WO2012142863A1 - Method and gateway device for handling media message security mechanism - Google Patents

Method and gateway device for handling media message security mechanism Download PDF

Info

Publication number
WO2012142863A1
WO2012142863A1 PCT/CN2012/070250 CN2012070250W WO2012142863A1 WO 2012142863 A1 WO2012142863 A1 WO 2012142863A1 CN 2012070250 W CN2012070250 W CN 2012070250W WO 2012142863 A1 WO2012142863 A1 WO 2012142863A1
Authority
WO
WIPO (PCT)
Prior art keywords
message
media
encrypted
content
auxiliary information
Prior art date
Application number
PCT/CN2012/070250
Other languages
French (fr)
Chinese (zh)
Inventor
卢艳
丁欣
陈军
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2012142863A1 publication Critical patent/WO2012142863A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0464Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload using hop-by-hop encryption, i.e. wherein an intermediate entity decrypts the information and re-encrypts it before forwarding it
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/06Message adaptation to terminal or network requirements
    • H04L51/066Format adaptation, e.g. format conversion or compression
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/07User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail characterised by the inclusion of specific contents
    • H04L51/08Annexed information, e.g. attachments

Definitions

  • the present invention relates to the field of communications, and in particular, to a processing method and a gateway device for transferring a media message security mechanism.
  • MIME Multipurpose Internet Mail Extensions
  • multimedia message encoding such as (mobile) email, instant messaging, and multimedia messaging (network side).
  • MIME multimedia messages usually contain multiple media content. Sometimes, some media content is very important and sensitive content (such as text or pictures involving personal privacy or secrets). To prevent sensitive content from being notified by unauthorized parties, the media can be The message is encrypted. However, in some cases, media content has more impact on encryption and decryption speed, especially encryption and decryption on mobile phone terminals with limited resources, which will affect the user experience. To solve this problem, one or some media content may be targeted to MIME. Encryption is done without encrypting the entire message. In practical applications, MIME-encoded media messages, such as instant messages, often communicate with other encoding formats. When the messages are interworked, if the media messages contain locally encrypted media content, there is no technical solution yet. The transfer of encrypted local media cannot guarantee the security of the local encrypted media when different services are interworked.
  • the technical problem to be solved by the present invention is to provide a media message processing method and a gateway device to solve the problem that the security of the local encrypted media cannot be guaranteed when interworking between different services.
  • the present invention provides a media message processing method, the method comprising: a gateway device receiving a first media message, the first media message carrying encrypted auxiliary information and one or more encrypted media content, the encryption assistance
  • the information includes an encryption algorithm and/or key information
  • the gateway device Translating, by the gateway device, the first media message into a second media message in a different format, where And extracting and transferring the encrypted auxiliary information and the respective encrypted media content in the first media message; the gateway device sends the second media message.
  • the encryption auxiliary information is located in a message header of the first media message
  • the gateway device extracts the encrypted auxiliary information and the encrypted media content in the first media message, and the message from the first media message Extracting, by the header, the encrypted auxiliary information, extracting the encrypted media content from a message body of the first media message; the gateway device transferring the encrypted auxiliary information and the encrypted media content finger in the first media message, Transmitting the encrypted media content to the message body of the second media message, transferring the encrypted auxiliary information to a message header of the second media message; or transferring the encrypted media content to the message body of the second media message And transferring the encrypted auxiliary information to a content head of a corresponding encrypted media content in the second media message.
  • the encryption auxiliary information is located in a Content header of the first media message, where the encrypted media content is located, and the gateway device extracts the encrypted auxiliary information and the encrypted media content reference in the first media message. Extracting the encrypted auxiliary information from the content header of the encrypted media content in the first media message, extracting the encrypted media content from the message body of the first media message; and the gateway device transferring the first media message Encrypting the auxiliary information and the encrypted media content, transferring the encrypted media content to the message body of the second media message, and transferring the encrypted auxiliary information to a Content header of the corresponding encrypted media content in the second media message; Or transferring the encrypted media content to a message body of the second media message, and transferring the encrypted auxiliary information to a message header of the second media message.
  • the encrypted media content is local media content of the first media message; and the encrypted auxiliary information further includes tag information of the encrypted media content.
  • the encrypted media content is local media content of the first media message; when the encrypted auxiliary information is located in a message header of the media message, the encrypted auxiliary information further includes tag information of the encrypted media content, where :
  • the encryption auxiliary information is transferred from the message header of the first media message to the message header of the second media message, or the encrypted auxiliary information is transferred from the content header of the corresponding media content in the message body of the first media message to the first
  • the corresponding media content of the second media message is located in the Content header of the encrypted media content
  • the encrypted auxiliary information before and after the transfer is the same
  • the encryption auxiliary information is transferred from the header of the Content or segment of the corresponding media content in the message body of the first media message to the message header of the second media message
  • the encrypted media does not contain the identification information
  • the encryption auxiliary information is added.
  • the first media message and the second media message are multi-function internet mail extensions
  • MIME multimedia information service
  • MMS multimedia information service
  • the present invention further provides a gateway device, where the gateway device includes: a media message receiving module, configured to: receive a first media message, where the first media message carries the encrypted auxiliary information and one or more Encrypting media content, the encryption assistance information comprising an algorithm or key information;
  • a media message processing module configured to: convert the first media message into a second media message of a different format, including extracting and transferring the encrypted auxiliary information in the first media message and each encrypted media content; a module, configured to: send the second media message.
  • the encryption auxiliary information is located in a message header of the first media message or the second media message, or is located in a content header of the corresponding encrypted media content in the first media message or the second media message.
  • the encrypted media content is local media content of the first media message; when the encrypted auxiliary information is located in a message header of the first or second media message, the encrypted auxiliary information further includes the encrypted media content Tag information:
  • the media message processing module is further configured to: when the encrypted auxiliary information is transferred from a Content header of the corresponding encrypted media content in the message body of the first media message to a message header of the second media message, if the encrypted media does not include The identification information is added to the content of the corresponding encrypted media content or the identification information of the segment in the encryption auxiliary information.
  • the encryption auxiliary information is located in a message header of the first media message, and the media message processing module is further configured to:
  • the message body transfers the encrypted auxiliary information to a content head of a corresponding encrypted media content in the second media message.
  • the encryption auxiliary information is located in a content header of the first media message, where the encrypted media content is located, and the media message processing module is further configured to:
  • the first media message and the second media message are Multi-Function Internet Mail Extensions (MIME) messages or Multimedia Information Service (MMS) messages.
  • MIME Multi-Function Internet Mail Extensions
  • MMS Multimedia Information Service
  • the media message processing method and the gateway device in the embodiment of the present invention carry the encrypted auxiliary information and the encrypted media content in the media message, and are extracted and transferred by the gateway device, so that the encryption of the local media is still ensured when the different services are intercommunicated.
  • FIG. 1 is a schematic diagram of an embodiment of a media message processing method of the present invention
