WO2018086566A1 - Pvr protection method and system - Google Patents

Pvr protection method and system Download PDF

Info

Publication number
WO2018086566A1
WO2018086566A1 PCT/CN2017/110334 CN2017110334W WO2018086566A1 WO 2018086566 A1 WO2018086566 A1 WO 2018086566A1 CN 2017110334 W CN2017110334 W CN 2017110334W WO 2018086566 A1 WO2018086566 A1 WO 2018086566A1
Authority
WO
WIPO (PCT)
Prior art keywords
key
top box
set top
recording
identification information
Prior art date
Application number
PCT/CN2017/110334
Other languages
French (fr)
Chinese (zh)
Inventor
钟争胜
Original Assignee
深圳创维数字技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳创维数字技术有限公司 filed Critical 深圳创维数字技术有限公司
Publication of WO2018086566A1 publication Critical patent/WO2018086566A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/41Structure of client; Structure of client peripherals
    • H04N21/4104Peripherals receiving signals from specially adapted client devices
    • H04N21/4108Peripherals receiving signals from specially adapted client devices characterised by an identification number or address, e.g. local network address
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/41Structure of client; Structure of client peripherals
    • H04N21/4104Peripherals receiving signals from specially adapted client devices
    • H04N21/4135Peripherals receiving signals from specially adapted client devices external recorder
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/41Structure of client; Structure of client peripherals
    • H04N21/414Specialised client platforms, e.g. receiver in car or embedded in a mobile appliance
    • H04N21/4147PVR [Personal Video Recorder]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/41Structure of client; Structure of client peripherals
    • H04N21/426Internal components of the client ; Characteristics thereof
    • H04N21/42684Client identification by a unique number or address, e.g. serial number, MAC address, socket ID
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/433Content storage operation, e.g. storage operation in response to a pause request, caching operations
    • H04N21/4334Recording operations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/44Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream, rendering scenes according to MPEG-4 scene graphs
    • H04N21/4405Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream, rendering scenes according to MPEG-4 scene graphs involving video stream decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/44Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream, rendering scenes according to MPEG-4 scene graphs
    • H04N21/4408Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream, rendering scenes according to MPEG-4 scene graphs involving video stream encryption, e.g. re-encrypting a decrypted video stream for redistribution in a home network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N5/00Details of television systems
    • H04N5/76Television signal recording

Definitions

  • the present disclosure relates to the field of set top box technologies, for example, to a PVR protection method and system.
  • PVR Personal Video Recorder
  • the PVR program stored on the set-top box hard disk usually needs to be encrypted, and the encrypted PVR program can only be used by the same set-top box, and the program data cannot be shared.
  • the present disclosure provides a PVR protection method and system, which can solve the problem that data recorded by the related encryption method can only be played back on a set top box that records the data, so that the recorded data cannot be shared by other set tops.
  • the present disclosure provides a PVR protection method, which may include: when a recording instruction of a first set top box is triggered, the first set top box sends a request for acquiring a first recording key to a power production management system (PMS) of a PVR.
  • PMS power production management system
  • the request information includes first identification information of the first set top box
  • the PMS receives the request information and generates a random key, according to the first private key pair corresponding to the first identification information Encrypting the random key to obtain the first recording key, and transmitting the first recording key to the first set top box
  • the first set top box receives and decrypts the first recording key to obtain The random key, and using the random key to encrypt the descrambled audio and video data to obtain an encrypted program
  • the first set top box saves the encrypted program to an external storage device to implement PVR encrypted recording.
  • the method further includes: a PVR playback process, the PVR playback process includes: when the second set top box receives the playback instruction, reading the encrypted program, the first identification information from the external storage device And comparing, by the first recording key, the second identification information of the second set top box with the first identification information; when the second identification information is different from the first identification information, The second set top box sends the second identification information, the first identification information, and the first recording key to the PMS; the PMS is based on the second private key corresponding to the second identification information.
  • the PVR playback process includes: when the second set top box receives the playback instruction, reading the encrypted program, the first identification information from the external storage device And comparing, by the first recording key, the second identification information of the second set top box with the first identification information; when the second identification information is different from the first identification information, The second set top box sends the second identification information, the first identification information, and the first recording key to the PMS; the PMS is based on the second private key corresponding to the second identification information
  • the first private key corresponding to the first identification information and the first recording key generate a second recording key; the second set top box decrypts the second recording key to obtain the random key Key, and decrypting the encrypted program by using the random key, obtaining a decrypted program, and playing the decrypted program.
  • the present disclosure further provides a personal video recording PVR protection system, which may include: a set top box and a management system PMS of the PVR; the set top box includes: a first sending module, a first decrypting module, and a saving module; the first sending module, setting The request information for acquiring the first recording key is sent to the management system PMS of the PVR, where the request information includes the first identification information of the set top box; the first decryption module is set to Decrypting the first recording key to obtain a random key, and encrypting the descrambled audio and video data by using the random key to obtain a decrypted program; the saving module is configured to save the encrypted program to an external
  • the storage device is configured to implement PVR encrypted recording; the management system PMS is configured to receive the request information and generate a random key, and perform the random key according to the first private key corresponding to the first identification information. Encrypt to get the first recording key.
  • the set top box further includes: a comparison module, a second sending module, and a second decrypting module; the comparing module is configured to read the encrypted program from the external storage device when a playback instruction is triggered, The first identification information and the first recording key compare the second identification information of the second identification information with the first identification information, and the second sending module is configured to: when the second identification information and the first identification information When the identification information is different, the second identification information, the first identification information, and the first recording key corresponding to the recorded program are sent to the PMS; and the second decryption module is configured to decrypt the second recording key.
  • the PMS is further configured to be according to the second identifier information, the first identifier information, and the first The recording key generates a second recording key.
  • the set top box further includes: a third decryption module, configured to decrypt the first recording key to obtain the random key when the second identifier information is the same as the first identifier information, And decrypting the encrypted program by using the random key to obtain a decrypted program.
  • a third decryption module configured to decrypt the first recording key to obtain the random key when the second identifier information is the same as the first identifier information, And decrypting the encrypted program by using the random key to obtain a decrypted program.
  • the present disclosure also provides a PVR protection method, which can be applied to a PVR management system PMS, including:
  • the information includes the first identification information of the first set top box; determining, according to the first identification information, whether the first set top box has recording permission; when the first set top box has recording permission, generating a random key, and according to Determining, by the first identification information and the random key, the first recording key; sending the first recording key to the first set top box, so that the first set top box is facing the first Decrypting the recording key to obtain the random key, and encrypting the data stream to be encrypted by using the random key to obtain an encrypted data stream, so that the second set top box acquires the encrypted data stream, the first identifier information, and the Describe the first recording key;
  • the present disclosure also provides a PVR protection method, which can be applied to a first set top box, including:
  • the present disclosure also provides a PVR protection method, which can be applied to a second set top box, including:
  • the present disclosure further provides a PVR management system PMS, which may include: a receiving module, configured to: receive request information for acquiring a first recording key sent by a first set top box, where the request information includes the first set top box
  • the first identifier information is configured to: determine, according to the first identifier information, whether the first set top box has a recording authority; and the key processing module is configured to: when the first set top box has a recording permission, Generating a random key, and obtaining the first recording key according to the first identification information and the random key; and the key sending module is configured to: send the first recording key to the first a set top box, so that the first set top box decrypts the first recording key to obtain the random key, and encrypts the data stream to be encrypted by using the random key to obtain an encrypted data stream, thereby enabling the second set top box Obtaining the encrypted data stream, the first identification information, and the first recording key;
  • the receiving module is further configured to: receive the first identification information, the first recording key, and the second identification information of the second set top box sent by the second set top box, where the second set top box and the first set top box
  • the privilege judging module is further configured to: determine, according to the second identifier information, whether the second set top box has a play permission
  • the key processing module is further configured to: when the second set top box has Decrypting the first recording key according to the first identification information to obtain the random key; and obtaining a second recording key according to the second identification information and the random key
  • the key sending module is further configured to: send the second recording key to the second set top box, so that the second set top box decrypts the second recording key to obtain the random key, and Decrypting the encrypted data stream with the random key results in a decrypted data stream.
  • the present disclosure also provides a computer readable storage medium storing computer executable instructions for performing any of the methods described above.
  • the present disclosure also provides a PVR management device including one or more processors, a memory, and one or more programs, the one or more programs being stored in a memory when being processed by one or more processors When executed, the corresponding method described above can be performed.
  • the present disclosure also provides a set top box including one or more processors, a memory, and one or more programs, the one or more programs being stored in the memory when processed by one or more When the device is executed, the corresponding method described above can be performed.
  • the present disclosure also provides a computer program product comprising a computer program stored on a non-transitory computer readable storage medium, the computer program comprising program instructions, when the program instructions are executed by a computer, Having the computer perform any of the methods described above.
  • the PVR protection method and system provided by the present disclosure generates a random key for recording a program through a PMS, and acquires the random key through the PMS during playback, and decrypts the program by using the random key.
  • the sharing of the recorded programs is achieved such that the recorded programs can also be played back from other set top boxes of the set top box that recorded the program.
  • FIG. 1 is a flowchart of a PVR protection method according to an embodiment.
  • FIG. 2 is a flow chart of another PVR protection method provided by an embodiment.
  • FIG. 3 is a flowchart of still another PVR protection method according to an embodiment.
  • FIG. 4 is a flowchart of still another PVR protection method according to an embodiment.
  • FIG. 5 is a schematic structural diagram of a PVR protection system according to an embodiment.
  • FIG. 6 is a schematic structural diagram of a set top box in a PVR protection system according to an embodiment.
  • FIG. 7 is a flowchart of still another PVR protection method according to an embodiment.
  • FIG. 8 is a flowchart of still another PVR protection method according to an embodiment.
  • FIG. 9 is a flowchart of still another PVR protection method according to an embodiment.
  • FIG. 10 is a schematic structural diagram of a PVR management system PMS according to an embodiment.
  • FIG. 11 is a schematic structural diagram of hardware of a PVR management device according to an embodiment.
  • FIG. 12 is a schematic structural diagram of hardware of a set top box according to an embodiment.
  • module the suffixes such as “module”, “component” or “unit” used to denote elements are merely illustrative of the present invention, and do not have a specific meaning per se. Therefore, “module”, “component” or “unit” can be used in combination.
  • the terminal device can be implemented in various forms.
  • the terminal described in the present invention may include, for example, a mobile phone, a smart phone, a notebook computer, a digital broadcast receiver, a PDA (Personal Digital Assistant), a PAD (Tablet), a PMP (Portable Multimedia Player), a navigation device, etc.
  • Mobile terminals and fixed terminals such as digital TVs, desktop computers, and the like.
  • PDA Personal Digital Assistant
  • PAD Tablett
  • PMP Portable Multimedia Player
  • This embodiment provides a PVR protection method, where the method includes a recording process.
  • the recording process may include steps 110-140.
  • step 110 when the recording instruction of the first set top box is triggered, the first set top box sends request information for acquiring the first recording key to the management system PMS of the PVR, wherein the request information includes the first set top box.
  • First identification information when the recording instruction of the first set top box is triggered, the first set top box sends request information for acquiring the first recording key to the management system PMS of the PVR, wherein the request information includes the first set top box.
  • the PMS receives the request information and generates a random key, and encrypts the random key according to the first private key corresponding to the first identification information to obtain a first recording key, and Sending the first recording key to the first set top box.
  • the first set top box establishes an association relationship between the first identification information and the first recording key, and stores the association relationship in the external storage device.
  • the first set top box can bind its own identification information to the first recording key of the recorded program, and store the binding relationship on the external storage device, so that the other set top box can obtain the identifier of the first set top box from the external storage device.
  • Information and first recording key can be used to obtain the identifier of the first set top box from the external storage device.
  • the first set top box receives and decrypts the first recording key to obtain the random key, and encrypts the descrambled audio and video data by using the random key to obtain an encrypted program.
  • step 140 the first set top box saves the encrypted program to an external storage device to implement PVR encrypted recording.
  • CA Conditional Access
  • the private key in the main chip is used, and the random key can be obtained through the operation.
  • the audio and video data is encrypted by using the random key, and the random key is obtained by using the private key in the main chip during video playback, and the audio and video data is decrypted by using the random key.
  • the encryption method is to protect the audio and video data based on the private link of the hardware, and the other set top boxes cannot recover the random key of the encrypted set top box, so that the recording and playback are restricted to be used on the same set top box, and the encrypted video data is used. Cannot be shared by set-top boxes approved by other CA vendors.
  • the set top box sends its own first identification information to the PMS system, and the PMS system generates a random key for the first identification information, and uses an encryption algorithm corresponding to the first identification information.
  • the first private key encrypts the random key to generate a first recording key
  • the set top box decrypts the first recording key to obtain the random key, and uses the random key to record a program,
  • the recording key is managed to solve the problem that the PVR program obtained by the existing recording method can only be played back on the same set top box and cannot be played back on other set top boxes.
  • the recording instruction of the first set top box is triggered, which may be a control command generated by the user through a control panel of the set top box or a control device such as a remote controller to perform a control operation on the set top box.
  • the control command is Record the command.
  • the CA front end may be set in the PMS management system PMS, and the PMS may obtain related information of the set top box that is authenticated by the CA front end, such as identification information of the set top box, a private key, an encryption method, and a recording authority.
  • the identification information of the set top box may be a chip number CHIP ID.
  • the PMS system may pre-establish a database for storing the chip number CHIP ID of the set top box, a private key, an encryption method, and recording rights. Moreover, the chip number CHIP ID, private key, encryption method, and recording authority are stored in association with each other. That is to say, the PMS system can determine its corresponding private key, encryption method, recording authority, and the like according to the CHIP ID of the set top box.
  • the sending, by the first set top box, the request information for acquiring the first recording key to the PVR management system PMS may include the first set top box sending the request information carrying the own CHIP ID to the PMS system over the Internet, so that the PMS passes the request.
  • the information generates a first recording key for recording the program.
  • the random key is randomly generated by the PMS system, and the random key may be a character string, such as ab12. After generating the random key, encrypting the random key according to the first private key corresponding to the first identification information to obtain a first recording key. Since not all set top boxes have the right to record programs, there is no need to generate a random key for the set top box and perform subsequent steps when the set top box does not have recording rights.
  • the method may further include: a process of querying whether the first set top box has a recording permission, the method may include: the PMS receiving the request information, and acquiring first identification information carried by the request information; The PMS queries, in the database, whether the set top box corresponding to the first identifier information has a recording authority; if the first set top box has a recording right, the step 120 is performed;
  • the PMS may feed back the query result to the first set top box through the network, that is, the first set top box does not have recording permission.
  • the PMS receives the request information and generates a random key, and then encrypts the random key according to the first private key corresponding to the first identification information to obtain a first recording key.
  • Steps 1210 - 1240 can be included.
  • step 1210 the PMS receives and parses the request information to obtain the first identification information.
  • step 1220 the PMS searches for a corresponding first private key and an encryption method in the database according to the first identification information.
  • step 1230 the PMS randomly generates a random key, and encrypts the random key using the first private key and an encryption method to obtain a first recording key.
  • step 1240 the PMS feeds back the first recording key to the first set top box.
  • the first identification information may be CHIP ID1
  • the first private key is a private key in the main chip of the set top box. That is, the PMS uses the private key in the set-top box main chip, such as a session key (Session Key, SK) to encrypt the random key to obtain the first recording key, when the first set-top box receives the first recording key.
  • the first recording key may be decrypted according to a private key carried in the master chip thereof to obtain the random key.
  • the process of generating a random key and encrypting the random key by using the first private key is completed in the PMS system, and the PMS system may also save the random key, when the top set box plays back the recorded content of the first set top box.
