WO2013086836A1 - 一种数字移动网络联盟权限控制方法及装置 - Google Patents
一种数字移动网络联盟权限控制方法及装置 Download PDFInfo
- Publication number
- WO2013086836A1 WO2013086836A1 PCT/CN2012/075975 CN2012075975W WO2013086836A1 WO 2013086836 A1 WO2013086836 A1 WO 2013086836A1 CN 2012075975 W CN2012075975 W CN 2012075975W WO 2013086836 A1 WO2013086836 A1 WO 2013086836A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- dlna
- service
- address
- module
- dlna device
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/606—Protecting data by securing the transmission between two devices or processes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/101—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying security measures for digital rights management
Definitions
- the present invention relates to the field of communication technologies, and in particular, to a digital mobile network alliance
- DLNA DLNA is designed to address connectivity issues between wireless and wired networks, including personal PCs, consumer electronics, and mobile devices.
- UPnP Universal Plug and Play
- the "Digital Home” network communication public agreement is built on a widely accepted and universally applicable Internet protocol. Devices from different vendors can work together very easily, enabling content sharing "anytime, anywhere" and Calculation.
- UPnP defines the inter-device interoperability mechanism from five aspects: addressing, finding, controlling, event, and performance of the device.
- UPnP stipulates that after the device joins the network and obtains the IP address, it uses SSDP (Simple Service Discovery Protocol) to broadcast the service to the control points on the network. After the control point joins the network and obtains the IP address, the SSDP protocol is used to send the search request on the network. Search for devices of interest.
- the basic information exchange in the above operations is the discovery message, which contains only information about the device, such as device type, device name, and pointer to the device description document pointing to the XML.
- the description file of the device needs to be found according to the URL of the device description document of the discovery message, and more readings are read from these files.
- the range of description information is broad and is generally provided by the manufacturer of the device.
- the description information of the device includes: the mode name and mode number of the control, Device serial number, manufacturer name, URL of the vendor WEB, and description information of the embedded device or service and device control, device event, URL of the device expression. This information is typically stored in a specific XML file.
- control pointer After the control pointer finds the device description, it will propose the operation to be performed from the description and learn about all the services.
- a control behavior request To control a device, a control behavior request must be sent to request the device to start the service, and then the corresponding control message is sent according to the device's URL (the control message is the SOAP format information placed in the XML file). Finally, the device will return a response indicating whether the service was successful or failed.
- the object of the present invention is to provide a digital mobile network alliance authority control method and device to improve the security of use of the DLNA device.
- the method further includes: extending rights on the DLNA device side and a list of services allowed due to having the rights.
- the method further includes: obtaining, according to the rights of the other DLNA device, a service list that is accessible to the access user, if the service requested by the access user is available in the permission The service is provided in the list, otherwise the service is refused.
- the requested service includes an xml file requesting the current DLNA device to provide a service or a command corresponding to the service requesting the DLNA terminal to provide a service response.
- the service control information sent by the other DLNA device is parsed and the MAC address of the other DLNA device is analyzed before the address and address/authority recording units of the other DLNA devices are compared.
- a DLNA authority control device includes a DLNA module, a MAC address control module, and a MAC/privilege correspondence list module;
- the MAC/privilege correspondence list module is configured to store a correspondence between an address and a permission of a control point allowed by the DLNA device;
- the DLNA module is configured to acquire a request service command sent by another DLNA device, and forward the instruction to the MAC address control module;
- the MAC address control module is configured to compare an address sent by the other DLNA device with the MAC/privilege correspondence list module to find a right corresponding to the other DLNA device.
- the device further includes a permission/service correspondence list module, configured to store a correspondence between the DLNA authority and the service.
- the MAC address control module is configured to obtain, according to the rights of the other DLNA devices, a service list that is accessible to the access user; if the service requested by the access user is in the service list that can be obtained by the permission, the DLNA module Used to provide the required service, otherwise the DLNA module is used to deny the provision of related services.
- the services requested by other DLNA devices include an xml file requesting the current DLNA device to provide the service or requesting the service using the service command.
- the DLNA module is configured to parse the service control information sent by the other DLNA device, and analyze the other DLNA device, before comparing the MAC address of the other DLNA device with the MAC/privilege correspondence list module. MAC address.