  • FIG. 2 is a block diagram showing the structure of a gateway device of the present invention.
  • the main idea of the media message processing method and the gateway device of the present invention is to provide a conversion processing method between two different formats of media messages carrying the encrypted media content, so as to ensure the encryption of the local media when different services are interworked.
  • the media message processing method of the present invention includes:
  • Step 101 The gateway device receives a first media message, where the first media message carries the encrypted auxiliary information and the encrypted media content.
  • the specific content of the encrypted auxiliary information may be flexibly set according to the encryption mechanism and the encryption information negotiation mechanism, such as the encryption auxiliary information including the encryption algorithm and/or the key information.
  • the encrypted media content is the local media content of the entire first media message.
  • the local content may be a certain type of media content set by the system or media content of a specific location.
  • the encrypted auxiliary information may further include marking information of the encrypted media content.
  • the identification information referred to in the present invention should be an identifier that uniquely identifies the encrypted media content.
  • the gateway determines that the message carries the locally encrypted media content by the following method:
  • the message header carries the relevant encryption auxiliary information field, for example, the encryption algorithm, the identifier of the encrypted media content, and the key information.
  • the content header of each content of the message is checked one by one, and the related encryption auxiliary information field is carried, for example, including an encryption algorithm and key information.
  • Step 102 The gateway device converts the first media message into a second media message of a different format, including extracting and transferring each encrypted media content in the first media message, and encrypting auxiliary information.
  • the encryption assistance information may be located in the message header of the media message or in the Content header of the corresponding media content (ie, the subheader of the media message). There are two situations depending on the location of the encryption assistance information in the first media message:
  • Case 1 encrypting the auxiliary information in the message header of the first media message
  • the gateway device extracts the encrypted auxiliary information and the encrypted media content in the first media message And extracting the encrypted auxiliary information from a message header of the first media message, extracting the encrypted media content from a message body of the first media message; and after extracting the information, transferring the encrypted media content to the a message body of the second media message, transferring the encrypted auxiliary information to a message header of the second media message; or transferring the encrypted media content to a message body of the second media message, the encrypted auxiliary information Transfer to the content of the corresponding encrypted media content in the second media message or the header of the segment.
  • Case 2 encrypting the auxiliary information in the message subheader of the message body of the first media message, the gateway device extracts the encrypted auxiliary information from the header of the content of the encrypted media content in the first media message, from the first The message body of a media message extracts the encrypted media content; after extracting the information, transferring the encrypted media content to the message body of the second media message, and transferring the encrypted auxiliary information to the corresponding encrypted media content in the second media message Or located in the Content header; or, transferring the encrypted media content to the message body of the second media message, and transferring the encrypted auxiliary information to the message header of the second media message.
  • the source of the encrypted media content is local media content
  • the content of the encrypted media content corresponding to the encrypted auxiliary information or the identification information of the segment is local media content
  • the identification information may not be included, and the marking information of the encrypted media content is included only when the encryption auxiliary information is located in the message header of the media message.
  • the gateway device transfers the encrypted auxiliary information, it can be specifically divided into three situations:
  • the encrypted auxiliary information does not need to be modified, and the encrypted auxiliary information in the header of the first and second media messages includes the media.
  • the content of the content or the identification information of the segment, that is, the encryption auxiliary information in the header of the first media message and the second media message are the same;
  • the encryption auxiliary information is transferred from the content header of the first media message corresponding to the content of the encrypted media content to the message header of the second media message, if the encrypted auxiliary information does not include the encrypted media identification information, the auxiliary information is encrypted. Adding identification information corresponding to the content (content) or segment of the encrypted media content;
  • the encrypted auxiliary information is from the message body of the first media message, the corresponding encrypted media content is located L
  • the encrypted auxiliary information is transferred to the MMS header (Header); or, if the encrypted auxiliary information corresponds to some or some of the locally encrypted media content, the encrypted auxiliary information may also be transferred
  • the gateway device may also transfer the encrypted auxiliary information to the head of the MMS, and then add the identification information of the corresponding encrypted media content in the encrypted auxiliary information.
  • the present invention uses MIME message and MMS interworking as an embodiment, the present invention is applicable to any "local encryption transfer" in both services when it is interoperable.
  • the first media message and the second media message of the present invention are MIME or MMS messages as specific embodiments, but the method of the present invention has generality, and is slightly modified, and is applicable to the first media message and the second media message being MMS or MIME messages. .
  • the present invention further provides a gateway device.
  • the gateway device includes:
  • a media message receiving module configured to receive a first media message, where the first media message carries encrypted auxiliary information and one or more encrypted media content, where the encrypted auxiliary information includes an algorithm or key information;
  • a media message processing module configured to convert the first media message into a second media message of a different format, including extracting and transferring the encrypted auxiliary information and the respective encrypted media content in the first media message;
  • the encryption auxiliary information may be located in a message header of the first media message or the second media message, or located in a content header of the corresponding encrypted media content in the first media message or the second media message.
  • the encrypted media content is local media content of the first media message; the encrypted auxiliary information further includes tag information of the encrypted media content.
  • the encrypted auxiliary information when the encryption auxiliary information is located in a message header of the first or second media message, the encrypted auxiliary information includes the tag information of the encrypted media content, where:
  • the media message processing module transfers the encrypted auxiliary information from the message header of the first media message to the message header of the second media message, or encrypts the auxiliary information from the corresponding encrypted media content in the message body of the first media message
  • the encrypted auxiliary information before and after the transfer is the same;
  • the media message processing module transfers the encrypted auxiliary information from the message header of the first media message to the content header of the corresponding encrypted media content in the message body of the second media message, the encrypted auxiliary information may be removed. Encrypting the content (content) or segment identification information of the media content;
  • the media message processing module transfers the encrypted auxiliary information from the Content header of the corresponding encrypted media content in the message body of the first media message to the message header of the second media message, the corresponding encrypted media content is added to the encrypted auxiliary information.
  • the encryption auxiliary information is located in a message header of the first media message, and the media message processing module is further configured to:
  • the message body transfers the encrypted auxiliary information to a content head of a corresponding encrypted media content in the second media message.
  • the encryption assistance information is located in a Content header of the first media message where the encrypted media content is located, and the media message processing module is further configured to: Extracting, by the content header of the first media message, the encrypted auxiliary information, and extracting the encrypted media content from a message body of the first media message;
  • the first media message and the second media message are MIME messages or MMS messages.
  • the media message processing method and the gateway device carry the encrypted auxiliary information and the encrypted media content in the media message, and are extracted and transferred by the gateway device, so as to ensure the encryption of the local media when interworking between different services. Sex.