  • the set top box can acquire the random key through the PMS system, and use the random key to decrypt the program recorded by the first set top box, thereby realizing sharing of the PVR program.
  • the first set top box decrypts the first recording key to obtain the random key
  • the first set top box receives the first recording key fed back by the PMS
  • the A recording key is set to the encryption engine
  • the first recording key is decrypted using the first private key to obtain the random key.
  • the first identification information and the metadata (META DATA) information such as the first recording key are saved to an external storage device (for example, a USB flash drive or a mobile hard disk, etc.), and the external storage device stores the first set top box.
  • An external storage device for recorded programs That is, when the top set box acquires the program recorded by the first set top box from the external storage device, the META DATA information of the first set top box may also be acquired, so that the random key may be acquired according to the META DATA information.
  • the first set top box writes the obtained recorded program to an external storage device to form a PVR file corresponding to the program played by the first set top box, and repeats the above encrypted recording process until the recording is not completed.
  • the end of the recording may be the end of the program time (the digital television terminal judges the start time and duration of the learned program through the Electronic Program Guide (EPG) information of the digital television channel), and completes the recording of the program; The user cancels the recording; it can also be the end of the error, such as the storage device is full.
  • EPG Electronic Program Guide
  • This embodiment further provides a PVR protection method, where the method includes a recording process. As shown in FIG. 2, the recording process may include steps 210-290.
  • step 210 the set-top box STB1 recording command is triggered, and a recording request is sent to the PMS,
  • the request includes the CHIP ID1 information of the STB1, wherein the set top box STB1 transmits the recording request to the PVR management system PMS via the Internet.
  • step 220 the PMS searches through the database to query the recording permission of the set-top box STB1. If the set-top box STB1 is allowed to record, step 230 is performed. If the set-top box STB1 is not allowed to record, the PMS returns the unrecordable permission to the set-top box STB1 through the network. And perform step 250.
  • step 230 the PMS generates a random key PVR KEY, and encrypts the PVR KEY by using the private key SK1 corresponding to the CHIP ID1 to obtain a recording key RECORD KEY1.
  • step 240 the PMS returns recording rights and RECORD KEY1 to the set top box STB1 over the network.
  • step 250 the set top box STB1 checks the result of the PMS return, if the recording is allowed, then step 260 is performed; if the recording is not allowed, step 290 is performed.
  • step 260 the set top box STB1 sets the RECORD KEY1 returned by the PMS to the encryption engine, decrypts the PVR KEY by the private key SK1, and saves the metadata METADATA information composed of CHIP ID1 and RECORD KEY1 to the external storage device.
  • step 270 the set top box STB1 encrypts the descrambled audio and video data using the PVR KEY, obtains the encrypted data RECORD CONTENT, and saves the RECORD CONTENT to the external storage device.
  • step 280 step 270 is repeated until the user cancels the recording or other error occurs, then the recording ends.
  • step 290 the recording is ended.
  • the recording process provided by the present embodiment is based on the recording process of the main chip of the set top box and the PMS system, and the PMS saves the encryption algorithm of the main chip and the private key SK.
  • the PMS finds the corresponding private key according to the first set-top box transmission chip number CHIP ID1, thereby generating and returning the encrypted PVR KEY corresponding to the CHIP ID1, and then the set-top box can utilize the chip.
  • the private key SK inside decrypts the PVR KEY, thereby completing the recording action.
  • the PVR KEY is simultaneously saved in the first set top box and the PMS, and the set top box that plays back the program recorded by the first set top box can save the PVR KEY, or can obtain the PVR KEY through the PMS, and ensure the security of the recorded program.
  • the sharing of recorded programs is achieved on the basis of sex.
  • the embodiment further provides a PVR protection method, and the method further includes a playback process.
  • the playback process may include steps 310-340.
  • step 310 when the second set top box receives the playback instruction, the encrypted program, the first identification information, and the first recording key are read from the external storage device, and the second set top box is second.
  • the identification information is compared with the first identification information.
  • the receiving, by the second set top box, the playback instruction refers to the second set top box being connected to an external storage device, and displaying the recording interface in the external storage device in a menu of the set top box, according to the user's selection. Playback instructions.
  • comparing the second identification information of the second set top box with the first identification information corresponding to the played back recorded program may include steps 3110 to 3140.
  • step 3110 when the second set top box is connected to the external storage device, the information of the encrypted program stored in the external storage device is read, and the recorded content carried by the external storage device is displayed in the menu.
  • step 3120 the second set top box receives the user's selection operation and generates a playback instruction according to the selection operation.
  • the second set top box acquires the corresponding encrypted program according to the playback instruction, and acquires metadata information corresponding to the encrypted program, where the metadata information includes the first identification information and the first recording key.
  • step 3140 the second set top box reads the first identification information in the metadata information, and compares the first identification information with the second identification information.
  • step 320 if the first identification information is different from the second identification information, the second set top box sends the second identification information, the first identification information, and the first recording key corresponding to the recorded program to the PMS.
  • the recorded program is not recorded by the second set top box.
  • the random key can be obtained through the PMS. Transmitting the second identification information, the first identification information, and the first recording key corresponding to the recorded program to the PMS, so that the PMS is determined according to the second identification information, the first identification information, and the first recording key. Decrypting the second recording key of the encrypted program in the second set top box.
  • the second identification information is the same as the first identification information
  • the first recording key is decrypted to obtain the random key; and the random key pair is utilized.
  • the encrypted program is decrypted to effect playback of the encrypted program.
  • the set top box can set the first recording key to the encryption engine to decrypt the random key.
  • step 330 the PMS generates a second recording key according to the second identification information, the first identification information, and the first recording key.
  • the PMS determines whether the second set top box corresponding to the second identifier information has playback rights, and generates a second recording key when the second set top box has the recording authority.
  • the step 330 may include step 3310 - step 3330.
  • the PMS determines, according to the second identification information, whether the second set top box has playback rights. For example, the PMS searches for the playback rights of the corresponding second set top box in the database according to the second identification information.
  • the PMS decrypts the first recording key according to the first identification information to obtain a random key. For example, the PMS determines a corresponding first private key according to the first identification information, and decrypts the first recording key by using the first private key to obtain a random key.
  • the random key is encrypted according to the second private key corresponding to the second identification information to generate a second recording key.
  • the PMS determines and acquires a second private key of the second set top box according to the second identification information, encrypts the random key by using the second private key, generates a second recording key, and The second recording key is fed back to the second set top box.
  • the second set top box decrypts the second recording key to obtain the random key, and decrypts the encrypted program by using the random key to obtain a decrypted program to implement subsequent Playing the decrypted program.
  • the second set top box sets the second recording key to the encryption engine, decrypts the second recording key to obtain the random key, and decrypts the recorded program by using the random key to obtain The encrypted audio and video data is played and played back to play back the recorded program.
  • the playback process provided by this embodiment determines whether the recorded program being played back is recorded by the local device, and if not recorded by the local device, acquires a random key through the PMS system, and decrypts the random key by using the random key. Recording the program, sharing the recorded program.
  • the playback method provided in this embodiment breaks the one-to-one mode of the traditional PVR program, and realizes a one-to-many flexible manner; and, breaks the limitation between the various hardware platforms, and records the content recorded from one platform to another platform. It can still be used to realize the sharing of PVR programs.
  • various protection measures can be added to the front end to enhance the protection of the recorded content.
  • a time stamp can be added in META DATA to control the effective time limit of the program, and a second charge can be performed.
  • the content recorded on STB1 is placed on STB2 for viewing, and STB2 itself does not purchase related program packages, etc., making the management of the front end more convenient and flexible.
  • the embodiment further provides a PVR protection method, and the method further includes a playback process.
  • the playback process may include steps 402-426.
  • step 402 the set top box is connected to the external storage device, and displays the information of the recorded program carried by the external storage device on the menu of the set top box, and receives the user's selection operation.
  • step 404 a play command is generated according to the selecting operation, and the set top box reads the metadata META DATA corresponding to the recorded program RECORD CONTENT to be played back according to the play instruction; if the reading fails, step 426 is executed to end the play and prompt User; if the reading is successful, step 406 is performed.
  • step 406 the set-top box reads the chip number CHIP ID of the local machine as CHIP ID2, compares the CHIP ID2 with the CHIP ID1 in META DATA, and if CHIP ID1 and CHIP ID2 are equal, step 408 is performed; otherwise, Go to step 412.
  • step 408 set top box STB1 sets RECORD KEY1 in META DATA to the encryption engine to decrypt the PVR KEY.
  • step 410 the set top box STB1 decrypts the recorded content RECORD CONTENT by using the PVR KEY, obtains the decrypted audio and video data and completes the playing, and the process ends.
  • step 412 set top box STB2 sends the META DATA data and CHIP ID2 over the network to the PMS.
  • step 414 the PMS retrieves the database to determine whether the set top box STB2 has playback rights: if the set top box STB2 is allowed to play, step 416 is performed; otherwise, the PMS returns the unplayable rights information to the STB2 via the network and performs step 420. .
  • step 416 the PMS decrypts the RECORD KEY1 according to the first private key SK1 corresponding to the CHIP ID1 to obtain the PVR KEY, and then encrypts the PVR KEY with the second private key SK2 corresponding to the CHID ID2 to obtain the RECORD KEY2.
  • step 418 the PMS returns the playback rights of STB2 and RECORD KEY2 to the set top box STB2 over the network.
  • step 420 the set top box STB2 determines the return result of the PMS: if playback is allowed, step 422 is performed, and if playback is not allowed, step 426 is performed.
  • step 422 the set top box STB2 sets RECORD KEY2 to the encryption engine to decrypt the PVR KEY.
  • step 424 the set top box STB2 reads the recorded content RECORD CONTENT, and decrypts the RECORD CONTENT using the PVR KEY to obtain the decrypted audio and video data and complete the playing.
  • step 426 playback is stopped.
  • This embodiment further provides a PVR protection system, as shown in FIG. 5, which may include: a set top box 100 and a PVR management system PMS200.
  • the set top box 100 may include: a first sending module 101, and a first decrypting module. 102 and save module 103.
  • the first sending module 101 is configured to: when the recording instruction is triggered, send, to the PVR management system PMS, the request information for acquiring the first recording key, where the request information includes the first identifier of the first set top box information.
  • the first decryption module 102 is configured to decrypt the first recording key to obtain a random key, and encrypt the descrambled audio and video data by using the random key to obtain an encrypted program.
  • the saving module 103 is configured to save the encrypted program to an external storage device to implement PVR encrypted recording.
  • the management system PMS200 is configured to generate a random key according to the request information, and encrypt the random key according to the first private key corresponding to the first identification information to obtain a first recording key.
  • the set top box further includes: a comparison module 104, a second sending module 105, and a second decryption module 106.
  • the comparison module 104 is configured to read the encrypted program, the first identification information, and the first recording key from the external storage device when the playback instruction is triggered, and set the second identification information of the second identification information. The first identification information corresponding to the recorded recorded program is compared.
  • the second sending module 105 is configured to: when the second identifier information is different from the first identifier information, send the second identifier information, the first identifier information, and the first recording key corresponding to the recorded program to PMS.
  • the PVR management system PMS200 is further configured to: generate a second recording key according to the second identifier information, the corresponding first identifier information, and the first recording key.
  • the set top box 100 may further include: a second decryption module 106 configured to decrypt the second recording key to obtain the random key, and decrypt the encrypted program by using the random key to obtain a decrypted program To achieve subsequent playback of the decrypted program.
  • the set top box further includes: a third decryption module 107, configured to decrypt the first recording key to obtain the random key when the second identifier information is the same as the first identifier information And decrypting the encrypted program by using the random key to obtain the decrypted program.
  • the set top box may include a plurality of set top boxes, and each of the set top boxes may be configured with the first sending module 101, the first decrypting module 102, the saving module 103, the comparing module 104, the second sending module 105, and the second decrypting module 106.
  • the third decryption module 107 for example, the set top box may include a first set top box and a second set top box, and the corresponding operations may be performed by the first sending module, the first decrypting module, the saving module, and the third decrypting module disposed in the first set top box.
  • Encrypted recording of the program by the first set top box the comparison module, the second sending module and the second decrypting module set by the second set top box perform the corresponding operations, and the second set top box inputs the encrypted program recorded by the first set top box Decryption, program playback, and resource sharing of encrypted programs between multiple set-top boxes.
  • This embodiment further provides a personal video recording PVR protection method, which can be applied to a PVR management system PMS. As shown in FIG. 7, the method may include steps 710-760.
  • step 710 the request information for acquiring the first recording key sent by the first set top box is received, where the request information includes first identification information of the first set top box.
  • step 720 determining, according to the first identification information, whether the first set top box has recording authority; when the first set top box has recording permission, generating a random key, and according to the first identification information and the The random key is obtained to obtain the first recording key.
  • step 730 the first recording key is sent to the first set top box, so that the first set top box decrypts the first recording key to obtain the random key, and the random key is utilized. Encrypting the encrypted data stream to obtain an encrypted data stream, so that the second set top box acquires the encrypted data stream, the first identification information, and the first recording key.
  • step 740 the first identification information, the first recording key, and the second identification information of the second set top box sent by the second set top box are received, where the second set top box is different from the first set top box.
  • Set-top box
  • step 750 determining, according to the second identifier information, whether the second set top box has a play permission; and when the second set top box has a play right, the first record key is used according to the first identifier information. Performing decryption to obtain the random key; and obtaining a second recording key according to the second identification information and the random key.
  • step 760 the second recording key is sent to the second set top box, so that the second set top box decrypts the second recording key, the random key is obtained, and the random key is utilized.
  • the key decrypts the encrypted data stream to obtain a decrypted data stream.
  • the determining, according to the first identifier information, whether the first set top box has the recording permission comprises: acquiring the recording authority information of the first set top box according to the first identifier information; The recording permission information of the set top box determines whether the first set top box has recording permission.
  • the method includes: acquiring the play permission information of the second set top box according to the second identifier information; The permission information determines whether the second set top box has a play permission.
  • the first set top box when the first set top box has the recording permission, generate a random key, and obtain the first recording key according to the first identification information and the random key, including: First When the set-top box has the recording permission, the random key is generated, and the first private key of the first set-top box is obtained according to the first identification information; and the random key is encrypted according to the first private key, The first recording key.
  • the obtaining, according to the second identifier information, the second record key, the second private key of the second set top box is obtained according to the second identifier information;
  • the second private key encrypts the random key to obtain a second recording key.
  • the embodiment further provides a personal video recording PVR protection method, which can be applied to the first set top box. As shown in FIG. 8, the method may include steps 810- 830.
  • the request information of the first recording key is sent to the management system PMS of the PVR, where the request information includes first identification information of the first set top box, so that the PMS is based on the first identifier. Determining whether the first set top box has recording permission, and generating a random key when the first set top box has recording permission, and obtaining and reporting the first identification information according to the first identification information and the random key The first set top box sends the first recording key.
  • step 820 the first recording key sent by the management system PMS of the PVR is received.
  • step 830 the first recording key is decrypted to obtain the random key, and the data stream to be encrypted is encrypted by the random key to obtain an encrypted data stream.
  • the decrypting the first recording key to obtain the random key comprises: decrypting the first recording key by using a first private key corresponding to the first identification information, to obtain The random key.
  • This embodiment further provides a personal video recording PVR protection method, which can be applied to a second set top box. As shown in FIG. 9, the method may include steps 910-930.
  • step 910 the encrypted data stream after the first set top box is encrypted, the first identification information of the first set top box, and the first recording key are obtained, where the first recording key is a PVR management system PMS.
  • the first set top box has recording permission, it is obtained according to the generated random key and the first identification information.