- FIG. 1 is a schematic diagram of a digital mobile network alliance authority control apparatus according to an embodiment of the present invention
- FIG. 2 is a flowchart of a digital mobile network alliance authority control method according to an embodiment of the present invention.
- the present invention provides a method for performing DLNA multimedia service authority control using a MAC address.
- the main idea of the technical solution of the present invention is as follows: It is used to indicate the correspondence between the rights of the accessing user and the services that can be provided;
- An address/permission recording unit is extended on the DLNA device side to record the correspondence between the address and the owned rights;
- the invention provides a method for controlling DLNA multimedia service authority by using an address, which can solve the security problem of the UPnP protocol used by the DLNA device and ensure the security of the multimedia data.
- the address is described by taking a MAC address as an example.
- FIG. 1 is a schematic diagram of a digital mobile network alliance authority control apparatus according to an embodiment of the present invention.
- the DLNA device is described by taking a 3G wireless router as an example.
- the 3G wireless router connects multiple terminals such as PCs in a WIFI manner.
- the terminal such as the PC acquires a movie, a picture, and the like on the DLNA by transmitting a request to the DLNA device.
- the DLNA device makes a decision to allow or deny the request of the terminal based on the AC address of the terminal that sent the request.
- the apparatus includes a DLNA module 102, a MAC address control module 103, a MAC/privilege correspondence list module 104, and a rights/service correspondence list module 105.
- the DLNA control unit 101 in FIG. 1 is a DLNA control unit that interacts with the DLNA device, and is generally located on other DLNA devices to interact with the DLNA device, and is mainly used to acquire device and service descriptors from the device of the present invention. Related Services.
- the DLNA module 102 is configured to provide a service descriptor of the DLNA device to the control point, and obtain related services.
- the MAC address control module 103 is mainly configured to parse the data packet in the control point of the DLNA device, analyze the MAC address therein, and read the MAC/authorization permission list stored in the FLASH in the present invention, and determine the MAC address of the control point. Corresponding rights; reading the permission/service list stored in the FLASH in the present invention, obtaining the service allowed by the access point according to the read permission; determining whether the service requested by the access point is in the allowed service list If there is no modification in the IP data packet parsed by the MAC layer in the allowed service list, the upper layer service can allow the control point to acquire the device and the service descriptor and allow it to obtain the related service; otherwise, it is parsed.
- the flag FLAG is added to the IP packet, and the DLNA device directly rejects the control according to FLAG. Related requests for the system.
- the MAC/privilege correspondence list module 104 The MAC/privilege list stored in the FLASH of the DLNA device of the present invention mainly stores the correspondence between the MAC address and the permission of the allowed control point, and can be obtained by checking the MAC address of the access point. Permission to access the access point.
- the privilege/service correspondence list module 105 The DLNA device of the present invention stores the privilege/service list stored in the FLASH, and mainly stores the correspondence between the permission of the allowed control point and the service, and can be obtained by checking the table according to the permission of the access point. The range of services that can be used for the entry point.
- FIG. 2 is a flow chart of the method for controlling the authority of the digital mobile network alliance according to the embodiment of the present invention. The specific process is as follows:
- Step 201 The DLNA control point sends a message of the service control or issues a message for obtaining the device and the service representation;
- Step 202 After receiving the relevant control message, the DLNA module performs related parsing, parses the MAC address of the source address, and obtains the authority corresponding to the MAC address according to the MAC address/permission list stored in the FLASH;
- Step 203 The DLNA module obtains, according to the permission obtained in step 202, a list of services allowed by the permission according to the permission/service list stored in the FLASH;
- Step 204 The DLNA module determines whether the service requested by the user is in the service list obtained in step 203, and if yes, proceeds to step 205, otherwise proceeds to step 206;
- Step 205 The DLNA module returns the device and service expression or service result to the control point according to a normal process
- Step 206 The DLNA module returns a reject message to the control point.
- the DLNA authority control method of the present invention can extend the address/authority recording unit on the DLNA device side to record the correspondence between the address and the owned authority; expand the service control program on the DLNA device side, when there are other DLNA devices
- the address and address/permission recording units of the other DLNA devices are compared, To find out the permissions of the other DLNA devices described.