Abstract

The present invention relates to a method and gateway device for handling a media message security mechanism. The method comprises: the gateway device receiving a first media message, the first media message having attached thereto encryption support information and one or multiple encrypted media contents, the encryption support information comprising an encryption algorithm and/or key information; the gateway device converting the first media message into a second media message of a different format, comprising the extraction and transfer of the encryption support information in the first media message and of each encrypted media content; and the gateway device transmitting the second media message. The method and gateway device for handling the media message of the present invention ensure the security of partially encrypted media when different services are in communication.

Description

媒体消息安全机制的处理方法和网关设备  Media message security mechanism processing method and gateway device
技术领域 Technical field
本发明涉及通信领域, 尤其涉及一种媒体消息安全机制转移的处理方法 和网关设备。  The present invention relates to the field of communications, and in particular, to a processing method and a gateway device for transferring a media message security mechanism.
背景技术 Background technique
MIME ( Multipurpose Internet Mail Extensions, 多功能网际邮件扩充协议 ) 被广泛地应用于多媒体消息编码中, 如(移动) 电子邮件、 即时消息、 彩信 (网络侧 ) 。  MIME (Multipurpose Internet Mail Extensions) is widely used in multimedia message encoding, such as (mobile) email, instant messaging, and multimedia messaging (network side).
MIME多媒体消息通常包含多个媒体内容, 有时, 某些媒体内容是非常 重要而敏感的内容 (比如涉及到个人隐私或秘密的文本或者图片),为防止敏感 内容被非授权对象获悉, 可以对媒体消息实施加密。 但在某些情况下, 媒体 内容较多影响加密和解密速度, 尤其在资源有限的手机终端上进行加密和解 密, 会影响用户体验, 为解决这个问题, 可以针对 MIME某个或某些媒体内 容进行加密 , 而不需要针对整个消息加密。 在实际应用中 , MIME编码的媒 体消息, 如即时消息等, 往往会与其他编码格式的消息进行互通, 当消息产 生互通时, 如果媒体消息含有局部加密的媒体内容, 目前还未有技术方案解 决加密的局部媒体的转移, 在不同业务互通时无法保证局部加密媒体的安全 性。  MIME multimedia messages usually contain multiple media content. Sometimes, some media content is very important and sensitive content (such as text or pictures involving personal privacy or secrets). To prevent sensitive content from being notified by unauthorized parties, the media can be The message is encrypted. However, in some cases, media content has more impact on encryption and decryption speed, especially encryption and decryption on mobile phone terminals with limited resources, which will affect the user experience. To solve this problem, one or some media content may be targeted to MIME. Encryption is done without encrypting the entire message. In practical applications, MIME-encoded media messages, such as instant messages, often communicate with other encoding formats. When the messages are interworked, if the media messages contain locally encrypted media content, there is no technical solution yet. The transfer of encrypted local media cannot guarantee the security of the local encrypted media when different services are interworked.
发明内容 Summary of the invention
本发明要解决的技术问题是提供一种媒体消息处理方法和网关设备, 以 解决在不同业务互通时局部加密媒体的安全性得不到保障的问题。  The technical problem to be solved by the present invention is to provide a media message processing method and a gateway device to solve the problem that the security of the local encrypted media cannot be guaranteed when interworking between different services.
为解决以上技术问题, 本发明提供一种媒体消息处理方法, 该方法包括: 网关设备接收第一媒体消息, 该第一媒体消息携带加密辅助信息及一个 或多个加密媒体内容, 所述加密辅助信息包括加密算法和 /或密钥信息;  To solve the above technical problem, the present invention provides a media message processing method, the method comprising: a gateway device receiving a first media message, the first media message carrying encrypted auxiliary information and one or more encrypted media content, the encryption assistance The information includes an encryption algorithm and/or key information;
所述网关设备将所述第一媒体消息转换为不同格式的第二媒体消息, 包 括提取并转移所述第一媒体消息中的加密辅助信息及各个加密媒体内容; 所述网关设备发送所述第二媒体消息。 Translating, by the gateway device, the first media message into a second media message in a different format, where And extracting and transferring the encrypted auxiliary information and the respective encrypted media content in the first media message; the gateway device sends the second media message.
优选地, 所述加密辅助信息位于所述第一媒体消息的消息头, 所述网关 设备提取所述第一媒体消息中的加密辅助信息及加密媒体内容指, 从所述第 一媒体消息的消息头提取所述加密辅助信息, 从所述第一媒体消息的消息体 提取所述加密媒体内容; 所述网关设备转移所述第一媒体消息中的加密辅助 信息及加密媒体内容指, 将所述加密媒体内容转移到所述第二媒体消息的消 息体, 将所述加密辅助信息转移到第二媒体消息的消息头; 或者, 将所述加 密媒体内容转移到所述第二媒体消息的消息体, 将所述加密辅助信息转移到 第二媒体消息中的对应的加密媒体内容所在内容( content ) 头部。  Preferably, the encryption auxiliary information is located in a message header of the first media message, and the gateway device extracts the encrypted auxiliary information and the encrypted media content in the first media message, and the message from the first media message Extracting, by the header, the encrypted auxiliary information, extracting the encrypted media content from a message body of the first media message; the gateway device transferring the encrypted auxiliary information and the encrypted media content finger in the first media message, Transmitting the encrypted media content to the message body of the second media message, transferring the encrypted auxiliary information to a message header of the second media message; or transferring the encrypted media content to the message body of the second media message And transferring the encrypted auxiliary information to a content head of a corresponding encrypted media content in the second media message.
优选地, 所述加密辅助信息位于所述第一媒体消息中所述加密媒体内容 所在 Content头部,所述网关设备提取所述第一媒体消息中的加密辅助信息及 加密媒体内容指,从所述第一媒体消息中所述加密媒体内容所在 Content头部 提取加密辅助信息, 从所述第一媒体消息的消息体提取所述加密媒体内容; 所述网关设备转移所述第一媒体消息中的加密辅助信息及加密媒体内容指, 将所述加密媒体内容转移到所述第二媒体消息的消息体, 将所述加密辅助信 息转移到第二媒体消息中对应的加密媒体内容所在 Content头部; 或者,将所 述加密媒体内容转移到所述第二媒体消息的消息体, 将所述加密辅助信息转 移到第二媒体消息的消息头。 优选地, 所述加密媒体内容是所述第一媒体消息的局部媒体内容; 所述 加密辅助信息还包括所述加密媒体内容的标记信息。  Preferably, the encryption auxiliary information is located in a Content header of the first media message, where the encrypted media content is located, and the gateway device extracts the encrypted auxiliary information and the encrypted media content reference in the first media message. Extracting the encrypted auxiliary information from the content header of the encrypted media content in the first media message, extracting the encrypted media content from the message body of the first media message; and the gateway device transferring the first media message Encrypting the auxiliary information and the encrypted media content, transferring the encrypted media content to the message body of the second media message, and transferring the encrypted auxiliary information to a Content header of the corresponding encrypted media content in the second media message; Or transferring the encrypted media content to a message body of the second media message, and transferring the encrypted auxiliary information to a message header of the second media message. Preferably, the encrypted media content is local media content of the first media message; and the encrypted auxiliary information further includes tag information of the encrypted media content.
优选地, 所述加密媒体内容是所述第一媒体消息的局部媒体内容; 所述 加密辅助信息位于媒体消息的消息头时, 所述加密辅助信息还包括所述加密 媒体内容的标记信息, 其中:  Preferably, the encrypted media content is local media content of the first media message; when the encrypted auxiliary information is located in a message header of the media message, the encrypted auxiliary information further includes tag information of the encrypted media content, where :
将所述加密辅助信息从第一媒体消息的消息头转移到第二媒体消息的消 息头时, 或, 将加密辅助信息从第一媒体消息的消息体中对应媒体内容所在 Content头部转移到第二媒体消息的对应加密媒体内容所在 Content头部时, 转移前后的加密辅助信息相同; 将加密辅助信息从第一媒体消息的消息体中对应媒体内容所在 Content 或段的头部转移到第二媒体消息的消息头时, 如果所述加密媒体不包含标识 信息, 在加密辅助信息中增加对应加密媒体内容所在内容(content )或段的 标识信息。 优选地, 所述第一媒体消息和第二媒体消息为多功能网际邮件扩充When the encryption auxiliary information is transferred from the message header of the first media message to the message header of the second media message, or the encrypted auxiliary information is transferred from the content header of the corresponding media content in the message body of the first media message to the first When the corresponding media content of the second media message is located in the Content header of the encrypted media content, the encrypted auxiliary information before and after the transfer is the same; When the encryption auxiliary information is transferred from the header of the Content or segment of the corresponding media content in the message body of the first media message to the message header of the second media message, if the encrypted media does not contain the identification information, the encryption auxiliary information is added. Corresponding to the content (content) or segment identification information of the encrypted media content. Preferably, the first media message and the second media message are multi-function internet mail extensions