  • step 920 the first identifier information, the first recording key, and the second identifier information of the second set top box are sent to the PMS, so that the PMS determines according to the second identifier information. Whether the second set top box has the playing right, and when the second set top box has the playing right, decrypting the first recording key according to the first identification information, obtaining the random key, and according to the Decoding the second identification information and the random key to obtain a second recording key, and sending the second recording key to the second set top box.
  • step 930 receiving the second recording key sent by the management system PMS of the PVR; decrypting the second recording key to obtain the random key, and using the random key to pair the encrypted data
  • the stream is decrypted to obtain a decrypted data stream.
  • the decrypting the second recording key to obtain the random key comprises: decrypting the second recording key by using a second private key corresponding to the second identifier information, to obtain The random key.
  • the first set top box and the second set top box are interchangeable, that is, the first set top box can also realize encrypted recording of the program, and the second set top box can realize decryption and playing of the program, and the first set top box and the second set top box can execute the program.
  • the steps of decryption and program decryption are interchangeable, that is, the first set top box can also realize encrypted recording of the program, and the second set top box can realize decryption and playing of the program, and the first set top box and the second set top box can execute the program.
  • the embodiment also provides a PVR management system PMS.
  • the system may include:
  • the receiving module 1010 is configured to: receive request information for acquiring a first recording key sent by the first set top box, where the request information includes first identifier information of the first set top box.
  • the authority judging module 1020 is configured to: determine, according to the first identifier information, whether the first set top box has recording authority.
  • the key processing module 1030 is configured to: when the first set top box has recording permission, generate a random key, and obtain the first recording key according to the first identification information and the random key.
  • the data processing module 1040 is configured to: send the first recording key to the first set top box, so that the first set top box decrypts the first recording key to obtain the random key, by using the The random key encrypts the encrypted data stream to obtain an encrypted data stream, so that the second set top box acquires the encrypted data stream, the first identification information, and the first recording key.
  • the receiving module 1010 is further configured to: receive the first identifier information sent by the second set top box, the first recording key, and second identifier information of the second set top box, where the second set top box is first Set-top boxes are different set-top boxes.
  • the authority determining module 1020 is further configured to: determine, according to the second identifier information, whether the second set top box has a play right.
  • the key processing module 1030 is further configured to: when the second set top box has a play permission, decrypt the first record key according to the first identifier information, to obtain the random key; The second identification information and the random key obtain a second recording key.
  • the data processing module 1040 is further configured to: send the second recording key to the second set top box, so that the second set top box decrypts the second recording key to obtain the random key, and Profit Decrypting the encrypted data stream with the random key results in a decrypted data stream.
  • the permission judging module 1020 is configured to: obtain the recording permission information of the first set top box according to the first identification information; and determine, according to the recording permission information of the first set top box, whether the first set top box has Recording authority; obtaining, according to the second identifier information, the playing permission information of the second set top box; and determining, according to the playing right information, whether the second set top box has a playing right.
  • the key processing module 1030 is configured to: when the first set top box has recording permission, generate a random key, and acquire a first private key of the first set top box according to the first identification information; A private key encrypts the random key to obtain the first recording key.
  • the key processing module 1030 is further configured to: acquire a second private key of the second set top box according to the second identification information; and encrypt the random key according to the second private key to obtain a second Record the key.
  • the device embodiments described above are merely illustrative.
  • the division of the modules is only a logical function division.
  • multiple units or components may be combined or integrated. Go to another system, or some features can be ignored or not executed.
  • the mutual coupling or direct coupling or communication connection shown or discussed may be an indirect coupling or communication connection through some interface, device or unit, and may be in electrical, mechanical or other form.
  • the units described as separate components may or may not be physically separated, and the components displayed as units may or may not be physical units, that is, may be located in one place, or may be distributed to multiple network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of the embodiment.
  • the plurality of functional units in the embodiment may be integrated into one processing unit, or each unit may exist physically separately, or two or more units may be integrated into one unit.
  • the above integrated unit can be implemented in the form of hardware or in the form of hardware plus software functional units.
  • the above-described integrated unit implemented in the form of a software functional unit can be stored in a computer readable storage medium.
  • the above software functional unit is stored in a storage medium and includes a plurality of instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) or a processor to execute all of the methods described in this embodiment. Or part of the steps.
  • the foregoing storage medium includes: a U disk, a mobile hard disk, a read-only memory (ROM), a random access memory (RAM), a magnetic disk, or an optical disk, and the like, which can store program codes. .
  • the embodiment further provides a computer readable storage medium storing computer executable instructions for performing any of the above methods.
  • FIG. 11 it is a hardware structure diagram of a PVR management device provided by this embodiment.
  • the PVR management device includes: a processor 1110 and a memory 1120. Communication Interface 1130 and Bus 1140.
  • the processor 1110, the memory 1120, and the communication interface 1130 can complete communication with each other through the bus 1140.
  • Communication interface 1130 can be used for information transmission.
  • the processor 1110 can invoke logic instructions in the memory 1120 to perform the respective methods provided by the above embodiments.
  • the set top box includes: a processor 1210 and a memory 1220; and may further include a communication interface 1230 and a bus 1240.
  • the processor 1210, the memory 1220, and the communication interface 1230 can complete communication with each other through the bus 1240.
  • Communication interface 1230 can be used for information transfer.
  • the processor 1210 can invoke logic instructions in the memory 1220 to perform the respective methods provided by the above embodiments.
  • Both the memory 1120 and the memory 1220 may include a storage program area and a storage data area, and the storage program area may store an operating system and an application required for at least one function.
  • the storage data area can store data and the like created according to the use of the electronic device.
  • the memory may include, for example, a volatile memory of a random access memory, and may also include a non-volatile memory. For example, at least one disk storage device, flash memory device, or other non-transitory solid state storage device.
  • any of the logic instructions in memory 1120 and memory 1220 described above can be implemented in the form of a software functional unit and sold or used as a stand-alone product
  • the logic instructions can be stored in a computer readable storage medium.
  • the technical solution of the present disclosure may be embodied in the form of a computer software product, which may be stored in a storage medium, and includes a plurality of instructions for causing a computer device (which may be a personal computer, a server, a network device, etc.) All or part of the steps of the corresponding method provided by the embodiment are performed.
  • the storage medium may be a non-transitory storage medium or a transitory storage medium.
  • the non-transitory storage medium may include: a U disk, a mobile hard disk, a read-only memory (ROM), a random access memory (RAM), a magnetic disk, or an optical disk, and the like, which can store program codes. medium.
  • All or part of the process in the above embodiment method can be indicated by a computer program.
  • the hardware is completed, and the program can be stored in a non-transitory computer readable storage medium.
  • the program is executed, the flow of the embodiment of the above method can be implemented.
  • the present disclosure provides a PVR protection method for generating a random key for encrypting and recording a program through a PMS, and acquiring the random key through a PMS during playback, and decrypting the program by the random key, so that the program is recorded except
  • Other set-top boxes other than the set-top box can also play back the encrypted recorded program to share the recorded program.

Abstract

A PVR protection method and system. The method comprises: when a recording instruction of a first set-top box is triggered, the first set-top box sends request information for obtaining a first recording key to a PVR management system (PMS), wherein the request information comprises first identification information of the first set-top box; the PMS receives the request information and generates a random key, encrypts the random key according to a first private key corresponding to the first identification information to obtain the first recording key, and sends the first recording key to the first set-top box; the first set-top box receives and decrypts the first recording key to obtain the random key, and encrypts descrambled audio data with the random key to obtain an encrypted program; and the first set-top box stores the encrypted program to an external storage device to achieve PVR encrypted recording.

Description

PVR保护方法及系统PVR protection method and system 技术领域Technical field
本公开涉及机顶盒技术领域,例如涉及一种PVR保护方法及系统。The present disclosure relates to the field of set top box technologies, for example, to a PVR protection method and system.
背景技术Background technique
数字机顶盒已经遍及广大的家庭,成为人们在日常生活中了解世界、认知事物和娱乐消费等重要的平台。随着数字机顶盒的技术和业务的不断开发与更新,个人视频录像(Personal Video Recorder,PVR)技术已经成功地应用于机顶盒上,利用PVR的核心技术-数字化处理和存储技术,对节目进行灵活的录制和回放,使得机顶盒提供的数字化节目精彩纷程,用户能够随心所欲与机顶盒进行互动。Digital set-top boxes have spread throughout the family, becoming an important platform for people to understand the world, cognitive things and entertainment consumption in their daily lives. With the continuous development and updating of digital set-top box technology and business, Personal Video Recorder (PVR) technology has been successfully applied to set-top boxes, using PVR's core technology - digital processing and storage technology, flexible programming Recording and playback make the digital programs provided by the set-top box exciting, allowing users to interact with the set-top box as they wish.
为了保护节目版权,保存在机顶盒硬盘的PVR节目通常需要加密,而进行加密后的PVR节目,只能供同一机顶盒使用,无法实现节目数据的共享。In order to protect the copyright of the program, the PVR program stored on the set-top box hard disk usually needs to be encrypted, and the encrypted PVR program can only be used by the same set-top box, and the program data cannot be shared.
发明内容Summary of the invention
本公开提供一种PVR保护方法及系统,可以解决采用相关加密方法录制的数据仅能在录制所述数据的机顶盒上回放,使得录制的数据无法被其他机顶分享的问题。The present disclosure provides a PVR protection method and system, which can solve the problem that data recorded by the related encryption method can only be played back on a set top box that records the data, so that the recorded data cannot be shared by other set tops.
本公开提供一种PVR保护方法,可以包括:当第一机顶盒的录制指令被触发时,所述第一机顶盒向PVR的管理系统(power production management system,PMS)发送获取第一录制密钥的请求信息,其中,所述请求信息包括所述第一机顶盒的第一标识信息;所述PMS接收所述请求信息并生成一随机密钥,根据所述第一标识信息对应的第一私有密钥对所述随机密钥进行加密以得到所述第一录制密钥,并发送所述第一录制密钥至所述第一机顶盒;所述第一机顶盒接收并解密所述第一录制密钥以得到所述随机密钥,并采用所述随机密钥对解扰后的音视频数据进行加密得到加密节目;以及所述第一机顶盒将所述加密节目保存至外部存储设备,实现PVR加密录制。The present disclosure provides a PVR protection method, which may include: when a recording instruction of a first set top box is triggered, the first set top box sends a request for acquiring a first recording key to a power production management system (PMS) of a PVR. Information, wherein the request information includes first identification information of the first set top box; the PMS receives the request information and generates a random key, according to the first private key pair corresponding to the first identification information Encrypting the random key to obtain the first recording key, and transmitting the first recording key to the first set top box; the first set top box receives and decrypts the first recording key to obtain The random key, and using the random key to encrypt the descrambled audio and video data to obtain an encrypted program; and the first set top box saves the encrypted program to an external storage device to implement PVR encrypted recording.
可选地,所述方法还包括:PVR回放过程,所述PVR回放过程包括:当第二机顶盒接收到回放指令时,从所述外部存储设备读取所述加密节目、所述第一标识信息以及所述第一录制密钥,将所述第二机顶盒的第二标识信息与所述第一标识信息进行比较;当所述第二标识信息与所述第一标识信息不相同时, 所述第二机顶盒将所述第二标识信息、所述第一标识信息以及所述第一录制密钥发送至所述PMS;所述PMS根据所述第二标识信息对应的第二私有密钥、所述第一标识信息对应的第一私有密钥以及所述第一录制密钥生成第二录制密钥;所述第二机顶盒对所述第二录制密钥进行解密以得到所述随机密钥,并利用所述随机密钥对所述加密节目进行解密,得到解密节目,并播放所述解密节目。Optionally, the method further includes: a PVR playback process, the PVR playback process includes: when the second set top box receives the playback instruction, reading the encrypted program, the first identification information from the external storage device And comparing, by the first recording key, the second identification information of the second set top box with the first identification information; when the second identification information is different from the first identification information, The second set top box sends the second identification information, the first identification information, and the first recording key to the PMS; the PMS is based on the second private key corresponding to the second identification information. The first private key corresponding to the first identification information and the first recording key generate a second recording key; the second set top box decrypts the second recording key to obtain the random key Key, and decrypting the encrypted program by using the random key, obtaining a decrypted program, and playing the decrypted program.
本公开还提供一种个人视频录像PVR保护系统,可以包括:机顶盒以及PVR的管理系统PMS;所述机顶盒包括:第一发送模块、第一解密模块以及保存模块;所述第一发送模块,设置为当录制指令被触发时,向PVR的管理系统PMS发送获取第一录制密钥的请求信息,其中,所述请求信息包括所述机顶盒的第一标识信息;所述第一解密模块,设置为解密所述第一录制密钥以得到随机密钥,并采用所述随机密钥对解扰后的音视频数据进行加密得到解密节目;所述保存模块,设置为将所述加密节目保存至外部存储设备,以实现PVR加密录制;所述管理系统PMS,设置为接收所述请求信息并生成一随机密钥,根据所述第一标识信息对应的第一私有密钥对所述随机密钥进行加密以得到第一录制密钥。The present disclosure further provides a personal video recording PVR protection system, which may include: a set top box and a management system PMS of the PVR; the set top box includes: a first sending module, a first decrypting module, and a saving module; the first sending module, setting The request information for acquiring the first recording key is sent to the management system PMS of the PVR, where the request information includes the first identification information of the set top box; the first decryption module is set to Decrypting the first recording key to obtain a random key, and encrypting the descrambled audio and video data by using the random key to obtain a decrypted program; the saving module is configured to save the encrypted program to an external The storage device is configured to implement PVR encrypted recording; the management system PMS is configured to receive the request information and generate a random key, and perform the random key according to the first private key corresponding to the first identification information. Encrypt to get the first recording key.
可选地,所述机顶盒还包括:比较模块、第二发送模块以及第二解密模块;所述比较模块,设置为当回放指令被触发时,从所述外部存储设备读取所述加密节目、所述第一标识信息以及所述第一录制密钥,将自身的第二标识信息与所述第一标识信息进行比较;第二发送模块,设置为当所述第二标识信息与所述第一标识信息不相同时,将所述第二标识信息、第一标识信息以及录制节目对应的第一录制密钥发送至所述PMS;第二解密模块,设置为对第二录制密钥进行解密以得到所述随机密钥,并利用所述随机密钥对所述加密节目进行解密,得到解密节目;所述PMS还设置为根据所述第二标识信息、所述第一标识信息以及第一录制密钥生成第二录制密钥。Optionally, the set top box further includes: a comparison module, a second sending module, and a second decrypting module; the comparing module is configured to read the encrypted program from the external storage device when a playback instruction is triggered, The first identification information and the first recording key compare the second identification information of the second identification information with the first identification information, and the second sending module is configured to: when the second identification information and the first identification information When the identification information is different, the second identification information, the first identification information, and the first recording key corresponding to the recorded program are sent to the PMS; and the second decryption module is configured to decrypt the second recording key. Obtaining the random key, and decrypting the encrypted program by using the random key to obtain a decrypted program; the PMS is further configured to be according to the second identifier information, the first identifier information, and the first The recording key generates a second recording key.
可选地,所述机顶盒还包括:第三解密模块,设置为当所述第二标识信息与所述第一标识信息相同时,解密所述第一录制密钥以得到所述随机密钥,并利用所述随机密钥对所述加密节目进行解密,得到解密节目。Optionally, the set top box further includes: a third decryption module, configured to decrypt the first recording key to obtain the random key when the second identifier information is the same as the first identifier information, And decrypting the encrypted program by using the random key to obtain a decrypted program.