- the service list available to the access user may be obtained according to the rights of the other DLNA device, and the service is provided if the service requested by the access user is in the service list that the authority can obtain, otherwise the service is refused.
- the requested service may include an xml file requesting the current DLNA device to provide a service or a command corresponding to the service to request the DLNA terminal to provide a service response.
- the service control information transmitted by the other DLNA devices may be parsed to analyze the MAC addresses of the other DLNA devices.
- the DLNA rights control apparatus of the present invention may include a DLNA module, a MAC address control module, and a MAC/privilege correspondence list module;
- the MAC/privilege correspondence list module is configured to store a correspondence between an address and a permission of a control point allowed by the DLNA device;
- the DLNA module is configured to acquire a request service command sent by another DLNA device, and forward the instruction to the MAC address control module;
- the MAC address control module is configured to compare an address sent by the other DLNA device with the MAC/privilege correspondence list module to find a right corresponding to the other DLNA device.
- the apparatus of the present invention may further comprise a permission/service correspondence list module for storing a correspondence between the DLNA authority and the service.
- the MAC address control module may obtain a service list that is accessible to the access user according to the rights of the other DLNA device; if the service requested by the access user is in the service list that can be obtained by the permission, the DLNA The module is used to provide the required service, otherwise the DLNA module is used to deny the provision of related services.
- the service requested by the other DLNA device may include an xml file requesting the current DLNA device to provide a service or requesting a service using a service command.
- the DLNA module may parse the service control information sent by the other DLNA device, and analyze the other DLNA device. MAC address.
- the present invention is characterized in that only users who are set to allow the MAC address of the relevant service to be allowed and use the DLNA device of the technology and obtain the XML file of the device and service description; Set the service of DLNA's service point to enable different access users to obtain different permissions, ensure the security of multimedia data and the flexibility of multimedia service management; ensure the security, privacy and manageability of DLNA devices. .
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computing Systems (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Storage Device Security (AREA)
- Mobile Radio Communication Systems (AREA)
- Small-Scale Networks (AREA)
Abstract
Description
Claims
Priority Applications (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US14/131,418 US9323940B2 (en) | 2011-12-16 | 2012-05-24 | Rights control method and apparatus for digital living network alliance |
CA2841140A CA2841140C (en) | 2011-12-16 | 2012-05-24 | Rights control method and apparatus for digital living network alliance |
JP2014520503A JP5905961B2 (ja) | 2011-12-16 | 2012-05-24 | デジタルリビングネットワークアライアンスの権限制御方法及び装置 |
EP12858063.6A EP2723112B1 (en) | 2011-12-16 | 2012-05-24 | Rights control method and apparatus for digital living network alliance |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201110422931.7 | 2011-12-16 | ||