( MIME ) 消息或多媒体信息服务(MMS ) 消息。 (MIME) message or multimedia information service (MMS) message.
为解决以上技术问题, 本发明还提供了一种网关设备, 该网关设备包括: 媒体消息接收模块, 其设置为: 接收第一媒体消息, 该第一媒体消息携 带加密辅助信息及一个或多个加密媒体内容, 所述加密辅助信息包括算法或 密钥信息;  To solve the above technical problem, the present invention further provides a gateway device, where the gateway device includes: a media message receiving module, configured to: receive a first media message, where the first media message carries the encrypted auxiliary information and one or more Encrypting media content, the encryption assistance information comprising an algorithm or key information;
媒体消息处理模块, 其设置为: 将所述第一媒体消息转换为不同格式的 第二媒体消息, 包括提取并转移所述第一媒体消息中的加密辅助信息及各个 加密媒体内容; 媒体消息发送模块, 其设置为: 发送所述第二媒体消息。  a media message processing module, configured to: convert the first media message into a second media message of a different format, including extracting and transferring the encrypted auxiliary information in the first media message and each encrypted media content; a module, configured to: send the second media message.
优选地,所述加密辅助信息位于第一媒体消息或第二媒体消息的消息头, 或, 位于第一媒体消息或第二媒体消息中对应的加密媒体内容所在内容 ( content ) 头部。  Preferably, the encryption auxiliary information is located in a message header of the first media message or the second media message, or is located in a content header of the corresponding encrypted media content in the first media message or the second media message.
优选地, 所述加密媒体内容是所述第一媒体消息的局部媒体内容; 所述 加密辅助信息位于第一或第二媒体消息的消息头时, 所述加密辅助信息还包 括所述加密媒体内容的标记信息:  Preferably, the encrypted media content is local media content of the first media message; when the encrypted auxiliary information is located in a message header of the first or second media message, the encrypted auxiliary information further includes the encrypted media content Tag information:
所述媒体消息处理模块还设置为: 将加密辅助信息从第一媒体消息的消 息体中对应的加密媒体内容所在 Content头部转移到第二媒体消息的消息头 时, 如果所述加密媒体不包含标识信息, 在加密辅助信息中增加对应的加密 媒体内容所在内容(content )或段的标识信息。  The media message processing module is further configured to: when the encrypted auxiliary information is transferred from a Content header of the corresponding encrypted media content in the message body of the first media message to a message header of the second media message, if the encrypted media does not include The identification information is added to the content of the corresponding encrypted media content or the identification information of the segment in the encryption auxiliary information.
优选地, 所述加密辅助信息位于所述第一媒体消息的消息头, 所述媒体 消息处理模块还设置为:  Preferably, the encryption auxiliary information is located in a message header of the first media message, and the media message processing module is further configured to:
从所述第一媒体消息的消息头提取所述加密辅助信息 , 从所述第一媒体 消息的消息体提取所述加密媒体内容; 将所述加密媒体内容转移到所述第二媒体消息的消息体, 将所述加密辅 助信息转移到第二媒体消息的消息头; 或者, 将所述加密媒体内容转移到所 述第二媒体消息的消息体, 将所述加密辅助信息转移到第二媒体消息中的对 应的加密媒体内容所在内容( content ) 头部。 Extracting the encrypted auxiliary information from a message header of the first media message, and extracting the encrypted media content from a message body of the first media message; Transferring the encrypted media content to a message body of the second media message, transferring the encrypted auxiliary information to a message header of the second media message; or transferring the encrypted media content to the second media message The message body transfers the encrypted auxiliary information to a content head of a corresponding encrypted media content in the second media message.
优选地, 所述加密辅助信息位于所述第一媒体消息中所述加密媒体内容 所在 Content头部, 所述媒体消息处理模块还设置为:  Preferably, the encryption auxiliary information is located in a content header of the first media message, where the encrypted media content is located, and the media message processing module is further configured to:
从所述第一媒体消息中所述加密媒体内容所在 Content头部提取加密辅 助信息, 从所述第一媒体消息的消息体提取所述加密媒体内容;  Extracting, by the content header of the first media message, the encrypted auxiliary information, and extracting the encrypted media content from a message body of the first media message;
将所述加密媒体内容转移到所述第二媒体消息的消息体, 将所述加密辅 助信息转移到第二媒体消息中对应的加密媒体内容所在 Content头部; 或者, 将所述加密媒体内容转移到所述第二媒体消息的消息体, 将所述加密辅助信 息转移到第二媒体消息的消息头。  Transferring the encrypted media content to the message body of the second media message, and transferring the encrypted auxiliary information to a Content header of the corresponding encrypted media content in the second media message; or transferring the encrypted media content And to the message body of the second media message, transferring the encrypted auxiliary information to a message header of the second media message.
优选地, 所述第一媒体消息和第二媒体消息为多功能网际邮件扩充 ( MIME ) 消息或多媒体信息服务(MMS ) 消息。  Preferably, the first media message and the second media message are Multi-Function Internet Mail Extensions (MIME) messages or Multimedia Information Service (MMS) messages.
本发明实施例媒体消息处理方法和网关设备在媒体消息中携带加密辅助 信息和加密媒体内容, 并通过网关设备的提取并转移, 实现了以在不同业务 互通时仍然保证局部媒体的加密性。 The media message processing method and the gateway device in the embodiment of the present invention carry the encrypted auxiliary information and the encrypted media content in the media message, and are extracted and transferred by the gateway device, so that the encryption of the local media is still ensured when the different services are intercommunicated.
附图概述 BRIEF abstract
图 1是本发明媒体消息处理方法实施例的示意图;  1 is a schematic diagram of an embodiment of a media message processing method of the present invention;
图 2是本发明网关设备的模块结构示意图。  2 is a block diagram showing the structure of a gateway device of the present invention.
本发明的较佳实施方式 Preferred embodiment of the invention
本发明媒体消息处理方法和网关设备的主要思想是提供一种携带加密媒 体内容的两种不同格式的媒体消息之间的转换处理方法, 用以在不同业务互 通时仍然保证局部媒体的加密性。  The main idea of the media message processing method and the gateway device of the present invention is to provide a conversion processing method between two different formats of media messages carrying the encrypted media content, so as to ensure the encryption of the local media when different services are interworked.
下文中将结合附图对本发明的实施例进行详细说明。 需要说明的是, 在 不冲突的情况下, 本申请中的实施例及实施例中的特征可以相互组合。 Embodiments of the present invention will be described in detail below with reference to the accompanying drawings. It should be noted that In the case of no conflict, the embodiments in the present application and the features in the embodiments may be combined with each other.
如图 1所示, 本发明媒体消息处理方法包括:  As shown in FIG. 1, the media message processing method of the present invention includes:
步骤 101 : 网关设备接收第一媒体消息, 该第一媒体消息携带加密辅助 信息及加密媒体内容;  Step 101: The gateway device receives a first media message, where the first media message carries the encrypted auxiliary information and the encrypted media content.
根据加密机制及加密信息协商机制的不同, 加密辅助信息的具体内容可 以灵活设置, 如所述加密辅助信息包括加密算法和 /或密钥信息。  The specific content of the encrypted auxiliary information may be flexibly set according to the encryption mechanism and the encryption information negotiation mechanism, such as the encryption auxiliary information including the encryption algorithm and/or the key information.
为了提高加解密速度, 优选地, 加密媒体内容是整个第一媒体消息的局 部媒体内容。 该局部内容可以是系统设置的某一特定类型的媒体内容或特定 位置的媒体内容, 优选地, 在加密媒体内容不特定的情况下, 加密辅助信息 还可以包括所述加密媒体内容的标记信息, 本发明所说的标识信息应该是能 唯一标识该加密媒体内容的标识。 网关设备接收第一媒体消息后 , 需要先判断第一媒体消息是否携带一个 或多个加密媒体内容,判断出第一媒体消息携带一个或多个加密媒体内容后, 还需要判断是否携带接收方用来解密的加密辅助信息, 如加密算法和密钥信 息等;  In order to increase the encryption and decryption speed, preferably, the encrypted media content is the local media content of the entire first media message. The local content may be a certain type of media content set by the system or media content of a specific location. Preferably, if the encrypted media content is not specific, the encrypted auxiliary information may further include marking information of the encrypted media content. The identification information referred to in the present invention should be an identifier that uniquely identifies the encrypted media content. After receiving the first media message, the gateway device needs to determine whether the first media message carries one or more encrypted media content, and determines that the first media message carries one or more encrypted media content, and then needs to determine whether to carry the receiver. Encrypted auxiliary information to decrypt, such as encryption algorithm and key information;