本公开还提供一种PVR保护方法,可以应用于PVR的管理系统PMS,包括:The present disclosure also provides a PVR protection method, which can be applied to a PVR management system PMS, including:
接收第一机顶盒发送的获取第一录制密钥的请求信息,其中,所述请求信 息包括所述第一机顶盒的第一标识信息;根据所述第一标识信息,确定所述第一机顶盒是否有录制权限;当所述第一机顶盒有录制权限时,生成随机密钥,并根据所述第一标识信息和所述随机密钥,得到所述第一录制密钥;将所述第一录制密钥发送给所述第一机顶盒,以使所述第一机顶盒对所述第一录制密钥解密得到所述随机密钥,利用所述随机密钥对待加密的数据流进行加密,得到加密数据流,进而使第二机顶盒获取所述加密数据流、所述第一标识信息和所述第一录制密钥;Receiving, by the first set top box, request information for acquiring a first recording key, where the request letter The information includes the first identification information of the first set top box; determining, according to the first identification information, whether the first set top box has recording permission; when the first set top box has recording permission, generating a random key, and according to Determining, by the first identification information and the random key, the first recording key; sending the first recording key to the first set top box, so that the first set top box is facing the first Decrypting the recording key to obtain the random key, and encrypting the data stream to be encrypted by using the random key to obtain an encrypted data stream, so that the second set top box acquires the encrypted data stream, the first identifier information, and the Describe the first recording key;
接收第二机顶盒发送的所述第一标识信息、所述第一录制密钥以及所述第二机顶盒的第二标识信息,其中所述第二机顶盒与第一机顶盒为不同的机顶盒;根据所述第二标识信息,确定所述第二机顶盒是否有播放权限;当所述第二机顶盒有播放权限时,根据所述第一标识信息对所述第一录制密钥进行解密,得到所述随机密钥;根据所述第二标识信息和所述随机密钥,得到第二录制密钥;以及将所述第二录制密钥发送至所述第二机顶盒,以使所述第二机顶盒解密所述第二录制密钥,得到所述随机密钥,并利用所述随机密钥解密所述加密数据流得到解密数据流。Receiving, by the second set top box, the first identification information, the first recording key, and the second identification information of the second set top box, where the second set top box and the first set top box are different set top boxes; Determining, by the second identifier information, whether the second set top box has a play permission; and when the second set top box has a play right, decrypting the first record key according to the first identifier information, to obtain the random secret Key; obtaining a second recording key according to the second identification information and the random key; and transmitting the second recording key to the second set top box, so that the second set top box decrypts the The second recording key obtains the random key, and decrypts the encrypted data stream by using the random key to obtain a decrypted data stream.
本公开还提供一种PVR保护方法,可以应用于第一机顶盒,包括:The present disclosure also provides a PVR protection method, which can be applied to a first set top box, including:
向PVR的管理系统PMS发送第一录制密钥的请求信息,其中,所述请求信息包括所述第一机顶盒的第一标识信息,以使所述PMS根据所述第一标识信息,确定所述第一机顶盒是否有录制权限,并在所述第一机顶盒有录制权限时,生成随机密钥,并根据所述第一标识信息和所述随机密钥,得到并向所述第一机顶盒发送所述第一录制密钥;Sending the request information of the first recording key to the management system PMS of the PVR, where the request information includes the first identification information of the first set top box, so that the PMS determines the according to the first identification information. Whether the first set top box has the recording permission, and when the first set top box has the recording permission, generates a random key, and obtains and sends the first set top box according to the first identification information and the random key. Describe the first recording key;
接收所述PVR的管理系统PMS发送的所述第一录制密钥;对所述第一录制密钥解密得到所述随机密钥,利用所述随机密钥对待加密的数据流进行加密,得到加密数据流。Receiving the first recording key sent by the management system PMS of the PVR; decrypting the first recording key to obtain the random key, and encrypting the data stream to be encrypted by using the random key to obtain encryption data flow.
本公开还提供一种PVR保护方法,可以应用于第二机顶盒,包括:The present disclosure also provides a PVR protection method, which can be applied to a second set top box, including:
获取第一机顶盒进行加密后的加密数据流、第一机顶盒的第一标识信息和第一录制密钥,其中,所述第一录制密钥为PVR的管理系统PMS在所述第一机顶盒有录制权限时,根据生成的随机密钥和所述第一标识信息得到的;Acquiring the encrypted data stream after the first set top box is encrypted, the first identification information of the first set top box, and the first recording key, wherein the management system PMS whose first recording key is a PVR is recorded in the first set top box When the permission is obtained, according to the generated random key and the first identification information;
向所述PMS发送所述第一标识信息、所述第一录制密钥和所述第二机顶盒的第二标识信息,以使所述PMS根据所述第二标识信息,确定所述第二机顶盒是否有播放权限,并在所述第二机顶盒有播放权限时,根据所述第一标识信息 对所述第一录制密钥进行解密,得到所述随机密钥,并根据所述第二标识信息和所述随机密钥,得到第二录制密钥,并向所述第二机顶盒发送所述第二录制密钥;接收所述PVR的管理系统PMS发送的所述第二录制密钥;对所述第二录制密钥解密得到所述随机密钥,利用所述随机密钥对所述加密数据流进行解密,得到解密数据流。Sending, by the PMS, the first identification information, the first recording key, and the second identification information of the second set top box, so that the PMS determines the second set top box according to the second identification information. Whether there is a play permission, and when the second set top box has a play permission, according to the first identification information Decrypting the first recording key to obtain the random key, and obtaining a second recording key according to the second identification information and the random key, and transmitting the second recording key to the second set top box a second recording key; receiving the second recording key sent by the management system PMS of the PVR; decrypting the second recording key to obtain the random key, and using the random key to encrypt the The data stream is decrypted to obtain a decrypted data stream.
本公开还提供一种PVR的管理系统PMS,可以包括:接收模块,设置为:接收第一机顶盒发送的获取第一录制密钥的请求信息,其中,所述请求信息包括所述第一机顶盒的第一标识信息;权限判断模块,设置为:根据所述第一标识信息,确定所述第一机顶盒是否有录制权限;密钥处理模块,设置为:当所述第一机顶盒有录制权限时,生成随机密钥,并根据所述第一标识信息和所述随机密钥,得到所述第一录制密钥;密钥发送模块,设置为:将所述第一录制密钥发送给所述第一机顶盒,以使所述第一机顶盒对所述第一录制密钥解密得到所述随机密钥,利用所述随机密钥对待加密的数据流进行加密,得到加密数据流,进而使第二机顶盒获取所述加密数据流、所述第一标识信息和所述第一录制密钥;The present disclosure further provides a PVR management system PMS, which may include: a receiving module, configured to: receive request information for acquiring a first recording key sent by a first set top box, where the request information includes the first set top box The first identifier information is configured to: determine, according to the first identifier information, whether the first set top box has a recording authority; and the key processing module is configured to: when the first set top box has a recording permission, Generating a random key, and obtaining the first recording key according to the first identification information and the random key; and the key sending module is configured to: send the first recording key to the first a set top box, so that the first set top box decrypts the first recording key to obtain the random key, and encrypts the data stream to be encrypted by using the random key to obtain an encrypted data stream, thereby enabling the second set top box Obtaining the encrypted data stream, the first identification information, and the first recording key;
所述接收模块还设置为:接收第二机顶盒发送的所述第一标识信息、所述第一录制密钥以及所述第二机顶盒的第二标识信息,其中所述第二机顶盒与第一机顶盒为不同的机顶盒;所述权限判断模块还设置为:根据所述第二标识信息,确定所述第二机顶盒是否有播放权限;所述密钥处理模块还设置为:当所述第二机顶盒有播放权限时,根据所述第一标识信息对所述第一录制密钥进行解密,得到所述随机密钥;根据所述第二标识信息和所述随机密钥,得到第二录制密钥;所述密钥发送模块还设置为:将所述第二录制密钥发送至所述第二机顶盒,以使所述第二机顶盒解密所述第二录制密钥,得到所述随机密钥,并利用所述随机密钥解密所述加密数据流得到解密数据流。The receiving module is further configured to: receive the first identification information, the first recording key, and the second identification information of the second set top box sent by the second set top box, where the second set top box and the first set top box The privilege judging module is further configured to: determine, according to the second identifier information, whether the second set top box has a play permission; the key processing module is further configured to: when the second set top box has Decrypting the first recording key according to the first identification information to obtain the random key; and obtaining a second recording key according to the second identification information and the random key; The key sending module is further configured to: send the second recording key to the second set top box, so that the second set top box decrypts the second recording key to obtain the random key, and Decrypting the encrypted data stream with the random key results in a decrypted data stream.
本公开还提供一种计算机可读存储介质,存储有计算机可执行指令,所述计算机可执行指令用于执行上述任意一种方法。The present disclosure also provides a computer readable storage medium storing computer executable instructions for performing any of the methods described above.
本公开还提供一种PVR管理设备,该PVR管理设备包括一个或多个处理器、存储器以及一个或多个程序,所述一个或多个程序存储在存储器中,当被一个或多个处理器执行时,可以执行上述相应的方法。The present disclosure also provides a PVR management device including one or more processors, a memory, and one or more programs, the one or more programs being stored in a memory when being processed by one or more processors When executed, the corresponding method described above can be performed.
本公开还提供一种机顶盒,该机顶盒包括一个或多个处理器、存储器以及一个或多个程序,所述一个或多个程序存储在存储器中,当被一个或多个处理 器执行时,可以执行上述相应的方法。The present disclosure also provides a set top box including one or more processors, a memory, and one or more programs, the one or more programs being stored in the memory when processed by one or more When the device is executed, the corresponding method described above can be performed.
本公开还提供了一种计算机程序产品,所述计算机程序产品包括存储在非暂态计算机可读存储介质上的计算机程序,所述计算机程序包括程序指令,当所述程序指令被计算机执行时,使所述计算机执行上述任意一种方法。The present disclosure also provides a computer program product comprising a computer program stored on a non-transitory computer readable storage medium, the computer program comprising program instructions, when the program instructions are executed by a computer, Having the computer perform any of the methods described above.
本公开提供的PVR保护方法及系统,通过PMS生成用于对节目进行录制的随机密钥,并且在回放时通过所述PMS获取该随机密钥,并通过所述随机密钥解密所述节目,以使得从录制节目的机顶盒的其他机顶盒也可以回放所述录制节目,实现了所述录制节目的共享。The PVR protection method and system provided by the present disclosure generates a random key for recording a program through a PMS, and acquires the random key through the PMS during playback, and decrypts the program by using the random key. The sharing of the recorded programs is achieved such that the recorded programs can also be played back from other set top boxes of the set top box that recorded the program.
附图说明DRAWINGS
图1为一实施例提供的一种PVR保护方法的流程图。FIG. 1 is a flowchart of a PVR protection method according to an embodiment.
图2为一实施例提供的另一用PVR保护方法的流程图。2 is a flow chart of another PVR protection method provided by an embodiment.
图3为一实施例提供的又一种PVR保护方法的流程图。FIG. 3 is a flowchart of still another PVR protection method according to an embodiment.
图4为一实施例提供的又一种PVR保护方法的流程图。FIG. 4 is a flowchart of still another PVR protection method according to an embodiment.
图5为一实施例提供的一种PVR保护系统的结构示意图。FIG. 5 is a schematic structural diagram of a PVR protection system according to an embodiment.
图6为一实施例提供的一种PVR保护系统中机顶盒的结构示意图。FIG. 6 is a schematic structural diagram of a set top box in a PVR protection system according to an embodiment.
图7为一实施例提供的又一种PVR保护方法的流程图。FIG. 7 is a flowchart of still another PVR protection method according to an embodiment.
图8为一实施例提供的又一种PVR保护方法的流程图。FIG. 8 is a flowchart of still another PVR protection method according to an embodiment.
图9为一实施例提供的又一种PVR保护方法的流程图。FIG. 9 is a flowchart of still another PVR protection method according to an embodiment.
图10为一实施例提供的一种PVR的管理系统PMS的结构示意图。FIG. 10 is a schematic structural diagram of a PVR management system PMS according to an embodiment.
图11为一实施例提供的一种PVR管理设备的硬件结构示意图。FIG. 11 is a schematic structural diagram of hardware of a PVR management device according to an embodiment.
图12为一实施例提供的一种机顶盒的硬件结构示意图。FIG. 12 is a schematic structural diagram of hardware of a set top box according to an embodiment.
具体实施方式detailed description
本实施例中,使用的用于表示元件的诸如“模块”、“部件”或“单元”的后缀仅为了有利于本发明的说明,其本身并没有特定的意义。因此,“模块”、“部件”或“单元”可以混合地使用。In the present embodiment, the suffixes such as "module", "component" or "unit" used to denote elements are merely illustrative of the present invention, and do not have a specific meaning per se. Therefore, "module", "component" or "unit" can be used in combination.
终端设备可以以各种形式来实施。例如,本发明中描述的终端可以包括诸如移动电话、智能电话、笔记本电脑、数字广播接收器、PDA(个人数字助理)、PAD(平板电脑)、PMP(便携式多媒体播放器)、导航装置等等的移动终端以及诸如数字TV、台式计算机等等的固定终端。然而,本领域技术人员将理解的是,除了特别用于移动目的的元件之外,根据本发明的实施方式的构造也能够应用于固定类型的终端。 The terminal device can be implemented in various forms. For example, the terminal described in the present invention may include, for example, a mobile phone, a smart phone, a notebook computer, a digital broadcast receiver, a PDA (Personal Digital Assistant), a PAD (Tablet), a PMP (Portable Multimedia Player), a navigation device, etc. Mobile terminals and fixed terminals such as digital TVs, desktop computers, and the like. However, those skilled in the art will appreciate that configurations in accordance with embodiments of the present invention can be applied to fixed type terminals in addition to components that are specifically for mobile purposes.
本实施例提供了一种PVR保护方法,所述方法包括录制过程,如图1所示,所述录制过程可以包括步骤110-步骤140。This embodiment provides a PVR protection method, where the method includes a recording process. As shown in FIG. 1, the recording process may include steps 110-140.
在步骤110中,当第一机顶盒的录制指令被触发时,所述第一机顶盒向PVR的管理系统PMS发送获取第一录制密钥的请求信息,其中,所述请求信息包括所述第一机顶盒的第一标识信息。In step 110, when the recording instruction of the first set top box is triggered, the first set top box sends request information for acquiring the first recording key to the management system PMS of the PVR, wherein the request information includes the first set top box. First identification information.
在步骤120,所述PMS接收所述请求信息并生成一随机密钥,根据所述第一标识信息对应的第一私有密钥对所述随机密钥进行加密以得到第一录制密钥,并发送所述第一录制密钥至所述第一机顶盒。In step 120, the PMS receives the request information and generates a random key, and encrypts the random key according to the first private key corresponding to the first identification information to obtain a first recording key, and Sending the first recording key to the first set top box.
可选地,所述第一机顶盒建立所述第一标识信息以及所述第一录制密钥的关联关系,并将所述关联关系存储于所述外部存储设备。Optionally, the first set top box establishes an association relationship between the first identification information and the first recording key, and stores the association relationship in the external storage device.
例如,第一机顶盒可以将自身的标识信息与录制节目的第一录制密钥进行绑定,并将绑定关系存储在外部存储设备,使得其他机顶盒可以从外部存储设备得到到第一机顶盒的标识信息和第一录制密钥。For example, the first set top box can bind its own identification information to the first recording key of the recorded program, and store the binding relationship on the external storage device, so that the other set top box can obtain the identifier of the first set top box from the external storage device. Information and first recording key.
在步骤130中,所述第一机顶盒接收并解密所述第一录制密钥以得到所述随机密钥,并采用所述随机密钥对解扰后的音视频数据进行加密得到加密节目。In step 130, the first set top box receives and decrypts the first recording key to obtain the random key, and encrypts the descrambled audio and video data by using the random key to obtain an encrypted program.