CN201110422931.7A CN102665211B (zh) | 2011-12-16 | 2011-12-16 | 一种数字移动网络联盟权限控制方法及装置 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2013086836A1 true WO2013086836A1 (zh) | 2013-06-20 |
Family
ID=46774601
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2012/075975 WO2013086836A1 (zh) | 2011-12-16 | 2012-05-24 | 一种数字移动网络联盟权限控制方法及装置 |
Country Status (6)
Country | Link |
---|---|
US (1) | US9323940B2 (zh) |
EP (1) | EP2723112B1 (zh) |
JP (1) | JP5905961B2 (zh) |
CN (1) | CN102665211B (zh) |
CA (1) | CA2841140C (zh) |
WO (1) | WO2013086836A1 (zh) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2924947A1 (en) * | 2014-03-28 | 2015-09-30 | Xiaomi Inc. | Method and apparatus for controlling access |
US9794261B2 (en) | 2014-03-28 | 2017-10-17 | Xiaomi Inc. | Method and apparatus for controlling access to a server |
Families Citing this family (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102510371B (zh) | 2011-09-30 | 2017-12-22 | 中兴通讯股份有限公司 | 一种控制数字移动网络联盟内容的方法及装置 |
EP2951967A4 (en) * | 2013-02-04 | 2016-09-07 | Longsand Ltd | MANAGING ACCESS TO A NETWORK |
CN103634659A (zh) * | 2013-12-16 | 2014-03-12 | 乐视致新电子科技(天津)有限公司 | 智能电视的资源读取方法和装置 |
US10547993B2 (en) | 2014-05-29 | 2020-01-28 | Huawei Technologies Co., Ltd. | Media content sharing method and apparatus |
CN105407105A (zh) * | 2015-12-24 | 2016-03-16 | Tcl集团股份有限公司 | 一种在samba服务上进行设备鉴权的方法及系统 |
CN113612740B (zh) * | 2021-07-21 | 2022-08-26 | 腾讯科技(深圳)有限公司 | 权限管理方法、装置、计算机可读介质及电子设备 |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20070237115A1 (en) * | 2006-04-10 | 2007-10-11 | Young Kyu Bae | Apparatus and method for sharing content using digital living network alliance (dlna) network and computer-readable medium thereof |
CN101170571A (zh) * | 2006-10-23 | 2008-04-30 | 友立资讯股份有限公司 | 资讯提供装置及该装置提供资讯的方法 |
CN101695060A (zh) * | 2009-09-24 | 2010-04-14 | 中兴通讯股份有限公司 | 家庭网关、实现数字生活网络联盟方案的系统及方法 |
CN101741901A (zh) * | 2009-12-21 | 2010-06-16 | 青岛海信宽带多媒体技术有限公司 | 一种远程访问UPnP/DLNA设备的实现方法及装置 |
CN101809933A (zh) * | 2007-10-22 | 2010-08-18 | 索尼爱立信移动通讯有限公司 | 支持数字生活网络联盟(dlna)的便携式电子设备、dlna管理控制台和对支持dlna的便携式电子设备进行操作的相关方法 |
CN102510371A (zh) * | 2011-09-30 | 2012-06-20 | 中兴通讯股份有限公司 | 一种控制数字移动网络联盟内容的方法及装置 |
Family Cites Families (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9811836B2 (en) | 2002-10-23 | 2017-11-07 | Modiv Media, Inc | System and method of a media delivery services platform for targeting consumers in real time |
US7917942B2 (en) * | 2006-02-24 | 2011-03-29 | Nokia Corporation | System and method for configuring security in a plug-and-play architecture |
JP2009147571A (ja) | 2007-12-13 | 2009-07-02 | Nec Corp | 映像配信システム、端末装置、プログラム、及び映像配信方法 |
JP2009187107A (ja) * | 2008-02-04 | 2009-08-20 | Nec Corp | アクセス制御システム、その方法およびアクセス制御プログラム |
US8819422B2 (en) * | 2008-04-22 | 2014-08-26 | Motorola Mobility Llc | System and methods for access control based on a user identity |
WO2011021378A1 (ja) * | 2009-08-20 | 2011-02-24 | パナソニック株式会社 | ネットワーク装置、判断方法、プログラム、集積回路 |
US8745758B2 (en) * | 2009-11-02 | 2014-06-03 | Time Warner Cable Enterprises Llc | Apparatus and methods for device authorization in a premises network |
EP2502175A1 (en) * | 2009-11-20 | 2012-09-26 | Telefonaktiebolaget L M Ericsson (PUBL) | Media content information provision |
-
2011
- 2011-12-16 CN CN201110422931.7A patent/CN102665211B/zh not_active Expired - Fee Related
-
2012
- 2012-05-24 WO PCT/CN2012/075975 patent/WO2013086836A1/zh active Application Filing