网关通过以下方法判断该消息携带局部加密媒体内容:  The gateway determines that the message carries the locally encrypted media content by the following method:
方法一, 通过检查消息头中是否携带相关加密辅助信息字段, 如, 包含 加密算法、 加密媒体内容的标识以及密钥信息。  In the first method, it is checked whether the message header carries the relevant encryption auxiliary information field, for example, the encryption algorithm, the identifier of the encrypted media content, and the key information.
方法二, 通过逐一检查消息的各个媒体内容所在内容( content )子头部, 是否携带相关加密辅助信息字段, 如, 包含加密算法、 及密钥信息。  In the second method, the content header of each content of the message is checked one by one, and the related encryption auxiliary information field is carried, for example, including an encryption algorithm and key information.
步骤 102: 所述网关设备将所述第一媒体消息转换为不同格式的第二媒 体消息, 包括提取并转移所述第一媒体消息中的各个加密媒体内容, 以及加 密辅助信息;  Step 102: The gateway device converts the first media message into a second media message of a different format, including extracting and transferring each encrypted media content in the first media message, and encrypting auxiliary information.
加密辅助信息可以位于媒体消息的消息头或位于对应的媒体内容所在 Content头部(即媒体消息的子头部), 根据加密辅助信息在第一媒体消息中 的位置的不同有以下两种情形:  The encryption assistance information may be located in the message header of the media message or in the Content header of the corresponding media content (ie, the subheader of the media message). There are two situations depending on the location of the encryption assistance information in the first media message:
情形一: 加密辅助信息在第一媒体消息的消息头;  Case 1: encrypting the auxiliary information in the message header of the first media message;
所述网关设备提取所述第一媒体消息中的加密辅助信息及加密媒体内容 指, 从所述第一媒体消息的消息头提取所述加密辅助信息, 从所述第一媒体 消息的消息体提取所述加密媒体内容; 提取信息后, 将所述加密媒体内容转 移到所述第二媒体消息的消息体, 将所述加密辅助信息转移到第二媒体消息 的消息头; 或者, 将所述加密媒体内容转移到所述第二媒体消息的消息体, 将所述加密辅助信息转移到第二媒体消息中的对应的加密媒体内容所在内容 ( content )或段的头部。 The gateway device extracts the encrypted auxiliary information and the encrypted media content in the first media message And extracting the encrypted auxiliary information from a message header of the first media message, extracting the encrypted media content from a message body of the first media message; and after extracting the information, transferring the encrypted media content to the a message body of the second media message, transferring the encrypted auxiliary information to a message header of the second media message; or transferring the encrypted media content to a message body of the second media message, the encrypted auxiliary information Transfer to the content of the corresponding encrypted media content in the second media message or the header of the segment.
情形二: 加密辅助信息在第一媒体消息的消息体的消息子头部 所述网关设备从所述第一媒体消息中所述加密媒体内容所在 Content 的 头部提取加密辅助信息, 从所述第一媒体消息的消息体提取加密媒体内容; 提取信息后, 将各个加密媒体内容转移到所述第二媒体消息的消息体, 将所 述加密辅助信息转移到第二媒体消息中对应的加密媒体内容所在 Content头 部; 或者, 将各个加密媒体内容转移到所述第二媒体消息的消息体, 将所述 加密辅助信息转移到第二媒体消息的消息头。  Case 2: encrypting the auxiliary information in the message subheader of the message body of the first media message, the gateway device extracts the encrypted auxiliary information from the header of the content of the encrypted media content in the first media message, from the first The message body of a media message extracts the encrypted media content; after extracting the information, transferring the encrypted media content to the message body of the second media message, and transferring the encrypted auxiliary information to the corresponding encrypted media content in the second media message Or located in the Content header; or, transferring the encrypted media content to the message body of the second media message, and transferring the encrypted auxiliary information to the message header of the second media message.
所述加密媒体内容的来源为局部媒体内容时, 所述加密辅助信息对应的 加密媒体内容所在的内容( content )或段的标识信息。  When the source of the encrypted media content is local media content, the content of the encrypted media content corresponding to the encrypted auxiliary information or the identification information of the segment.
优选地, 当加密辅助信息位于对应加密媒体内容所在 Content头部时,可 以不包括该标识信息, 仅在加密辅助信息位于媒体消息的消息头时, 包括所 述加密媒体内容的标记信息。 所述网关设备转移所加密辅助信息时, 具体可 分为三种情形:  Preferably, when the encryption auxiliary information is located in the Content header of the corresponding encrypted media content, the identification information may not be included, and the marking information of the encrypted media content is included only when the encryption auxiliary information is located in the message header of the media message. When the gateway device transfers the encrypted auxiliary information, it can be specifically divided into three situations:
若将加密辅助信息从第一媒体消息的消息头转移到第二媒体消息的消息 头, 则加密辅助信息不需要改动, 第一、 第二媒体消息的消息头中的加密辅 助信息中均包括媒体内容所在内容(content )或段的标识信息, 即第一媒体 消息和第二媒体消息的消息头中的加密辅助信息相同;  If the encryption auxiliary information is transferred from the message header of the first media message to the message header of the second media message, the encrypted auxiliary information does not need to be modified, and the encrypted auxiliary information in the header of the first and second media messages includes the media. The content of the content or the identification information of the segment, that is, the encryption auxiliary information in the header of the first media message and the second media message are the same;
若将加密辅助信息从第一媒体消息的消息体中对应加密媒体内容所在 Content头部转移到第二媒体消息的消息头,如果所述加密辅助信息不包含加 密媒体标识信息, 则在加密辅助信息中增加对应加密媒体内容所在内容 ( content )或段的标识信息;  If the encryption auxiliary information is transferred from the content header of the first media message corresponding to the content of the encrypted media content to the message header of the second media message, if the encrypted auxiliary information does not include the encrypted media identification information, the auxiliary information is encrypted. Adding identification information corresponding to the content (content) or segment of the encrypted media content;
若将加密辅助信息从第一媒体消息的消息体中对应加密媒体内容所在 L If the encrypted auxiliary information is from the message body of the first media message, the corresponding encrypted media content is located L
。靠. by
'^ 去靠 暴。 ^ '^ 骅暴。 彩 '^ Go to violence. ^ '^ 骅暴. color
- 1 aqd9 19l8Z8PbiJOPsaVlNS6rrqi3u zoqoioioo^9uraiA 69]A[aNAiz.q¾-iqSs5t A¾5[awo i£5pt+i+/ i8znNAAiHxicKq 90工 i xqxf) θοηιννννην
Figure imgf000009_0002
- 1 aqd9 19l8Z8PbiJOPsaVlNS6rrqi3u zoqoioioo^9uraiA 69]A[aNAiz.q3⁄4-iqSs5t A3⁄45[aw o i£5pt+i+/ i8znNAAiHxicKq 90工i xqxf) θοηιννννην
Figure imgf000009_0002
。翁#翁 n 暴 . oooo c ^ 号 .翁#翁n暴. oooo c ^
° οοοο4=αι ^ H暴。 ^ ° οοοο 4 =αι ^ H storm. ^
<0000>=V^}^ - ΐ aqd9 i9i8Z8pbiJopsaviNS6rrqi3u zoqoioioo^9uraiA 69]A[aNAiz.q¾-iqSs5t A¾5[awo i£5pt+i+/ i8znNAAiHxicKq 90工 i xqxf) θοηιννννην ς \
Figure imgf000009_0003
<0000>=V^}^ - ΐ aqd9 i9i8Z8pbiJopsaviNS6rrqi3u zoqoioioo^9uraiA 69]A[aNAiz.q3⁄4-iqSs5t A3⁄45[aw o i£5pt+i+/ i8znNAAiHxicKq 90工i xqxf) θοηιννννην ς \
Figure imgf000009_0003
'f 丄。 f ' %' -η^ [ί^^ ^ Υί -— ^ 'f 丄. f '%' -η^ [ ί^^ ^ Υί -— ^
° '^暴 ^ 寻 ^  ° '^暴 ^ Find ^
ψ ^ ^mw擁 善 ' ^ 讲 svm ' ^ ^mw ^ 脊 o \ψ ^ ^mw 善善 ' ^ Speak svm ' ^ ^mw ^ 脊 o \
-^^ 'ί' ¾ 讲 SMM 讲 翁善 -^^ 'ί' 3⁄4 SMM talk Weng Shan
翁 暴 ? ^
Figure imgf000009_0004
Η- ( ) (sv Weng storm? ^
Figure imgf000009_0004
Η- ( ) (sv
°[§1畔 '^ 骅暴 ^
Figure imgf000009_0005
H暴。 孚 °[§1畔'^ 骅暴^
Figure imgf000009_0005
H storm. Fu
骅暴。 去 ^  Hurricane. Go to ^
0SZ0.0/ZT0ZN3/X3d Z OAV 助信息的转移, 具体方法如下: 0SZ0.0/ZT0ZN3/X3d Z OAV The transfer of information is as follows:
如果 MIME头中包含加密辅助信息, 则将该加密辅助信息转移到 MMS 头 (Header ) 中; 或者, 如果该加密辅助信息对应某个或某些局部加密媒体 内容, 则也可以将加密辅助信息转移到 MMS 中对应的一个或多个加密媒体 内容所在内容(content )或段的头部 (即媒体消息的子头部)。  If the MIME header contains the encryption auxiliary information, the encrypted auxiliary information is transferred to the MMS header (Header); or, if the encrypted auxiliary information corresponds to some or some of the locally encrypted media content, the encrypted auxiliary information may also be transferred The content (content) or the header of the segment (ie, the subheader of the media message) of the corresponding one or more encrypted media contents in the MMS.