在步骤140中,所述第一机顶盒将所述加密节目保存至外部存储设备,以实现PVR加密录制。In step 140, the first set top box saves the encrypted program to an external storage device to implement PVR encrypted recording.
市场上提供的条件接收(Condition Access,CA)服务的厂家一般采用基于芯片级的硬件加密方法,例如,在录制过程中利用主芯片中的私有密钥,通过运算后可以得到随机密钥,然后利用该随机密钥对音视频数据进行加密,在视频回放时则利用该主芯片中的私有密钥进行运算得到随机密钥,并利用该随机密钥解密音视频数据。但是,该加密方法是基于硬件的私有链路对音视频数据进行保护,其他机顶盒无法恢复出进行加密的机顶盒的随机密钥,使得录制和回放被限制在同一机顶盒上使用,加密后的视频数据无法被其他CA厂商认可的机顶盒分享。Manufacturers of Conditional Access (CA) services provided in the market generally use chip-level hardware encryption methods. For example, during the recording process, the private key in the main chip is used, and the random key can be obtained through the operation. The audio and video data is encrypted by using the random key, and the random key is obtained by using the private key in the main chip during video playback, and the audio and video data is decrypted by using the random key. However, the encryption method is to protect the audio and video data based on the private link of the hardware, and the other set top boxes cannot recover the random key of the encrypted set top box, so that the recording and playback are restricted to be used on the same set top box, and the encrypted video data is used. Cannot be shared by set-top boxes approved by other CA vendors.
本实施例中,所述机顶盒将自身的第一标识信息发送至PMS系统,所述PMS系统为所述第一标识信息生成一个随机密钥,并采用所述第一标识信息对应的加密算法以及第一私有密钥对所述随机密钥进行加密以生成第一录制密钥,所述机顶盒解密所述第一录制密钥得到所述随机密钥,并采用所述随机密钥进行录制节目,通过对随机密钥进行加密,可以提高密钥传输的安全性,使得在网络传输中,密钥不易被截获,从而保证加密节目的安全性,这样通过PMS系统 对录制密钥进行管理,解决了现有录制方法得到的PVR节目只能在同一机顶盒上回放,无法在其他机顶盒上回放的问题。In this embodiment, the set top box sends its own first identification information to the PMS system, and the PMS system generates a random key for the first identification information, and uses an encryption algorithm corresponding to the first identification information. The first private key encrypts the random key to generate a first recording key, the set top box decrypts the first recording key to obtain the random key, and uses the random key to record a program, By encrypting the random key, the security of the key transmission can be improved, so that the key is not easily intercepted in the network transmission, thereby ensuring the security of the encrypted program, so that the PMS system is adopted. The recording key is managed to solve the problem that the PVR program obtained by the existing recording method can only be played back on the same set top box and cannot be played back on other set top boxes.
其中,在所述步骤110中,所述第一机顶盒的录制指令被触发可以是用户通过机顶盒的控制面板或者遥控器等控制设备对机顶盒进行的控制操作而产生的控制指令,所述控制指令为录制指令。所述PVR管理系统PMS内可以设置CA前端,所述PMS可以获取得到所述CA前端认证的机顶盒的相关信息,如,机顶盒的标识信息)、私有密钥、加密方法以及录制权限等。在本实施例中,机顶盒的标识信息可以为芯片号码CHIP ID。所述PMS系统可以预先建立一数据库,所述数据库用于存储机顶盒的芯片号码CHIP ID、私有密钥、加密方法以及录制权限等。并且,所述芯片号码CHIP ID、私有密钥,加密方法以及录制权限相互关联存储。也就是说,所述PMS系统可以根据机顶盒的CHIP ID确定其对应的私有密钥、加密方法以及录制权限等。In the step 110, the recording instruction of the first set top box is triggered, which may be a control command generated by the user through a control panel of the set top box or a control device such as a remote controller to perform a control operation on the set top box. The control command is Record the command. The CA front end may be set in the PMS management system PMS, and the PMS may obtain related information of the set top box that is authenticated by the CA front end, such as identification information of the set top box, a private key, an encryption method, and a recording authority. In this embodiment, the identification information of the set top box may be a chip number CHIP ID. The PMS system may pre-establish a database for storing the chip number CHIP ID of the set top box, a private key, an encryption method, and recording rights. Moreover, the chip number CHIP ID, private key, encryption method, and recording authority are stored in association with each other. That is to say, the PMS system can determine its corresponding private key, encryption method, recording authority, and the like according to the CHIP ID of the set top box.
所述第一机顶盒向PVR管理系统PMS发送获取第一录制密钥的请求信息可以包括所述第一机顶盒通过因特网向所述PMS系统发送携带自身CHIP ID的请求信息,以使得PMS通过所述请求信息生成用于录制节目的第一录制密钥。The sending, by the first set top box, the request information for acquiring the first recording key to the PVR management system PMS may include the first set top box sending the request information carrying the own CHIP ID to the PMS system over the Internet, so that the PMS passes the request. The information generates a first recording key for recording the program.
在所述步骤120中,所述随机密钥是PMS系统随机生成的,随机密钥可以为一个字符串,如ab12等。在生成随机密钥后,根据所述第一标识信息对应的第一私有密钥对所述随机密钥进行加密得到第一录制密钥。由于不是所有的机顶盒都具有录制节目的权限,而在机顶盒不具有录制权限的时候无需为该机顶盒生成随机密钥以及执行后续步骤。从而,在所述步骤120之前还可以包括一个查询所述第一机顶盒是否具有录制权限的过程,可以包括:所述PMS接收所述请求信息,并获取所述请求信息携带的第一标识信息;PMS在数据库内查询所述第一标识信息对应的机顶盒是否具有录制权限;若所述第一机顶盒具有录制权限,则执行所述步骤120;In the step 120, the random key is randomly generated by the PMS system, and the random key may be a character string, such as ab12. After generating the random key, encrypting the random key according to the first private key corresponding to the first identification information to obtain a first recording key. Since not all set top boxes have the right to record programs, there is no need to generate a random key for the set top box and perform subsequent steps when the set top box does not have recording rights. Therefore, before the step 120, the method may further include: a process of querying whether the first set top box has a recording permission, the method may include: the PMS receiving the request information, and acquiring first identification information carried by the request information; The PMS queries, in the database, whether the set top box corresponding to the first identifier information has a recording authority; if the first set top box has a recording right, the step 120 is performed;
若所述第一机顶盒不具有录制权限,则PMS可以通过网络向所述第一机顶盒反馈所述查询结果,即所述第一机顶盒不具有录制权限。If the first set top box does not have recording permission, the PMS may feed back the query result to the first set top box through the network, that is, the first set top box does not have recording permission.
在本实施例中,所述PMS接收所述请求信息并生成一随机密钥,然后根据所述第一标识信息对应的第一私有密钥对所述随机密钥加密以得到第一录制密钥可以包括步骤1210-步骤1240。In this embodiment, the PMS receives the request information and generates a random key, and then encrypts the random key according to the first private key corresponding to the first identification information to obtain a first recording key. Steps 1210 - 1240 can be included.
在步骤1210中,所述PMS接收并解析所述请求信息,得到所述第一标识信息。 In step 1210, the PMS receives and parses the request information to obtain the first identification information.
在步骤1220中,PMS根据所述第一标识信息在数据库内查找对应的第一私有密钥以及加密方法。In step 1220, the PMS searches for a corresponding first private key and an encryption method in the database according to the first identification information.
在步骤1230中,PMS随机生成一个随机密钥,并利用所述第一私有密钥以及加密方法对所述随机密钥加密得到第一录制密钥。In step 1230, the PMS randomly generates a random key, and encrypts the random key using the first private key and an encryption method to obtain a first recording key.
在步骤1240中,所述PMS将所述第一录制密钥反馈至第一机顶盒。In step 1240, the PMS feeds back the first recording key to the first set top box.
本实施例中,所述第一标识信息可以为CHIP ID1,所述第一私有密钥为机顶盒主芯片中的私有密钥。也就是PMS利用所述机顶盒主芯片中的私有密钥,如会话密钥(Session Key,SK)对随机密钥进行加密得到第一录制密钥,当第一机顶盒接收到第一录制密钥时,可以根据自身主芯片中携带的私有密钥对所述第一录制密钥进行解密,以得到所述随机密钥。本实施例中在PMS系统中完成产生随机密钥并采用第一私有密钥对随机密钥加密的过程,PMS系统还可以保存所述随机密钥,当有机顶盒回放所述第一机顶盒录制的节目时,机顶盒可以通过PMS系统获取所述随机密钥,采用所述随机密钥解密第一机顶盒录制的节目,实现了PVR节目的共享。In this embodiment, the first identification information may be CHIP ID1, and the first private key is a private key in the main chip of the set top box. That is, the PMS uses the private key in the set-top box main chip, such as a session key (Session Key, SK) to encrypt the random key to obtain the first recording key, when the first set-top box receives the first recording key. The first recording key may be decrypted according to a private key carried in the master chip thereof to obtain the random key. In this embodiment, the process of generating a random key and encrypting the random key by using the first private key is completed in the PMS system, and the PMS system may also save the random key, when the top set box plays back the recorded content of the first set top box. During the program, the set top box can acquire the random key through the PMS system, and use the random key to decrypt the program recorded by the first set top box, thereby realizing sharing of the PVR program.
在所述步骤130中,所述第一机顶盒解密所述第一录制密钥以得到所述随机密钥指的是所述第一机顶盒接收PMS反馈的第一录制密钥,并将所述第一录制密钥设置到加密引擎中,利用第一私有密钥解密第一录制密钥得到所述随机密钥。同时,将所述第一标识信息以及第一录制密钥等元数据(META DATA)信息保存至外部存储设备(如,U盘或移动硬盘等)上,所述外部存储设备为存储第一机顶盒录制的节目的外部存储设备。也就是说,当有机顶盒从所述外部存储设备获取第一机顶盒录制的节目时,也可以获取所述第一机顶盒的META DATA信息,这样可以根据所述META DATA信息获取随机密钥。In the step 130, the first set top box decrypts the first recording key to obtain the random key, and the first set top box receives the first recording key fed back by the PMS, and the A recording key is set to the encryption engine, and the first recording key is decrypted using the first private key to obtain the random key. At the same time, the first identification information and the metadata (META DATA) information such as the first recording key are saved to an external storage device (for example, a USB flash drive or a mobile hard disk, etc.), and the external storage device stores the first set top box. An external storage device for recorded programs. That is, when the top set box acquires the program recorded by the first set top box from the external storage device, the META DATA information of the first set top box may also be acquired, so that the random key may be acquired according to the META DATA information.
在所述步骤140中,所述第一机顶盒将得到的录制节目写入到外部存储设备以形成与第一机顶盒播放的节目对应的PVR文件,若节目录制未完成则重复上述加密录制过程直至录制结束。所述录制结束可以是节目时间结束(数字电视终端通过该数字电视频道的电子节目指南(Electronic Program Guide,EPG)信息判断获知节目的开始时间和持续时间),完成对节目的录制;也可以是用户取消录制;还可以是发生错误结束,如,存储设备已满等。In the step 140, the first set top box writes the obtained recorded program to an external storage device to form a PVR file corresponding to the program played by the first set top box, and repeats the above encrypted recording process until the recording is not completed. End. The end of the recording may be the end of the program time (the digital television terminal judges the start time and duration of the learned program through the Electronic Program Guide (EPG) information of the digital television channel), and completes the recording of the program; The user cancels the recording; it can also be the end of the error, such as the storage device is full.
本实施例还提供了一种PVR保护方法,所述方法包括录制过程,如图2所示,所述录制过程可以包括步骤210-步骤290。This embodiment further provides a PVR protection method, where the method includes a recording process. As shown in FIG. 2, the recording process may include steps 210-290.
在步骤210中,机顶盒STB1录制命令被触发,向PMS发送录制请求,该 请求中包括STB1的CHIP ID1信息,其中,机顶盒STB1通过因特网将录制请求发送给PVR管理系统PMS。In step 210, the set-top box STB1 recording command is triggered, and a recording request is sent to the PMS, The request includes the CHIP ID1 information of the STB1, wherein the set top box STB1 transmits the recording request to the PVR management system PMS via the Internet.
在步骤220中,PMS通过数据库进行检索,查询机顶盒STB1的录制权限,如果机顶盒STB1被允许录制,则执行步骤230,如果机顶盒STB1未被允许录制,则PMS通过网络向机顶盒STB1返回无法录制的权限,并执行步骤250。In step 220, the PMS searches through the database to query the recording permission of the set-top box STB1. If the set-top box STB1 is allowed to record, step 230 is performed. If the set-top box STB1 is not allowed to record, the PMS returns the unrecordable permission to the set-top box STB1 through the network. And perform step 250.
在步骤230中,所述PMS生成一个随机密钥PVR KEY,并利用CHIP ID1对应的私有密钥SK1对所述PVR KEY进行加密得到录制密钥RECORD KEY1。In step 230, the PMS generates a random key PVR KEY, and encrypts the PVR KEY by using the private key SK1 corresponding to the CHIP ID1 to obtain a recording key RECORD KEY1.
在步骤240中,所述PMS通过网络将录制权限和RECORD KEY1返回给机顶盒STB1。In step 240, the PMS returns recording rights and RECORD KEY1 to the set top box STB1 over the network.
在步骤250中,机顶盒STB1检查PMS返回的结果,如果允许录制,则执行步骤260;如不允许录制,则执步骤290。In step 250, the set top box STB1 checks the result of the PMS return, if the recording is allowed, then step 260 is performed; if the recording is not allowed, step 290 is performed.
在步骤260中,机顶盒STB1将PMS返回的RECORD KEY1设置到加密引擎中,通过私有密钥SK1解密得到PVR KEY,并将由CHIP ID1和RECORD KEY1构成的元数据METADATA信息保存到外部存储设备上。In step 260, the set top box STB1 sets the RECORD KEY1 returned by the PMS to the encryption engine, decrypts the PVR KEY by the private key SK1, and saves the metadata METADATA information composed of CHIP ID1 and RECORD KEY1 to the external storage device.
在步骤270中,机顶盒STB1将解扰后的音视频数据使用PVR KEY加密,得到加密后的数据RECORD CONTENT,并将RECORD CONTENT保存到外部存储设备上。在步骤280中,重复步骤270直到用户取消录制或者其它错误发生,则结束录制。在步骤290中,结束录制。In step 270, the set top box STB1 encrypts the descrambled audio and video data using the PVR KEY, obtains the encrypted data RECORD CONTENT, and saves the RECORD CONTENT to the external storage device. In step 280, step 270 is repeated until the user cancels the recording or other error occurs, then the recording ends. In step 290, the recording is ended.
本实施提供的录制过程是基于机顶盒的主芯片以及PMS系统的录制过程,并且所述PMS保存所述主芯片的加密算法以及私有密钥SK。在机顶盒向所述PMS请求PVR操作时,PMS根据第一机顶盒传输芯片号码CHIP ID1找到对应的私有密钥,从而生成并返回所述CHIP ID1对应的加密后的PVR KEY,然后机顶盒就可以利用芯片里面的私有密钥SK解密出所述PVR KEY,进而完成录制动作。这样所述PVR KEY同时保存在第一机顶盒以及PMS中,回放所述第一机顶盒录制的节目的机顶盒可以保存所述PVR KEY,也可以是通过PMS获取所述PVR KEY,在保证录制节目的安全性的基础上实现了录制节目的共享。The recording process provided by the present embodiment is based on the recording process of the main chip of the set top box and the PMS system, and the PMS saves the encryption algorithm of the main chip and the private key SK. When the set-top box requests the PVR operation from the PMS, the PMS finds the corresponding private key according to the first set-top box transmission chip number CHIP ID1, thereby generating and returning the encrypted PVR KEY corresponding to the CHIP ID1, and then the set-top box can utilize the chip. The private key SK inside decrypts the PVR KEY, thereby completing the recording action. In this way, the PVR KEY is simultaneously saved in the first set top box and the PMS, and the set top box that plays back the program recorded by the first set top box can save the PVR KEY, or can obtain the PVR KEY through the PMS, and ensure the security of the recorded program. The sharing of recorded programs is achieved on the basis of sex.