- 2012-05-24 JP JP2014520503A patent/JP5905961B2/ja not_active Expired - Fee Related
- 2012-05-24 US US14/131,418 patent/US9323940B2/en not_active Expired - Fee Related
- 2012-05-24 EP EP12858063.6A patent/EP2723112B1/en not_active Not-in-force
- 2012-05-24 CA CA2841140A patent/CA2841140C/en not_active Expired - Fee Related
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20070237115A1 (en) * | 2006-04-10 | 2007-10-11 | Young Kyu Bae | Apparatus and method for sharing content using digital living network alliance (dlna) network and computer-readable medium thereof |
CN101170571A (zh) * | 2006-10-23 | 2008-04-30 | 友立资讯股份有限公司 | 资讯提供装置及该装置提供资讯的方法 |
CN101809933A (zh) * | 2007-10-22 | 2010-08-18 | 索尼爱立信移动通讯有限公司 | 支持数字生活网络联盟(dlna)的便携式电子设备、dlna管理控制台和对支持dlna的便携式电子设备进行操作的相关方法 |
CN101695060A (zh) * | 2009-09-24 | 2010-04-14 | 中兴通讯股份有限公司 | 家庭网关、实现数字生活网络联盟方案的系统及方法 |
CN101741901A (zh) * | 2009-12-21 | 2010-06-16 | 青岛海信宽带多媒体技术有限公司 | 一种远程访问UPnP/DLNA设备的实现方法及装置 |
CN102510371A (zh) * | 2011-09-30 | 2012-06-20 | 中兴通讯股份有限公司 | 一种控制数字移动网络联盟内容的方法及装置 |
Non-Patent Citations (1)
Title |
---|
See also references of EP2723112A4 * |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2924947A1 (en) * | 2014-03-28 | 2015-09-30 | Xiaomi Inc. | Method and apparatus for controlling access |
JP2016519828A (ja) * | 2014-03-28 | 2016-07-07 | シャオミ・インコーポレイテッド | アクセス制御方法、装置、プログラム、及び記録媒体 |
US9794261B2 (en) | 2014-03-28 | 2017-10-17 | Xiaomi Inc. | Method and apparatus for controlling access to a server |
Also Published As
Publication number | Publication date |
---|---|
CA2841140C (en) | 2018-07-17 |
US20140137268A1 (en) | 2014-05-15 |
JP5905961B2 (ja) | 2016-04-20 |
US9323940B2 (en) | 2016-04-26 |
EP2723112A4 (en) | 2015-03-18 |
CN102665211A (zh) | 2012-09-12 |
EP2723112B1 (en) | 2017-09-20 |
CN102665211B (zh) | 2017-11-07 |
EP2723112A1 (en) | 2014-04-23 |
CA2841140A1 (en) | 2013-06-20 |
JP2014524211A (ja) | 2014-09-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2013086836A1 (zh) | 一种数字移动网络联盟权限控制方法及装置 | |
JP5826399B2 (ja) | デジタルリビングネットワークアライアンス内容の制御方法及び装置 | |
KR101548574B1 (ko) | 통신 네트워크들에 대한 네트워크 접속된 미디어 게이트웨이 | |
US7840688B2 (en) | Information processing device, server client system, method, and computer program | |
JP3800198B2 (ja) | 情報処理装置、およびアクセス制御処理方法、並びにコンピュータ・プログラム | |
JP5248505B2 (ja) | 制御デバイス、再生デバイス、及び許可サーバ | |
US8931059B2 (en) | Method and apparatus for cross DRM domain registration | |
JP2013041408A (ja) | 情報処理装置、リソース提供装置および情報処理システム | |
JP5969507B2 (ja) | ホーム・ネットワークにおいてデータを共有する方法及び該方法を実施する装置 | |
JP6074497B2 (ja) | メディア情報アクセス制御のための方法及び装置、並びにディジタル・ホーム・マルチメディア・システム | |
WO2013097345A1 (zh) | 数字生活网络联盟设备的接入控制方法及装置 | |
JP4161791B2 (ja) | 機器間認証システム及び機器間認証方法、通信装置、並びにコンピュータ・プログラム | |
JP5043953B2 (ja) | リソース伝送方法及び情報提供方法 | |
WO2012155604A1 (zh) | 一种控制数字移动网络联盟内容的方法及装置 | |
JP2004102373A (ja) | アクセス管理サーバ、方法及びプログラム | |
CN103546423B (zh) | 数字多媒体权限控制方法及数字多媒体设备 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 12858063 Country of ref document: EP Kind code of ref document: A1 |
|
WWE | Wipo information: entry into national phase |
Ref document number: 14131418 Country of ref document: US |
|
ENP | Entry into the national phase |
Ref document number: 2841140 Country of ref document: CA |
|
ENP | Entry into the national phase |
Ref document number: 2014520503 Country of ref document: JP Kind code of ref document: A |
|
REEP | Request for entry into the european phase |
Ref document number: 2012858063 Country of ref document: EP |
|
NENP | Non-entry into the national phase |
Ref country code: DE |