如果 MIME消息中的某个(某些)加密媒体内容所在内容(content ) 头 部包含加密辅助信息, 则将加密辅助信息转移到 MMS 中对应的一个或多个 加密媒体内容的所在内容(content ) 头部, 如果仅含有一个加密媒体内容, 则网关设备也可以将加密辅助信息转移到 MMS 的头部, 再在加密辅助信息 中增加对应的加密媒体内容的标识信息。 以上描述了 MIME消息转为 MMS格式消息时, 加密辅助转移的具体办 法 , 反之 , 如果从 MMS消息转化为 MIME消息时 , 方法相同。  If the content (content) header of the (some) encrypted media content in the MIME message contains the encrypted auxiliary information, the encrypted auxiliary information is transferred to the content of the corresponding one or more encrypted media contents in the MMS (content) In the header, if only one encrypted media content is included, the gateway device may also transfer the encrypted auxiliary information to the head of the MMS, and then add the identification information of the corresponding encrypted media content in the encrypted auxiliary information. The above describes the specific method of encrypting the auxiliary transfer when the MIME message is converted to the MMS format message. Conversely, if the MMS message is converted to the MIME message, the method is the same.
虽然本发明以 MIME消息和 MMS互通为实施例, 但本发明适用于任何 业务互通时, 保证在这两种业务中实现 "局部加密转移" 。 Although the present invention uses MIME message and MMS interworking as an embodiment, the present invention is applicable to any "local encryption transfer" in both services when it is interoperable.
本发明第一媒体消息和第二媒体消息为 MIME或 MMS消息为具体实施 例, 但本发明方法具有一般性, 稍加变通, 则适用于第一媒体消息和第二媒 体消息为 MMS或 MIME消息。  The first media message and the second media message of the present invention are MIME or MMS messages as specific embodiments, but the method of the present invention has generality, and is slightly modified, and is applicable to the first media message and the second media message being MMS or MIME messages. .
为实现以上方法, 本发明还提供了一种网关设备, 如图 2所示, 该网关 设备包括:  To implement the above method, the present invention further provides a gateway device. As shown in FIG. 2, the gateway device includes:
媒体消息接收模块, 用于接收第一媒体消息, 该第一媒体消息携带加密 辅助信息及一个或多个加密媒体内容, 所述加密辅助信息包括算法或密钥信 息;  a media message receiving module, configured to receive a first media message, where the first media message carries encrypted auxiliary information and one or more encrypted media content, where the encrypted auxiliary information includes an algorithm or key information;
媒体消息处理模块, 用于将所述第一媒体消息转换为不同格式的第二媒 体消息, 包括提取并转移所述第一媒体消息中的加密辅助信息及各个加密媒 体内容;  a media message processing module, configured to convert the first media message into a second media message of a different format, including extracting and transferring the encrypted auxiliary information and the respective encrypted media content in the first media message;
媒体消息发送模块, 用于发送所述第二媒体消息。 所述加密辅助信息可以位于第一媒体消息或第二媒体消息的消息头,或, 位于第一媒体消息或第二媒体消息中对应的加密媒体内容所在内容( content ) 头部。 a media message sending module, configured to send the second media message. The encryption auxiliary information may be located in a message header of the first media message or the second media message, or located in a content header of the corresponding encrypted media content in the first media message or the second media message.
所述加密媒体内容是所述第一媒体消息的局部媒体内容; 所述加密辅助 信息还包括所述加密媒体内容的标记信息。  The encrypted media content is local media content of the first media message; the encrypted auxiliary information further includes tag information of the encrypted media content.
优选地, 所述加密辅助信息位于第一或第二媒体消息的消息头时, 所述 加密辅助信息才包括所述加密媒体内容的标记信息, 其中:  Preferably, when the encryption auxiliary information is located in a message header of the first or second media message, the encrypted auxiliary information includes the tag information of the encrypted media content, where:
所述媒体消息处理模块将所述加密辅助信息从第一媒体消息的消息头转 移到第二媒体消息的消息头时, 或将加密辅助信息从第一媒体消息的消息体 中对应的加密媒体内容所在 Content头部转移到第二媒体消息的对应的加密 媒体内容所在 Content头部时, 转移前后的加密辅助信息相同;  When the media message processing module transfers the encrypted auxiliary information from the message header of the first media message to the message header of the second media message, or encrypts the auxiliary information from the corresponding encrypted media content in the message body of the first media message When the Content header is transferred to the Content header of the corresponding encrypted media content of the second media message, the encrypted auxiliary information before and after the transfer is the same;
所述媒体消息处理模块将所述加密辅助信息从第一媒体消息的消息头转 移到第二媒体消息的消息体中对应的加密媒体内容所在 Content头部时,则可 以去除所述加密辅助信息中加密媒体内容所在内容(content )或段的标识信 息;  When the media message processing module transfers the encrypted auxiliary information from the message header of the first media message to the content header of the corresponding encrypted media content in the message body of the second media message, the encrypted auxiliary information may be removed. Encrypting the content (content) or segment identification information of the media content;
所述媒体消息处理模块将加密辅助信息从第一媒体消息的消息体中对应 的加密媒体内容所在 Content头部转移到第二媒体消息的消息头时,在加密辅 助信息中增加对应的加密媒体内容所在内容(content )或段的标识信息。  When the media message processing module transfers the encrypted auxiliary information from the Content header of the corresponding encrypted media content in the message body of the first media message to the message header of the second media message, the corresponding encrypted media content is added to the encrypted auxiliary information. The identification information of the content (content) or section.
优选地, 所述加密辅助信息位于所述第一媒体消息的消息头, 所述媒体 消息处理模块还设置为:  Preferably, the encryption auxiliary information is located in a message header of the first media message, and the media message processing module is further configured to:
从所述第一媒体消息的消息头提取所述加密辅助信息 , 从所述第一媒体 消息的消息体提取所述加密媒体内容;  Extracting the encrypted auxiliary information from a message header of the first media message, and extracting the encrypted media content from a message body of the first media message;
将所述加密媒体内容转移到所述第二媒体消息的消息体, 将所述加密辅 助信息转移到第二媒体消息的消息头; 或者, 将所述加密媒体内容转移到所 述第二媒体消息的消息体, 将所述加密辅助信息转移到第二媒体消息中的对 应的加密媒体内容所在内容( content ) 头部。  Transferring the encrypted media content to a message body of the second media message, transferring the encrypted auxiliary information to a message header of the second media message; or transferring the encrypted media content to the second media message The message body transfers the encrypted auxiliary information to a content head of a corresponding encrypted media content in the second media message.
优选地, 所述加密辅助信息位于所述第一媒体消息中所述加密媒体内容 所在 Content头部, 所述媒体消息处理模块还设置为: 从所述第一媒体消息中所述加密媒体内容所在 Content头部提取加密辅 助信息, 从所述第一媒体消息的消息体提取所述加密媒体内容; Preferably, the encryption assistance information is located in a Content header of the first media message where the encrypted media content is located, and the media message processing module is further configured to: Extracting, by the content header of the first media message, the encrypted auxiliary information, and extracting the encrypted media content from a message body of the first media message;
将所述加密媒体内容转移到所述第二媒体消息的消息体, 将所述加密辅 助信息转移到第二媒体消息中对应的加密媒体内容所在 Content头部; 或者, 将所述加密媒体内容转移到所述第二媒体消息的消息体, 将所述加密辅助信 息转移到第二媒体消息的消息头。  Transferring the encrypted media content to the message body of the second media message, and transferring the encrypted auxiliary information to a Content header of the corresponding encrypted media content in the second media message; or transferring the encrypted media content And to the message body of the second media message, transferring the encrypted auxiliary information to a message header of the second media message.
所述第一媒体消息和第二媒体消息为 MIME消息或 MMS消息。  The first media message and the second media message are MIME messages or MMS messages.
本领域普通技术人员可以理解上述方法中的全部或部分步骤可通过程序 来指令相关硬件完成, 所述程序可以存储于计算机可读存储介质中, 如只读 存储器、 磁盘或光盘等。 可选地, 上述实施例的全部或部分步骤也可以使用 一个或多个集成电路来实现。 相应地, 上述实施例中的各模块可以釆用硬件 的形式实现, 也可以釆用软件功能模块的形式实现。 本发明不限制于任何特 定形式的硬件和软件的结合。  One of ordinary skill in the art will appreciate that all or a portion of the above steps may be accomplished by a program instructing the associated hardware, such as a read-only memory, a magnetic disk, or an optical disk. Alternatively, all or part of the steps of the above embodiments may also be implemented using one or more integrated circuits. Correspondingly, each module in the foregoing embodiment may be implemented in the form of hardware, or may be implemented in the form of a software function module. The invention is not limited to any specific combination of hardware and software.
工业实用性 本发明实施例媒体消息处理方法和网关设备在媒体消息中携带加密辅助 信息和加密媒体内容, 并通过网关设备的提取并转移, 实现了以在不同业务 互通时仍然保证局部媒体的加密性。 INDUSTRIAL APPLICABILITY The media message processing method and the gateway device carry the encrypted auxiliary information and the encrypted media content in the media message, and are extracted and transferred by the gateway device, so as to ensure the encryption of the local media when interworking between different services. Sex.