本实施例还提供了一种PVR保护方法,所述方法还包括回放过程,如图3所示,所述回放过程可以包括步骤310-步骤340。The embodiment further provides a PVR protection method, and the method further includes a playback process. As shown in FIG. 3, the playback process may include steps 310-340.
在步骤310中,当第二机顶盒接收到回放指令时,从所述外部存储设备读取所述加密节目、所述第一标识信息以及所述第一录制密钥,将第二机顶盒的第二标识信息与所述第一标识信息进行比较。 In step 310, when the second set top box receives the playback instruction, the encrypted program, the first identification information, and the first recording key are read from the external storage device, and the second set top box is second. The identification information is compared with the first identification information.
例如,所述第二机顶盒接收到回放指令指的是所述第二机顶盒与外部存储设备相连接,并将所述外部存储设备内的录制界面显示于机顶盒的菜单内,根据用户的选择而产生回放指令。For example, the receiving, by the second set top box, the playback instruction refers to the second set top box being connected to an external storage device, and displaying the recording interface in the external storage device in a menu of the set top box, according to the user's selection. Playback instructions.
所述当第二机顶盒接收到回放指令时,将自身的第二标识信息与回放的录制节目对应的第一标识信息进行比较可以包括步骤3110-步骤3140。When the second set top box receives the playback instruction, comparing the second identification information of the second set top box with the first identification information corresponding to the played back recorded program may include steps 3110 to 3140.
在步骤3110中,当第二机顶盒连接外部存储设备时,读取外部存储设备内存储的加密节目的信息,将所述外部存储设备携带的录制内容显示于菜单内。In step 3110, when the second set top box is connected to the external storage device, the information of the encrypted program stored in the external storage device is read, and the recorded content carried by the external storage device is displayed in the menu.
在步骤3120中,第二机顶盒接收用户的选取操作,并根据所述选取操作产生回放指令。In step 3120, the second set top box receives the user's selection operation and generates a playback instruction according to the selection operation.
在步骤3130中,第二机顶盒根据所述回放指令获取对应的加密节目,并获取所述加密节目对应的元数据信息,所述元数据信息包括第一标识信息和第一录制密钥。In step 3130, the second set top box acquires the corresponding encrypted program according to the playback instruction, and acquires metadata information corresponding to the encrypted program, where the metadata information includes the first identification information and the first recording key.
在步骤3140中,第二机顶盒读取所述元数据信息内的第一标识信息,并将所述第一标识信息与第二标识信息进行比较。In step 3140, the second set top box reads the first identification information in the metadata information, and compares the first identification information with the second identification information.
在步骤320中,若第一标识信息与第二标识信息不相同,第二机顶盒则将第二标识信息、第一标识信息以及录制节目对应的第一录制密钥发送至PMS。In step 320, if the first identification information is different from the second identification information, the second set top box sends the second identification information, the first identification information, and the first recording key corresponding to the recorded program to the PMS.
例如,当第二标识信息与第一标识信息不相同,说明所述录制节目不是第二机顶盒录制的。此时可以通过PMS获取随机密钥。将所述将第二标识信息、第一标识信息以及录制节目对应的第一录制密钥发送至PMS,以使得PMS根据所述第二标识信息、第一标识信息以及第一录制密钥确定用于第二机顶盒解密所述加密节目的第二录制密钥。For example, when the second identification information is different from the first identification information, the recorded program is not recorded by the second set top box. At this point, the random key can be obtained through the PMS. Transmitting the second identification information, the first identification information, and the first recording key corresponding to the recorded program to the PMS, so that the PMS is determined according to the second identification information, the first identification information, and the first recording key. Decrypting the second recording key of the encrypted program in the second set top box.
当第二标识信息与第一标识信息相同时,则所述录制节目是第二机顶盒录制的,那么就解密所述第一录制密钥以得到所述随机密钥;利用所述随机密钥对所述加密节目进行解密,以实现回放所述加密节目。其中,机顶盒可以将所述第一录制密钥设置到加密引擎中解密出随机密钥。When the second identification information is the same as the first identification information, if the recorded program is recorded by the second set top box, then the first recording key is decrypted to obtain the random key; and the random key pair is utilized. The encrypted program is decrypted to effect playback of the encrypted program. The set top box can set the first recording key to the encryption engine to decrypt the random key.
在步骤330中,所述PMS根据所述第二标识信息、第一标识信息以及第一录制密钥生成第二录制密钥。In step 330, the PMS generates a second recording key according to the second identification information, the first identification information, and the first recording key.
例如,所述PMS接收到第二标识信息后,判断所述第二标识信息对应的第二机顶盒是否具有回放权限,在第二机顶盒具有录制权限时,生成第二录制密钥。For example, after receiving the second identifier information, the PMS determines whether the second set top box corresponding to the second identifier information has playback rights, and generates a second recording key when the second set top box has the recording authority.
可选地,所述步骤330可以包括步骤3310-步骤3330。 Optionally, the step 330 may include step 3310 - step 3330.
在步骤3310中,所述PMS根据所述第二标识信息判断所述第二机顶盒是否具有回放权限。例如,PMS根据所述第二标识信息在数据库内查找对应的第二机顶盒的回放权限。In step 3310, the PMS determines, according to the second identification information, whether the second set top box has playback rights. For example, the PMS searches for the playback rights of the corresponding second set top box in the database according to the second identification information.
在步骤3320中,当所述第二机顶盒具有回放权限时,所述PMS根据所述第一标识信息对所述第一录制密钥进行解密得到随机密钥。例如,所述PMS根据所述第一标识信息确定对应的第一私有密钥,利用所述第一私有密钥对第一录制密钥进行解密得到随机密钥。In step 3320, when the second set top box has playback rights, the PMS decrypts the first recording key according to the first identification information to obtain a random key. For example, the PMS determines a corresponding first private key according to the first identification information, and decrypts the first recording key by using the first private key to obtain a random key.
在步骤3330中,根据所述第二标识信息对应的第二私有密钥对所述随机密钥进行加密生成第二录制密钥。例如,所述PMS根据第二标识信息确定并获取第二机顶盒的第二私有密钥,利用所述第二私有密钥对所述随机密钥进行加密生成第二录制密钥,并将所述第二录制密钥反馈给第二机顶盒。In step 3330, the random key is encrypted according to the second private key corresponding to the second identification information to generate a second recording key. For example, the PMS determines and acquires a second private key of the second set top box according to the second identification information, encrypts the random key by using the second private key, generates a second recording key, and The second recording key is fed back to the second set top box.
在步骤340中,所述第二机顶盒对所述第二录制密钥进行解密以得到所述随机密钥,并利用所述随机密钥对所述加密节目进行解密,得到解密节目,以实现后续播放所述解密节目。例如,所述第二机顶盒将所述第二录制密钥设置到加密引擎中,对第二录制密钥进行解密得到所述随机密钥,利用所述随机密钥解密所述录制节目,得到未加密的音视频数据并进行播放,实现回放录制的节目。In step 340, the second set top box decrypts the second recording key to obtain the random key, and decrypts the encrypted program by using the random key to obtain a decrypted program to implement subsequent Playing the decrypted program. For example, the second set top box sets the second recording key to the encryption engine, decrypts the second recording key to obtain the random key, and decrypts the recorded program by using the random key to obtain The encrypted audio and video data is played and played back to play back the recorded program.
本实施例提供的回放过程,通过判断所述回放的录制节目是否为本机录制的,在不是本机录制的情况下,通过PMS系统获取随机密钥,并通过所述随机密钥解密所述录制节目,实现了录制节目的共享。本实施例提供的回放方法打破了传统PVR节目一对一的模式,实现了一对多的灵活方式;并且,打破了各个硬件平台之间的限制,从一个平台录制的内容,待另外一个平台仍然可以使用,实现了PVR节目的共享。同时,在录制及回放节目的过程中还可以在前端加入各种保护措施对录制内容进行增强型保护,比如可以在META DATA中增加时间戳来控制节目的有效时限等,还可以进行二次收费,比如在STB1上录制的内容放到STB2上去观看,而STB2本身没有购买相关节目包等等,使得对前端的管理更加方便和灵活。The playback process provided by this embodiment determines whether the recorded program being played back is recorded by the local device, and if not recorded by the local device, acquires a random key through the PMS system, and decrypts the random key by using the random key. Recording the program, sharing the recorded program. The playback method provided in this embodiment breaks the one-to-one mode of the traditional PVR program, and realizes a one-to-many flexible manner; and, breaks the limitation between the various hardware platforms, and records the content recorded from one platform to another platform. It can still be used to realize the sharing of PVR programs. At the same time, in the process of recording and playing back the program, various protection measures can be added to the front end to enhance the protection of the recorded content. For example, a time stamp can be added in META DATA to control the effective time limit of the program, and a second charge can be performed. For example, the content recorded on STB1 is placed on STB2 for viewing, and STB2 itself does not purchase related program packages, etc., making the management of the front end more convenient and flexible.
本实施例还提供了一种PVR保护方法,所述方法还包括回放过程,如图4所示,所述回放过程可以包括步骤402-步骤426。The embodiment further provides a PVR protection method, and the method further includes a playback process. As shown in FIG. 4, the playback process may include steps 402-426.
在步骤402中,机顶盒与外部存储设备连接,并将外部存储设备携带的录制节目的信息显示与机顶盒的菜单上,并接收用户的选取操作。 In step 402, the set top box is connected to the external storage device, and displays the information of the recorded program carried by the external storage device on the menu of the set top box, and receives the user's selection operation.
在步骤404中,根据所述选取操作生成播放指令,所述机顶盒根据播放指令读取需回放的录制节目RECORD CONTENT对应的元数据META DATA;如果读取失败,则执行步骤426,结束播放并提示用户;如果读取成功,则执行步骤406。In step 404, a play command is generated according to the selecting operation, and the set top box reads the metadata META DATA corresponding to the recorded program RECORD CONTENT to be played back according to the play instruction; if the reading fails, step 426 is executed to end the play and prompt User; if the reading is successful, step 406 is performed.
在步骤406中,机顶盒读取本机的芯片号码CHIP ID记为CHIP ID2,将所述CHIP ID2与META DATA中的CHIP ID1进行比较,如果CHIP ID1与CHIP ID2相等,则执行步骤408;否则,执行步骤412。In step 406, the set-top box reads the chip number CHIP ID of the local machine as CHIP ID2, compares the CHIP ID2 with the CHIP ID1 in META DATA, and if CHIP ID1 and CHIP ID2 are equal, step 408 is performed; otherwise, Go to step 412.
在步骤408中,机顶盒STB1将META DATA中的RECORD KEY1设置到加密引擎中解密出PVR KEY。In step 408, set top box STB1 sets RECORD KEY1 in META DATA to the encryption engine to decrypt the PVR KEY.
在步骤410中,机顶盒STB1利用PVR KEY解密录制内容RECORD CONTENT,得到解密后的音视频数据并完成播放,流程结束。In step 410, the set top box STB1 decrypts the recorded content RECORD CONTENT by using the PVR KEY, obtains the decrypted audio and video data and completes the playing, and the process ends.
在步骤412中,机顶盒STB2将所述META DATA数据以及CHIP ID2通过网络发送给PMS。In step 412, set top box STB2 sends the META DATA data and CHIP ID2 over the network to the PMS.
在步骤414中,所述PMS检索数据库以确定机顶盒STB2是否有回放权限:如果机顶盒STB2被允许播放,则执行步骤416;否则,所述PMS通过网络返回无法回放的权限信息给STB2并执行步骤420。In step 414, the PMS retrieves the database to determine whether the set top box STB2 has playback rights: if the set top box STB2 is allowed to play, step 416 is performed; otherwise, the PMS returns the unplayable rights information to the STB2 via the network and performs step 420. .
在步骤416中,所述PMS根据CHIP ID1对应的第一私有密钥SK1对RECORD KEY1解密得到PVR KEY,然后利用CHIP ID2对应的第二私有密钥SK2对PVR KEY加密得到RECORD KEY2。In step 416, the PMS decrypts the RECORD KEY1 according to the first private key SK1 corresponding to the CHIP ID1 to obtain the PVR KEY, and then encrypts the PVR KEY with the second private key SK2 corresponding to the CHID ID2 to obtain the RECORD KEY2.
在步骤418中,所述PMS将STB2的回放权限和RECORD KEY2通过网络返回给机顶盒STB2。In step 418, the PMS returns the playback rights of STB2 and RECORD KEY2 to the set top box STB2 over the network.
在步骤420中,所述机顶盒STB2判断所述PMS的返回结果:如果允许回放,则执行步骤422,如果不允许回放,则执行步骤426。In step 420, the set top box STB2 determines the return result of the PMS: if playback is allowed, step 422 is performed, and if playback is not allowed, step 426 is performed.
在步骤422中,机顶盒STB2将RECORD KEY2设置到加密引擎中,解密出PVR KEY。In step 422, the set top box STB2 sets RECORD KEY2 to the encryption engine to decrypt the PVR KEY.
在步骤424中,机顶盒STB2读取录制内容RECORD CONTENT,并利用PVR KEY对RECORD CONTENT解密,得到解密后的音视频数据并完成播放。In step 424, the set top box STB2 reads the recorded content RECORD CONTENT, and decrypts the RECORD CONTENT using the PVR KEY to obtain the decrypted audio and video data and complete the playing.
在步骤426中,停止回放。In step 426, playback is stopped.
本实施例还提供了一种PVR保护系统,如图5所示,可以包括:机顶盒100以及PVR的管理系统PMS200。This embodiment further provides a PVR protection system, as shown in FIG. 5, which may include: a set top box 100 and a PVR management system PMS200.
如图6所示,所述机顶盒100可以包括:第一发送模块101、第一解密模块 102以及保存模块103。As shown in FIG. 6, the set top box 100 may include: a first sending module 101, and a first decrypting module. 102 and save module 103.
所述第一发送模块101,设置为当录制指令被触发时,向PVR的管理系统PMS发送获取第一录制密钥的请求信息,其中,所述请求信息包括所述第一机顶盒的第一标识信息。所述第一解密模块102,设置为解密所述第一录制密钥以得到随机密钥,并采用所述随机密钥对解扰后的音视频数据进行加密得到加密节目。所述保存模块103,设置为将所述加密节目保存至外部存储设备,以实现PVR加密录制。The first sending module 101 is configured to: when the recording instruction is triggered, send, to the PVR management system PMS, the request information for acquiring the first recording key, where the request information includes the first identifier of the first set top box information. The first decryption module 102 is configured to decrypt the first recording key to obtain a random key, and encrypt the descrambled audio and video data by using the random key to obtain an encrypted program. The saving module 103 is configured to save the encrypted program to an external storage device to implement PVR encrypted recording.
所述管理系统PMS200,设置为根据所述请求信息生成一随机密钥,并根据所述第一标识信息对应的第一私有密钥对所述随机密钥进行加密以得到第一录制密钥。The management system PMS200 is configured to generate a random key according to the request information, and encrypt the random key according to the first private key corresponding to the first identification information to obtain a first recording key.
