature of the mobile terminal are verified.
  • the verification of the digital certificate of the program and the signature of the mobile terminal can be determined, and the subsequent steps are continued.
  • the present invention provides a distribution system.
  • the system includes: a mobile terminal 10, a CMMB program distribution platform 20, and an AP 30, wherein: the mobile terminal 10, when requesting a program, uses Sending a program certificate authentication request corresponding to the requested program to the CMMB program distribution platform 20;
  • the AP 30 is configured to forward the program certificate authentication request sent by the mobile terminal 10 to the CMMB program distribution platform 20; and is further used to forward the access code distributed by the CMMB program distribution platform 20 to the mobile terminal 10.
  • the mobile terminal 10 transmits a program certificate authentication request to the CMMB program distribution platform 20. And further used to send, by the AP 30, a program distribution request containing the program identifier of the requested program to the CMMB program distribution platform 20;
  • the CMMB program distribution platform 20 is further configured to: when determining that the requested program exists according to the program identifier, send a program certificate providing request to the mobile terminal 10 through the AP 30 to obtain a program digital certificate of the requested program.
  • the CMMB program distribution platform 20 after verifying the verification of the program digital certificate and the signature of the mobile terminal to the program digital certificate, is further configured to determine, after determining, according to the rights information included in the program digital certificate, that the mobile terminal 10 is entitled to receive the requested program, The access code of the requested program is included in the program certificate authentication response, and is distributed to the mobile terminal 10 through the AP 30;
  • the mobile terminal 10 is further configured to receive the program content of the requested program using the access code.

Landscapes

  • Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Security & Cryptography (AREA)
  • Multimedia (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Human Computer Interaction (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

La présente invention concerne un procédé de distribution d'émissions de télévision. En l'occurrence, un terminal mobile envoie, via un point d'accès ou "AP" (Access Point) à une plateforme de distribution d'émissions de CMMB (China Mobile Multimedia Broadcasting) une demande d'authentification de certificat de programme correspondant à l'émission demandée. La plateforme de distribution d'émissions de CMMB vérifie alors un certificat numérique d'émission et la signature du terminal mobile présents dans le certificat numérique d'émission inclus dans la demande d'authentification de certificat d'émission, puis, si le résultat de vérification est positif, la plateforme distribue au terminal mobile un code d'accès pour l'émission demandée. L'invention concerne également un système de distribution d'émissions de télévision. L'invention permet ainsi d'effectuer la distribution d'émissions de télévision selon les autorisations de l'utilisateur.
PCT/CN2009/075402 2009-05-04 2009-12-08 Procédé et système de distribution d'émissions de télévision WO2010127540A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN2009101376548A CN101552903B (zh) 2009-05-04 2009-05-04 一种电视节目分发方法及系统
CN200910137654.8 2009-05-04

Publications (1)

Publication Number Publication Date
WO2010127540A1 true WO2010127540A1 (fr) 2010-11-11

Family

ID=41156844

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2009/075402 WO2010127540A1 (fr) 2009-05-04 2009-12-08 Procédé et système de distribution d'émissions de télévision

Country Status (2)

Country Link
CN (1) CN101552903B (fr)
WO (1) WO2010127540A1 (fr)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101552903B (zh) * 2009-05-04 2011-10-26 中兴通讯股份有限公司 一种电视节目分发方法及系统
CN103428583A (zh) * 2013-08-12 2013-12-04 深圳市同洲电子股份有限公司 一种对流媒体文件的保护方法和数字电视终端
CN107276965B (zh) * 2016-04-07 2021-05-14 阿里巴巴集团控股有限公司 服务发现组件的权限控制方法及装置

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20080000315A (ko) * 2006-06-27 2008-01-02 주식회사 대우일렉트로닉스 이동 통신 단말기와 텔레비전을 이용한 인증 시스템
CN101155293A (zh) * 2006-09-25 2008-04-02 华为技术有限公司 一种进行网络直播电视业务频道授权的方法、系统及装置
CN101552903A (zh) * 2009-05-04 2009-10-07 中兴通讯股份有限公司 一种电视节目分发方法及系统

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1937495B (zh) * 2006-09-29 2010-05-12 清华大学深圳研究生院 媒体网络应用的数字版权保护方法及系统
CN101030857A (zh) * 2007-04-10 2007-09-05 华东师范大学 细粒度的文档加密保护控制方法
CN101355569A (zh) * 2008-09-10 2009-01-28 北大方正集团有限公司 一种数字内容下载控制方法、装置及系统

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20080000315A (ko) * 2006-06-27 2008-01-02 주식회사 대우일렉트로닉스 이동 통신 단말기와 텔레비전을 이용한 인증 시스템
CN101155293A (zh) * 2006-09-25 2008-04-02 华为技术有限公司 一种进行网络直播电视业务频道授权的方法、系统及装置
CN101552903A (zh) * 2009-05-04 2009-10-07 中兴通讯股份有限公司 一种电视节目分发方法及系统

Also Published As

Publication number Publication date
CN101552903A (zh) 2009-10-07
CN101552903B (zh) 2011-10-26

Similar Documents

Publication Publication Date Title
US8924731B2 (en) Secure signing method, secure authentication method and IPTV system
WO2017028593A1 (fr) Procédé pour amener un dispositif d'accès à un réseau à accéder à un point d'accès à un réseau sans fil, dispositif d'accès à un réseau, serveur d'application et support de stockage lisible par ordinateur non volatil
EP3376735B1 (fr) Procédé et système permettant de fournir une authentification d'autorisation par un tiers
US8321673B2 (en) Method and terminal for authenticating between DRM agents for moving RO
EP3308499B1 (fr) Gestion de certificat de fournisseur de services
WO2013056622A1 (fr) Procédé permettant de vérifier l'identité d'accès d'un boîtier décodeur et d'un serveur d'authentification
WO2008040201A1 (fr) Procédé d'obtention d'une clé à long terme (ltk) et serveur de gestion d'abonnement associé
US20070168293A1 (en) Method and apparatus for authorizing rights issuers in a content distribution system
TW201026107A (en) Ticket-based spectrum authorization and access control
KR20070031684A (ko) 컨텐츠 보호를 위한 개체 간 연동 방법 및 장치, 그리고 그시스템
JP2011238083A (ja) 認証連携装置およびそのプログラム、機器認証装置およびそのプログラム、ならびに、認証連携システム
WO2007121632A1 (fr) Procédé pour recevoir un service télédiffusion numérique, terminal maître et terminal esclave associés
JP7337912B2 (ja) コアネットワークへの非3gppデバイスアクセス
JP2009508431A (ja) サービス保護のためのエンティティ間の連動方法及び装置、そしてそのシステム
WO2010127540A1 (fr) Procédé et système de distribution d'émissions de télévision
CN109460647B (zh) 一种多设备安全登录的方法
KR101094275B1 (ko) 아이피티비 환경에서 이동 단말을 위한 인증 방법 및 장치
WO2009124587A1 (fr) Rapport de service

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09844292

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 09844292

Country of ref document: EP

Kind code of ref document: A1