Claims

权 利 要 求 书 Claim
1、 一种媒体消息处理方法, 该方法包括: A method for processing a media message, the method comprising:
网关设备接收第一媒体消息, 该第一媒体消息携带加密辅助信息及一个 或多个加密媒体内容, 所述加密辅助信息包括加密算法和 /或密钥信息; 所述网关设备将所述第一媒体消息转换为不同格式的第二媒体消息, 包 括提取并转移所述第一媒体消息中的加密辅助信息及各个加密媒体内容; 所述网关设备发送所述第二媒体消息。  The gateway device receives the first media message, where the first media message carries the encrypted auxiliary information and one or more encrypted media content, the encrypted auxiliary information includes an encryption algorithm and/or key information; the gateway device will be the first Converting the media message into a second media message of a different format, including extracting and transferring the encrypted auxiliary information and the respective encrypted media content in the first media message; the gateway device sending the second media message.
2、 如权利要求 1所述的方法,其中, 所述加密辅助信息位于所述第一媒 体消息的消息头, 所述网关设备提取所述第一媒体消息中的加密辅助信息及 加密媒体内容指, 从所述第一媒体消息的消息头提取所述加密辅助信息, 从 所述第一媒体消息的消息体提取所述加密媒体内容; 所述网关设备转移所述 第一媒体消息中的加密辅助信息及加密媒体内容指, 将所述加密媒体内容转 移到所述第二媒体消息的消息体, 将所述加密辅助信息转移到第二媒体消息 的消息头; 或者, 将所述加密媒体内容转移到所述第二媒体消息的消息体, 将所述加密辅助信息转移到第二媒体消息中的对应的加密媒体内容所在内容 ( content ) 头部。 2. The method according to claim 1, wherein the encryption auxiliary information is located in a message header of the first media message, and the gateway device extracts the encrypted auxiliary information and the encrypted media content identifier in the first media message. Extracting the encrypted auxiliary information from a message header of the first media message, extracting the encrypted media content from a message body of the first media message; and the gateway device transferring the encryption assist in the first media message The information and the encrypted media content are: transferring the encrypted media content to a message body of the second media message, transferring the encrypted auxiliary information to a message header of the second media message; or transferring the encrypted media content And to the message body of the second media message, transferring the encrypted auxiliary information to a content head of a corresponding encrypted media content in the second media message.
3、 如权利要求 1所述的方法,其中, 所述加密辅助信息位于所述第一媒 体消息中所述加密媒体内容所在 Content头部,所述网关设备提取所述第一媒 体消息中的加密辅助信息及加密媒体内容指, 从所述第一媒体消息中所述加 密媒体内容所在 Content头部提取加密辅助信息,从所述第一媒体消息的消息 体提取所述加密媒体内容; 所述网关设备转移所述第一媒体消息中的加密辅 助信息及加密媒体内容指, 将所述加密媒体内容转移到所述第二媒体消息的 消息体, 将所述加密辅助信息转移到第二媒体消息中对应的加密媒体内容所 在 Content头部; 或者,将所述加密媒体内容转移到所述第二媒体消息的消息 体, 将所述加密辅助信息转移到第二媒体消息的消息头。 3. The method of claim 1, wherein the encryption assistance information is located in a Content header of the first media message in which the encrypted media content is located, and the gateway device extracts an encryption in the first media message The auxiliary information and the encrypted media content refer to extracting the encrypted auxiliary information from the Content header of the first media message in the content header of the encrypted media content, and extracting the encrypted media content from the message body of the first media message; Transmitting, by the device, the encrypted auxiliary information and the encrypted media content in the first media message, transferring the encrypted media content to a message body of the second media message, and transferring the encrypted auxiliary information to the second media message Corresponding encrypted media content is located in a Content header; or, the encrypted media content is transferred to a message body of the second media message, and the encrypted auxiliary information is transferred to a message header of the second media message.
4、 如权利要求 1至 3中任一项所述的方法,其中, 所述加密媒体内容是 所述第一媒体消息的局部媒体内容; 所述加密辅助信息还包括所述加密媒体 内容的标记信息。 The method according to any one of claims 1 to 3, wherein the encrypted media content is partial media content of the first media message; the encrypted auxiliary information further includes the encrypted media Tag information for the content.
5、 如权利要求 1至 3中任一项所述的方法,其中, 所述加密媒体内容是 所述第一媒体消息的局部媒体内容; 所述加密辅助信息位于媒体消息的消息 头时, 所述加密辅助信息还包括所述加密媒体内容的标记信息, 其中: The method according to any one of claims 1 to 3, wherein the encrypted media content is partial media content of the first media message; and the encrypted auxiliary information is located at a message header of a media message, The encryption auxiliary information further includes tag information of the encrypted media content, where:
将所述加密辅助信息从第一媒体消息的消息头转移到第二媒体消息的消 息头时, 或, 将加密辅助信息从第一媒体消息的消息体中对应媒体内容所在 Content头部转移到第二媒体消息的对应加密媒体内容所在 Content头部时, 转移前后的加密辅助信息相同;  When the encryption auxiliary information is transferred from the message header of the first media message to the message header of the second media message, or the encrypted auxiliary information is transferred from the content header of the corresponding media content in the message body of the first media message to the first When the corresponding media content of the second media message is located in the Content header of the encrypted media content, the encrypted auxiliary information before and after the transfer is the same;
将加密辅助信息从第一媒体消息的消息体中对应媒体内容所在 Content 或段的头部转移到第二媒体消息的消息头时, 如果所述加密媒体不包含标识 信息, 在加密辅助信息中增加对应加密媒体内容所在内容(content )或段的 标识信息。  When the encryption auxiliary information is transferred from the header of the Content or segment of the corresponding media content in the message body of the first media message to the message header of the second media message, if the encrypted media does not contain the identification information, the encryption auxiliary information is added. Corresponding to the content (content) or segment identification information of the encrypted media content.
6、 如权利要求 1所述的方法,其中, 所述第一媒体消息和第二媒体消息 为多功能网际邮件扩充(MIME ) 消息或多媒体信息服务(MMS ) 消息。 6. The method of claim 1, wherein the first media message and the second media message are Multi-Function Internet Mail Extensions (MIME) messages or Multimedia Information Service (MMS) messages.
7、 一种网关设备, 该网关设备包括: 7. A gateway device, the gateway device comprising:
媒体消息接收模块, 其设置为: 接收第一媒体消息, 该第一媒体消息携 带加密辅助信息及一个或多个加密媒体内容, 所述加密辅助信息包括算法或 密钥信息;  a media message receiving module, configured to: receive a first media message, the first media message carries encrypted auxiliary information and one or more encrypted media content, where the encrypted auxiliary information includes an algorithm or key information;
媒体消息处理模块, 其设置为: 将所述第一媒体消息转换为不同格式的 第二媒体消息, 包括提取并转移所述第一媒体消息中的加密辅助信息及各个 加密媒体内容; 媒体消息发送模块, 其设置为: 发送所述第二媒体消息。  a media message processing module, configured to: convert the first media message into a second media message of a different format, including extracting and transferring the encrypted auxiliary information in the first media message and each encrypted media content; a module, configured to: send the second media message.
8、 如权利要求 7所述的网关设备,其中, 所述加密辅助信息位于第一媒 体消息或第二媒体消息的消息头, 或, 位于第一媒体消息或第二媒体消息中 对应的加密媒体内容所在内容( content ) 头部。 The gateway device according to claim 7, wherein the encrypted auxiliary information is located in a message header of the first media message or the second media message, or is located in a corresponding media of the first media message or the second media message. The content of the content ( content ) header.
9、 如权利要求 7所述的方法,其中, 所述加密媒体内容是所述第一媒体 消息的局部媒体内容; 所述加密辅助信息位于第一或第二媒体消息的消息头 时, 所述加密辅助信息还包括所述加密媒体内容的标记信息: 9. The method of claim 7, wherein the encrypted media content is the first medium The local media content of the message; when the encryption auxiliary information is located in a message header of the first or second media message, the encrypted auxiliary information further includes tag information of the encrypted media content:
所述媒体消息处理模块还设置为: 将加密辅助信息从第一媒体消息的消 息体中对应的加密媒体内容所在 Content头部转移到第二媒体消息的消息头 时, 如果所述加密媒体不包含标识信息, 在加密辅助信息中增加对应的加密 媒体内容所在内容(content )或段的标识信息。  The media message processing module is further configured to: when the encrypted auxiliary information is transferred from a Content header of the corresponding encrypted media content in the message body of the first media message to a message header of the second media message, if the encrypted media does not include The identification information is added to the content of the corresponding encrypted media content or the identification information of the segment in the encryption auxiliary information.
10、 如权利要求 7所述的网关设备,其中, 所述加密辅助信息位于所述 第一媒体消息的消息头, 所述媒体消息处理模块还设置为: 从所述第一媒体消息的消息头提取所述加密辅助信息 , 从所述第一媒体 消息的消息体提取所述加密媒体内容;  The gateway device according to claim 7, wherein the encryption auxiliary information is located in a message header of the first media message, and the media message processing module is further configured to: a message header from the first media message Extracting the encrypted auxiliary information, and extracting the encrypted media content from a message body of the first media message;
将所述加密媒体内容转移到所述第二媒体消息的消息体, 将所述加密辅 助信息转移到第二媒体消息的消息头; 或者, 将所述加密媒体内容转移到所 述第二媒体消息的消息体, 将所述加密辅助信息转移到第二媒体消息中的对 应的加密媒体内容所在内容( content ) 头部。  Transferring the encrypted media content to a message body of the second media message, transferring the encrypted auxiliary information to a message header of the second media message; or transferring the encrypted media content to the second media message The message body transfers the encrypted auxiliary information to a content head of a corresponding encrypted media content in the second media message.
11、 如权利要求 7所述的网关设备,其中, 所述加密辅助信息位于所述 第一媒体消息中所述加密媒体内容所在 Content头部,所述媒体消息处理模块 还设置为:  The gateway device of claim 7, wherein the encryption assistance information is located in a Content header of the first media message in which the encrypted media content is located, and the media message processing module is further configured to:
从所述第一媒体消息中所述加密媒体内容所在 Content头部提取加密辅 助信息, 从所述第一媒体消息的消息体提取所述加密媒体内容;  Extracting, by the content header of the first media message, the encrypted auxiliary information, and extracting the encrypted media content from a message body of the first media message;
将所述加密媒体内容转移到所述第二媒体消息的消息体, 将所述加密辅 助信息转移到第二媒体消息中对应的加密媒体内容所在 Content头部; 或者, 将所述加密媒体内容转移到所述第二媒体消息的消息体, 将所述加密辅助信 息转移到第二媒体消息的消息头。  Transferring the encrypted media content to the message body of the second media message, and transferring the encrypted auxiliary information to a Content header of the corresponding encrypted media content in the second media message; or transferring the encrypted media content And to the message body of the second media message, transferring the encrypted auxiliary information to a message header of the second media message.
12、 如权利要求 7所述的网关设备, 其中, 所述第一媒体消息和第二媒 体消息为多功能网际邮件扩充(MIME ) 消息或多媒体信息服务(MMS ) 消 息。 12. The gateway device of claim 7, wherein the first media message and the second media message are Multi-Function Internet Mail Extensions (MIME) messages or Multimedia Information Service (MMS) messages.
PCT/CN2012/070250 2011-04-22 2012-01-12 Method and gateway device for handling media message security mechanism WO2012142863A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN2011101028388A CN102752231A (en) 2011-04-22 2011-04-22 Handling method and gateway device of media information security mechanism
CN201110102838.8 2011-04-22