可选地,所述机顶盒还包括:比较模块104、第二发送模块105以及第二解密模块106。所述比较模块104,设置为当回放指令被触发时,从所述外部存储设备读取所述加密节目、所述第一标识信息以及所述第一录制密钥,将自身的第二标识信息与回放的录制节目对应的第一标识信息进行比较。第二发送模块105,设置为当所述第二标识信息与所述第一标识信息不相同时,将所述第二标识信息、第一标识信息以及录制节目对应的第一录制密钥发送至PMS。所述PVR管理系统PMS200还设置为:根据所述第二标识信息、对应的第一标识信息以及第一录制密钥生成第二录制密钥。Optionally, the set top box further includes: a comparison module 104, a second sending module 105, and a second decryption module 106. The comparison module 104 is configured to read the encrypted program, the first identification information, and the first recording key from the external storage device when the playback instruction is triggered, and set the second identification information of the second identification information. The first identification information corresponding to the recorded recorded program is compared. The second sending module 105 is configured to: when the second identifier information is different from the first identifier information, send the second identifier information, the first identifier information, and the first recording key corresponding to the recorded program to PMS. The PVR management system PMS200 is further configured to: generate a second recording key according to the second identifier information, the corresponding first identifier information, and the first recording key.
所述机顶盒100还可以包括:第二解密模块106,设置为对第二录制密钥进行解密以得到所述随机密钥,并利用所述随机密钥对所述加密节目进行解密,得到解密节目,以实现后续播放所述解密节目。可选地,所述机顶盒还包括:第三解密模块107,设置为当所述第二标识信息与所述第一标识信息相同时,解密所述第一录制密钥以得到所述随机密钥,并利用所述随机密钥对所述加密节目进行解密,得到所述解密节目。The set top box 100 may further include: a second decryption module 106 configured to decrypt the second recording key to obtain the random key, and decrypt the encrypted program by using the random key to obtain a decrypted program To achieve subsequent playback of the decrypted program. Optionally, the set top box further includes: a third decryption module 107, configured to decrypt the first recording key to obtain the random key when the second identifier information is the same as the first identifier information And decrypting the encrypted program by using the random key to obtain the decrypted program.
其中,上述机顶盒可以为包括多个机顶盒,每个机顶盒均可以设置上述第一发送模块101、第一解密模块102、保存模块103、比较模块104、第二发送模块105、第二解密模块106以及第三解密模块107,例如,上述机顶盒可以包括第一机顶盒和第二机顶盒,可以由第一机顶盒中设置的第一发送模块、第一解密模块、保存模块以及第三解密模块执行上述相应的操作,由第一机顶盒实现节目的加密录制;由第二机顶盒设置的比较模块、第二发送模块以及第二解密模块执行上述相应的操作,由第二机顶盒对加第一机顶盒录制的加密节目进 行解密,进行节目回放,实现多个机顶盒之间加密节目的资源共享。上述PVR保护系统的每一个模块在上述方法中已经详细说明,在这里就不再一一陈述。The set top box may include a plurality of set top boxes, and each of the set top boxes may be configured with the first sending module 101, the first decrypting module 102, the saving module 103, the comparing module 104, the second sending module 105, and the second decrypting module 106. The third decryption module 107, for example, the set top box may include a first set top box and a second set top box, and the corresponding operations may be performed by the first sending module, the first decrypting module, the saving module, and the third decrypting module disposed in the first set top box. Encrypted recording of the program by the first set top box; the comparison module, the second sending module and the second decrypting module set by the second set top box perform the corresponding operations, and the second set top box inputs the encrypted program recorded by the first set top box Decryption, program playback, and resource sharing of encrypted programs between multiple set-top boxes. Each of the above modules of the PVR protection system has been described in detail in the above method and will not be described here.
本实施例还提供一种个人视频录像PVR保护方法,可以应用于PVR的管理系统PMS,如图7所示,该方法可以包括步骤710-步骤760。This embodiment further provides a personal video recording PVR protection method, which can be applied to a PVR management system PMS. As shown in FIG. 7, the method may include steps 710-760.
在步骤710中,接收第一机顶盒发送的获取第一录制密钥的请求信息,其中,所述请求信息包括所述第一机顶盒的第一标识信息。In step 710, the request information for acquiring the first recording key sent by the first set top box is received, where the request information includes first identification information of the first set top box.
在步骤720中,根据所述第一标识信息,确定所述第一机顶盒是否有录制权限;当所述第一机顶盒有录制权限时,生成随机密钥,并根据所述第一标识信息和所述随机密钥,得到所述第一录制密钥。In step 720, determining, according to the first identification information, whether the first set top box has recording authority; when the first set top box has recording permission, generating a random key, and according to the first identification information and the The random key is obtained to obtain the first recording key.
在步骤730中,将所述第一录制密钥发送给所述第一机顶盒,以使所述第一机顶盒对所述第一录制密钥解密得到所述随机密钥,利用所述随机密钥对待加密的数据流进行加密,得到加密数据流,进而使第二机顶盒获取所述加密数据流、所述第一标识信息和所述第一录制密钥。In step 730, the first recording key is sent to the first set top box, so that the first set top box decrypts the first recording key to obtain the random key, and the random key is utilized. Encrypting the encrypted data stream to obtain an encrypted data stream, so that the second set top box acquires the encrypted data stream, the first identification information, and the first recording key.
在步骤740中,接收第二机顶盒发送的所述第一标识信息、所述第一录制密钥以及所述第二机顶盒的第二标识信息,其中所述第二机顶盒与第一机顶盒为不同的机顶盒。In step 740, the first identification information, the first recording key, and the second identification information of the second set top box sent by the second set top box are received, where the second set top box is different from the first set top box. Set-top box.
在步骤750中,根据所述第二标识信息,确定所述第二机顶盒是否有播放权限;当所述第二机顶盒有播放权限时,根据所述第一标识信息对所述第一录制密钥进行解密,得到所述随机密钥;根据所述第二标识信息和所述随机密钥,得到第二录制密钥。In step 750, determining, according to the second identifier information, whether the second set top box has a play permission; and when the second set top box has a play right, the first record key is used according to the first identifier information. Performing decryption to obtain the random key; and obtaining a second recording key according to the second identification information and the random key.
在步骤760中,将所述第二录制密钥发送至所述第二机顶盒,以使所述第二机顶盒解密所述第二录制密钥,得到所述随机密钥,并利用所述随机密钥解密所述加密数据流得到解密数据流。In step 760, the second recording key is sent to the second set top box, so that the second set top box decrypts the second recording key, the random key is obtained, and the random key is utilized. The key decrypts the encrypted data stream to obtain a decrypted data stream.
可选地,所述根据所述第一标识信息,确定所述第一机顶盒是否有录制权限包括:根据所述第一标识信息,获取所述第一机顶盒的录制权限信息;根据所述第一机顶盒的录制权限信息,判断所述第一机顶盒是否有录制权限。Optionally, the determining, according to the first identifier information, whether the first set top box has the recording permission comprises: acquiring the recording authority information of the first set top box according to the first identifier information; The recording permission information of the set top box determines whether the first set top box has recording permission.
可选地,所述根据所述第二标识信息,确定所述第二机顶盒是否有播放权限,包括:根据所述第二标识信息,获取所述第二机顶盒的播放权限信息;根据所述播放权限信息,判断所述第二机顶盒是否有播放权限。Optionally, the determining, according to the second identifier information, whether the second set top box has the play permission, the method includes: acquiring the play permission information of the second set top box according to the second identifier information; The permission information determines whether the second set top box has a play permission.
可选地,所述当所述第一机顶盒有录制权限时,生成随机密钥,并根据所述第一标识信息和所述随机密钥,得到所述第一录制密钥,包括:当所述第一 机顶盒有录制权限时,生成随机密钥,并根据所述第一标识信息获取所述第一机顶盒的第一私有密钥;根据所述第一私有密钥对所述随机密钥进行加密,得到所述第一录制密钥。Optionally, when the first set top box has the recording permission, generate a random key, and obtain the first recording key according to the first identification information and the random key, including: First When the set-top box has the recording permission, the random key is generated, and the first private key of the first set-top box is obtained according to the first identification information; and the random key is encrypted according to the first private key, The first recording key.
可选地,所述根据所述第二标识信息和所述随机密钥,得到第二录制密钥包括:根据所述第二标识信息,获取所述第二机顶盒的第二私有密钥;根据所述第二私有密钥对所述随机密钥进行加密,得到第二录制密钥。Optionally, the obtaining, according to the second identifier information, the second record key, the second private key of the second set top box is obtained according to the second identifier information; The second private key encrypts the random key to obtain a second recording key.
本实施例还提供一种个人视频录像PVR保护方法,可以应用于第一机顶盒,如图8所示,该方法可以包括步骤810-步骤830。The embodiment further provides a personal video recording PVR protection method, which can be applied to the first set top box. As shown in FIG. 8, the method may include steps 810- 830.
在步骤810中,向PVR的管理系统PMS发送第一录制密钥的请求信息,其中,所述请求信息包括所述第一机顶盒的第一标识信息,以使所述PMS根据所述第一标识信息,确定所述第一机顶盒是否有录制权限,并在所述第一机顶盒有录制权限时,生成随机密钥,并根据所述第一标识信息和所述随机密钥,得到并向所述第一机顶盒发送所述第一录制密钥。In step 810, the request information of the first recording key is sent to the management system PMS of the PVR, where the request information includes first identification information of the first set top box, so that the PMS is based on the first identifier. Determining whether the first set top box has recording permission, and generating a random key when the first set top box has recording permission, and obtaining and reporting the first identification information according to the first identification information and the random key The first set top box sends the first recording key.
在步骤820中,接收所述PVR的管理系统PMS发送的所述第一录制密钥。In step 820, the first recording key sent by the management system PMS of the PVR is received.
在步骤830中,对所述第一录制密钥解密得到所述随机密钥,利用所述随机密钥对待加密的数据流进行加密,得到加密数据流。In step 830, the first recording key is decrypted to obtain the random key, and the data stream to be encrypted is encrypted by the random key to obtain an encrypted data stream.
可选地,所述对所述第一录制密钥解密得到所述随机密钥,包括:利用所述第一标识信息对应的第一私有密钥对所述第一录制密钥进行解密,得到所述随机密钥。Optionally, the decrypting the first recording key to obtain the random key comprises: decrypting the first recording key by using a first private key corresponding to the first identification information, to obtain The random key.
本实施例还提供一种个人视频录像PVR保护方法,可以应用于第二机顶盒,如图9所示,该方法可以包括步骤910-步骤930。This embodiment further provides a personal video recording PVR protection method, which can be applied to a second set top box. As shown in FIG. 9, the method may include steps 910-930.
在步骤910中,获取第一机顶盒进行加密后的加密数据流、第一机顶盒的第一标识信息和第一录制密钥,其中,所述第一录制密钥为PVR的管理系统PMS在所述第一机顶盒有录制权限时,根据生成的随机密钥和所述第一标识信息得到的。In step 910, the encrypted data stream after the first set top box is encrypted, the first identification information of the first set top box, and the first recording key are obtained, where the first recording key is a PVR management system PMS. When the first set top box has recording permission, it is obtained according to the generated random key and the first identification information.
在步骤920中,向所述PMS发送所述第一标识信息、所述第一录制密钥和所述第二机顶盒的第二标识信息,以使所述PMS根据所述第二标识信息,确定所述第二机顶盒是否有播放权限,并在所述第二机顶盒有播放权限时,根据所述第一标识信息对所述第一录制密钥进行解密,得到所述随机密钥,并根据所述第二标识信息和所述随机密钥,得到第二录制密钥,并向所述第二机顶盒发送所述第二录制密钥。 In step 920, the first identifier information, the first recording key, and the second identifier information of the second set top box are sent to the PMS, so that the PMS determines according to the second identifier information. Whether the second set top box has the playing right, and when the second set top box has the playing right, decrypting the first recording key according to the first identification information, obtaining the random key, and according to the Decoding the second identification information and the random key to obtain a second recording key, and sending the second recording key to the second set top box.
在步骤930中,接收所述PVR的管理系统PMS发送的所述第二录制密钥;对所述第二录制密钥解密得到所述随机密钥,利用所述随机密钥对所述加密数据流进行解密,得到解密数据流。In step 930, receiving the second recording key sent by the management system PMS of the PVR; decrypting the second recording key to obtain the random key, and using the random key to pair the encrypted data The stream is decrypted to obtain a decrypted data stream.
可选地,所述对所述第二录制密钥解密得到所述随机密钥,包括:利用所述第二标识信息对应的第二私有密钥对所述第二录制密钥进行解密,得到所述随机密钥。Optionally, the decrypting the second recording key to obtain the random key comprises: decrypting the second recording key by using a second private key corresponding to the second identifier information, to obtain The random key.
其中,上述第一机顶盒与第二机顶盒可以互换,即也可以由第一机顶盒实现节目的加密录制,由第二机顶盒实现节目的解密及播放,第一机顶盒与第二机顶盒均能够执行上述节目解密和节目解密的步骤。The first set top box and the second set top box are interchangeable, that is, the first set top box can also realize encrypted recording of the program, and the second set top box can realize decryption and playing of the program, and the first set top box and the second set top box can execute the program. The steps of decryption and program decryption.
本实施例还提供一种PVR的管理系统PMS,如图10所示,该系统可以包括:The embodiment also provides a PVR management system PMS. As shown in FIG. 10, the system may include:
接收模块1010,设置为:接收第一机顶盒发送的获取第一录制密钥的请求信息,其中,所述请求信息包括所述第一机顶盒的第一标识信息。The receiving module 1010 is configured to: receive request information for acquiring a first recording key sent by the first set top box, where the request information includes first identifier information of the first set top box.
权限判断模块1020,设置为:根据所述第一标识信息,确定所述第一机顶盒是否有录制权限。The authority judging module 1020 is configured to: determine, according to the first identifier information, whether the first set top box has recording authority.
密钥处理模块1030,设置为:当所述第一机顶盒有录制权限时,生成随机密钥,并根据所述第一标识信息和所述随机密钥,得到所述第一录制密钥。The key processing module 1030 is configured to: when the first set top box has recording permission, generate a random key, and obtain the first recording key according to the first identification information and the random key.
数据处理模块1040,设置为:将所述第一录制密钥发送给所述第一机顶盒,以使所述第一机顶盒对所述第一录制密钥解密得到所述随机密钥,利用所述随机密钥对待加密的数据流进行加密,得到加密数据流,进而使第二机顶盒获取所述加密数据流、所述第一标识信息和所述第一录制密钥。The data processing module 1040 is configured to: send the first recording key to the first set top box, so that the first set top box decrypts the first recording key to obtain the random key, by using the The random key encrypts the encrypted data stream to obtain an encrypted data stream, so that the second set top box acquires the encrypted data stream, the first identification information, and the first recording key.
所述接收模块1010还设置为:接收第二机顶盒发送的所述第一标识信息、所述第一录制密钥以及所述第二机顶盒的第二标识信息,其中所述第二机顶盒与第一机顶盒为不同的机顶盒。The receiving module 1010 is further configured to: receive the first identifier information sent by the second set top box, the first recording key, and second identifier information of the second set top box, where the second set top box is first Set-top boxes are different set-top boxes.
所述权限判断模块1020还设置为:根据所述第二标识信息,确定所述第二机顶盒是否有播放权限。The authority determining module 1020 is further configured to: determine, according to the second identifier information, whether the second set top box has a play right.
所述密钥处理模块1030还设置为:当所述第二机顶盒有播放权限时,根据所述第一标识信息对所述第一录制密钥进行解密,得到所述随机密钥;根据所述第二标识信息和所述随机密钥,得到第二录制密钥。The key processing module 1030 is further configured to: when the second set top box has a play permission, decrypt the first record key according to the first identifier information, to obtain the random key; The second identification information and the random key obtain a second recording key.