Publications (1)

Publication Number Publication Date
WO2012142863A1 true WO2012142863A1 (en) 2012-10-26

Family

ID=47032135

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2012/070250 WO2012142863A1 (en) 2011-04-22 2012-01-12 Method and gateway device for handling media message security mechanism

Country Status (2)

Country Link
CN (1) CN102752231A (en)
WO (1) WO2012142863A1 (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1465159A (en) * 2000-07-14 2003-12-31 耶德托存取公司 Secure packet-based data broadcasting architecture
US20040122964A1 (en) * 2002-12-20 2004-06-24 Teh Jin Teik Record transport protocol for data communication in wireless delivery systems
CN101150383A (en) * 2007-10-15 2008-03-26 中兴通讯股份有限公司 IP data transmission method
CN101867568A (en) * 2009-04-20 2010-10-20 索尼公司 Network server, media format conversion method and media format conversion system

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101087269A (en) * 2006-06-09 2007-12-12 华为技术有限公司 Method and system for transmitting message service data

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1465159A (en) * 2000-07-14 2003-12-31 耶德托存取公司 Secure packet-based data broadcasting architecture
US20040122964A1 (en) * 2002-12-20 2004-06-24 Teh Jin Teik Record transport protocol for data communication in wireless delivery systems
CN101150383A (en) * 2007-10-15 2008-03-26 中兴通讯股份有限公司 IP data transmission method
CN101867568A (en) * 2009-04-20 2010-10-20 索尼公司 Network server, media format conversion method and media format conversion system

Also Published As

Publication number Publication date
CN102752231A (en) 2012-10-24

Similar Documents

Publication Publication Date Title
US11522838B2 (en) Secure end-to-end transport through in intermediary nodes
EP3286896B1 (en) Scalable intermediate network device leveraging ssl session ticket extension
US8447969B2 (en) Transfer device for sensitive material such as a cryptographic key
CN105792190B (en) Data encryption, decryption and transmission method in communication system
CN102523563B (en) Multimedia messaging service (MMS) encrypting method based on identity-based cryptograph (IBC) technology
JP4250148B2 (en) Secure email format transmission
WO2012142863A1 (en) Method and gateway device for handling media message security mechanism
CN112637230B (en) Instant messaging method and system
KR100675180B1 (en) Signature message creation apparatus and the method of the mobile communication terminal
WO2012142864A1 (en) Media message processing method and gateway device
US8984273B2 (en) Method to provide secure multimedia messaging between peer systems
JP4453688B2 (en) Decryption / verification device, Internet facsimile machine, and network system
JP4595910B2 (en) Internet facsimile machine and decoding / verification system
CN109510822A (en) Obtain the method and system of public and private key
JP2005236809A (en) Method and device for decrypting image data
CN107786354A (en) A kind of method, system and equipment that more top communication service is interconnected
WO2012142839A1 (en) Method, system, and device for handling media message digital signature
KR20120117497A (en) Mobile device, data communication method and application installing method using the same
JP2007288243A (en) Communication controller and control method

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12774819

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 12774819

Country of ref document: EP

Kind code of ref document: A1