所述数据处理模块1040还设置为:将所述第二录制密钥发送至所述第二机顶盒,以使所述第二机顶盒解密所述第二录制密钥,得到所述随机密钥,并利 用所述随机密钥解密所述加密数据流得到解密数据流。The data processing module 1040 is further configured to: send the second recording key to the second set top box, so that the second set top box decrypts the second recording key to obtain the random key, and Profit Decrypting the encrypted data stream with the random key results in a decrypted data stream.
可选地,权限判断模块1020是设置为:根据所述第一标识信息,获取所述第一机顶盒的录制权限信息;根据所述第一机顶盒的录制权限信息,判断所述第一机顶盒是否有录制权限;根据所述第二标识信息,获取所述第二机顶盒的播放权限信息;根据所述播放权限信息,判断所述第二机顶盒是否有播放权限。Optionally, the permission judging module 1020 is configured to: obtain the recording permission information of the first set top box according to the first identification information; and determine, according to the recording permission information of the first set top box, whether the first set top box has Recording authority; obtaining, according to the second identifier information, the playing permission information of the second set top box; and determining, according to the playing right information, whether the second set top box has a playing right.
密钥处理模块1030是设置为:当所述第一机顶盒有录制权限时,生成随机密钥,并根据所述第一标识信息获取所述第一机顶盒的第一私有密钥;根据所述第一私有密钥对所述随机密钥进行加密,得到所述第一录制密钥。The key processing module 1030 is configured to: when the first set top box has recording permission, generate a random key, and acquire a first private key of the first set top box according to the first identification information; A private key encrypts the random key to obtain the first recording key.
密钥处理模块1030还设置为:根据所述第二标识信息,获取所述第二机顶盒的第二私有密钥;根据所述第二私有密钥对所述随机密钥进行加密,得到第二录制密钥。The key processing module 1030 is further configured to: acquire a second private key of the second set top box according to the second identification information; and encrypt the random key according to the second private key to obtain a second Record the key.
以上所描述的装置实施例仅仅是示意性的,例如,所述模块的划分,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式,例如多个单元或组件可以结合或者可以集成到另一个系统,或一些特征可以忽略,或不执行。所显示或讨论的相互之间的耦合或直接耦合或通信连接可以是通过一些接口,装置或单元的间接耦合或通信连接,可以是电性,机械或其它的形式。The device embodiments described above are merely illustrative. For example, the division of the modules is only a logical function division. In actual implementation, there may be another division manner. For example, multiple units or components may be combined or integrated. Go to another system, or some features can be ignored or not executed. The mutual coupling or direct coupling or communication connection shown or discussed may be an indirect coupling or communication connection through some interface, device or unit, and may be in electrical, mechanical or other form.
所述作为分离部件说明的单元可以是或者也可以不是物理上分开的,作为单元显示的部件可以是或者也可以不是物理单元,即可以位于一个地方,或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部单元来实现本实施例方案的目的。The units described as separate components may or may not be physically separated, and the components displayed as units may or may not be physical units, that is, may be located in one place, or may be distributed to multiple network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of the embodiment.
另外,在本实施例中的多个功能单元可以集成在一个处理单元中,也可以是每一个单元单独物理存在,也可以两个或两个以上单元集成在一个单元中。上述集成的单元既可以采用硬件的形式实现,也可以采用硬件加软件功能单元的形式实现。In addition, the plurality of functional units in the embodiment may be integrated into one processing unit, or each unit may exist physically separately, or two or more units may be integrated into one unit. The above integrated unit can be implemented in the form of hardware or in the form of hardware plus software functional units.
上述以软件功能单元的形式实现的集成的单元,可以存储在一个计算机可读取存储介质中。上述软件功能单元存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)或处理器(processor)执行本实施例所述任意方法的全部或部分步骤。而前述的存储介质包括:U盘、移动硬盘、只读存储器(Read-Only Memory,ROM)、随机存取存储器(Random Access Memory,RAM)、磁碟或者光盘等各种可以存储程序代码的介质。 The above-described integrated unit implemented in the form of a software functional unit can be stored in a computer readable storage medium. The above software functional unit is stored in a storage medium and includes a plurality of instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) or a processor to execute all of the methods described in this embodiment. Or part of the steps. The foregoing storage medium includes: a U disk, a mobile hard disk, a read-only memory (ROM), a random access memory (RAM), a magnetic disk, or an optical disk, and the like, which can store program codes. .
本实施例还提供一种计算机可读存储介质,存储有计算机可执行指令,所述计算机可执行指令用于执行上述任意一种方法。The embodiment further provides a computer readable storage medium storing computer executable instructions for performing any of the above methods.
如图11所示,是本实施例提供的一种PVR管理设备的硬件结构示意图,如图11所示,该PVR管理设备包括:处理器(processor)1110和存储器(memory)1120;还可以包括通信接口(Communications Interface)1130和总线1140。As shown in FIG. 11 , it is a hardware structure diagram of a PVR management device provided by this embodiment. As shown in FIG. 11 , the PVR management device includes: a processor 1110 and a memory 1120. Communication Interface 1130 and Bus 1140.
其中,处理器1110、存储器1120和通信接口1130可以通过总线1140完成相互间的通信。通信接口1130可以用于信息传输。处理器1110可以调用存储器1120中的逻辑指令,以执行上述实施例提供的相应方法。The processor 1110, the memory 1120, and the communication interface 1130 can complete communication with each other through the bus 1140. Communication interface 1130 can be used for information transmission. The processor 1110 can invoke logic instructions in the memory 1120 to perform the respective methods provided by the above embodiments.
如图12所示,是本实施例提供的一种机顶盒的硬件结构示意图,如图12所示,该机顶盒包括:处理器1210和存储器1220;还可以包括通信接口1230和总线1240。As shown in FIG. 12, it is a hardware structure diagram of a set top box provided by this embodiment. As shown in FIG. 12, the set top box includes: a processor 1210 and a memory 1220; and may further include a communication interface 1230 and a bus 1240.
其中,处理器1210、存储器1220和通信接口1230可以通过总线1240完成相互间的通信。通信接口1230可以用于信息传输。处理器1210可以调用存储器1220中的逻辑指令,以执行上述实施例提供的相应方法。The processor 1210, the memory 1220, and the communication interface 1230 can complete communication with each other through the bus 1240. Communication interface 1230 can be used for information transfer. The processor 1210 can invoke logic instructions in the memory 1220 to perform the respective methods provided by the above embodiments.
上述存储器1120和存储器1220均可以包括存储程序区和存储数据区,存储程序区可以存储操作系统和至少一个功能所需的应用程序。存储数据区可以存储根据电子设备的使用所创建的数据等。此外,存储器可以包括,例如,随机存取存储器的易失性存储器,还可以包括非易失性存储器。例如至少一个磁盘存储器件、闪存器件或者其他非暂态固态存储器件。Both the memory 1120 and the memory 1220 may include a storage program area and a storage data area, and the storage program area may store an operating system and an application required for at least one function. The storage data area can store data and the like created according to the use of the electronic device. Further, the memory may include, for example, a volatile memory of a random access memory, and may also include a non-volatile memory. For example, at least one disk storage device, flash memory device, or other non-transitory solid state storage device.
此外,在上述存储器1120和存储器1220中的逻辑指令均可以通过软件功能单元的形式实现并作为独立的产品销售或使用时,该逻辑指令可以存储在一个计算机可读取存储介质中。本公开的技术方案可以以计算机软件产品的形式体现出来,该计算机软件产品可以存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行本实施例提供的相应的方法的全部或部分步骤。Moreover, when any of the logic instructions in memory 1120 and memory 1220 described above can be implemented in the form of a software functional unit and sold or used as a stand-alone product, the logic instructions can be stored in a computer readable storage medium. The technical solution of the present disclosure may be embodied in the form of a computer software product, which may be stored in a storage medium, and includes a plurality of instructions for causing a computer device (which may be a personal computer, a server, a network device, etc.) All or part of the steps of the corresponding method provided by the embodiment are performed.
存储介质可以是非暂态存储介质,也可以是暂态存储介质。非暂态存储介质可以包括:U盘、移动硬盘、只读存储器(Read-Only Memory,ROM)、随机存取存储器(Random Access Memory,RAM)、磁碟或者光盘等多种可以存储程序代码的介质。The storage medium may be a non-transitory storage medium or a transitory storage medium. The non-transitory storage medium may include: a U disk, a mobile hard disk, a read-only memory (ROM), a random access memory (RAM), a magnetic disk, or an optical disk, and the like, which can store program codes. medium.
上述实施例方法中的全部或部分流程,是可以通过计算机程序来指示相关 的硬件完成的,该程序可存储于一个非暂态计算机可读存储介质中,该程序被执行时,可实现上述方法的实施例的流程。All or part of the process in the above embodiment method can be indicated by a computer program. The hardware is completed, and the program can be stored in a non-transitory computer readable storage medium. When the program is executed, the flow of the embodiment of the above method can be implemented.
工业实用性Industrial applicability
本公开提供一种PVR保护方法,通过PMS生成用于对节目进行加密录制的随机密钥,并且在回放时通过PMS获取该随机密钥,并通过该随机密钥解密节目,使得除录制节目的机顶盒之外的其他机顶盒也可以回放该加密录制的节目,实现录制节目的共享。 The present disclosure provides a PVR protection method for generating a random key for encrypting and recording a program through a PMS, and acquiring the random key through a PMS during playback, and decrypting the program by the random key, so that the program is recorded except Other set-top boxes other than the set-top box can also play back the encrypted recorded program to share the recorded program.

Claims (20)

  1. 一种个人视频录像PVR保护方法,包括录制过程,所述录制过程包括:A personal video recording PVR protection method includes a recording process, and the recording process includes:
    当第一机顶盒的录制指令被触发时,所述第一机顶盒向PVR的管理系统PMS发送获取第一录制密钥的请求信息,其中,所述请求信息包括所述第一机顶盒的第一标识信息;When the recording instruction of the first set top box is triggered, the first set top box sends request information for acquiring the first recording key to the management system PMS of the PVR, where the request information includes the first identification information of the first set top box. ;
    所述PMS接收所述请求信息并生成一随机密钥,根据所述第一标识信息对应的第一私有密钥对所述随机密钥进行加密以得到所述第一录制密钥,并发送所述第一录制密钥至所述第一机顶盒;The PMS receives the request information and generates a random key, and encrypts the random key according to the first private key corresponding to the first identification information to obtain the first recording key, and sends the Decoding a first recording key to the first set top box;
    所述第一机顶盒接收并解密所述第一录制密钥以得到所述随机密钥,并采用所述随机密钥对解扰后的音视频数据进行加密得到加密节目;以及Receiving, by the first set top box, the first recording key to obtain the random key, and encrypting the descrambled audio and video data by using the random key to obtain an encrypted program;
    所述第一机顶盒将所述加密节目保存至外部存储设备,实现PVR加密录制。The first set top box saves the encrypted program to an external storage device to implement PVR encrypted recording.
  2. 根据权利要求1所述的方法,其中,所述PMS接收所述请求信息并生成一随机密钥,根据所述第一标识信息对应的第一私有密钥对所述随机密钥进行加密以得到所述第一录制密钥,并发送所述第一录制密钥至所述第一机顶盒之后还包括:The method according to claim 1, wherein the PMS receives the request information and generates a random key, and encrypts the random key according to the first private key corresponding to the first identification information to obtain After the first recording key and sending the first recording key to the first set top box, the method further includes:
    所述第一机顶盒建立所述第一标识信息以及所述第一录制密钥的关联关系,并将所述关联关系存储于所述外部存储设备。The first set top box establishes an association relationship between the first identification information and the first recording key, and stores the association relationship in the external storage device.
  3. 根据权利要求1所述的方法,其中,所述PMS根据所述请求信息生成一随机密钥,并根据所述第一标识信息对应的第一私有密钥对所述随机密钥进行加密以得到所述第一录制密钥包括:The method according to claim 1, wherein the PMS generates a random key according to the request information, and encrypts the random key according to the first private key corresponding to the first identification information to obtain The first recording key includes:
    所述PMS根据所述第一标识信息查询所述第一机顶盒是否具有录制权限;The PMS queries, according to the first identification information, whether the first set top box has recording permission;
    当所述第一机顶盒具有录制权限时,所述PMS根据所述请求信息生成一随机密钥,并根据所述第一标识信息对应的第一私有密钥对所述随机密钥加密以得到第一录制密钥。When the first set top box has the recording permission, the PMS generates a random key according to the request information, and encrypts the random key according to the first private key corresponding to the first identification information to obtain the first A recording key.
  4. 根据权利要求2项所述的方法,其中,所述方法还包括:PVR回放过程,所述PVR回放过程包括:The method of claim 2, wherein the method further comprises: a PVR playback process, the PVR playback process comprising:
    当第二机顶盒接收到回放指令时,从所述外部存储设备读取所述加密节目、所述第一标识信息以及所述第一录制密钥,将所述第二机顶盒的第二标识信息与所述第一标识信息进行比较;When the second set top box receives the playback instruction, the encrypted program, the first identification information, and the first recording key are read from the external storage device, and the second identification information of the second set top box is The first identification information is compared;
    当所述第二标识信息与所述第一标识信息不相同时,所述第二机顶盒将所述第二标识信息、所述第一标识信息以及所述第一录制密钥发送至所述PMS;When the second identification information is different from the first identification information, the second set top box sends the second identification information, the first identification information, and the first recording key to the PMS ;
    所述PMS根据所述第二标识信息、所述第一标识信息以及所述第一录制密 钥生成第二录制密钥;The PMS is configured according to the second identifier information, the first identifier information, and the first recorded secret The key generates a second recording key;
    所述第二机顶盒对所述第二录制密钥进行解密以得到所述随机密钥,并利用所述随机密钥对所述加密节目进行解密,得到解密节目,并播放所述解密节目。The second set top box decrypts the second recording key to obtain the random key, and decrypts the encrypted program by using the random key to obtain a decrypted program, and plays the decrypted program.
  5. 根据权利要求4所述的方法,其中,将所述第二机顶盒的第二标识信息与所述第一标识信息进行比较之后还包括:The method of claim 4, wherein comparing the second identification information of the second set top box with the first identification information further comprises:
    当所述第二标识信息与所述第一标识信息相同时,所述第二机顶盒则根据所述第二标识信息解密所述第一录制密钥以得到所述随机密钥;When the second identification information is the same as the first identification information, the second set top box decrypts the first recording key according to the second identification information to obtain the random key;
    所述第二机顶盒利用所述随机密钥对所述加密节目进行解密,得到所述解密节目,并播放所述解密节目。The second set top box decrypts the encrypted program by using the random key to obtain the decrypted program, and plays the decrypted program.
  6. 根据权利要求4所述的方法,其中,所述PMS根据所述第二标识信息、所述第一标识信息以及所述第一录制密钥生成第二录制密钥包括:The method of claim 4, wherein the generating, by the PMS, the second recording key according to the second identification information, the first identification information, and the first recording key comprises:
    所述PMS根据所述第一标识信息对应的第一私有密钥对所述第一录制密钥进行解密得到所述随机密钥;以及Decrypting the first recording key by the PMS according to the first private key corresponding to the first identification information to obtain the random key;
    所述PMS根据所述第二标识信息对应的第二私有密钥对所述随机密钥进行加密生成所述第二录制密钥。The PMS encrypts the random key according to the second private key corresponding to the second identification information to generate the second recording key.
  7. 根据权利要求4所述的方法,其中,所述PMS根据所述第二标识信息、所述第一标识信息以及所述第一录制密钥生成第二录制密钥之前还包括:The method of claim 4, wherein before the PMS generates the second recording key according to the second identification information, the first identification information, and the first recording key, the method further includes:
    所述PMS根据所述第二标识信息判断所述第二机顶盒是否具有回放权限,并当所述第二机顶盒具有录制权限时,执行生成所述第二录制密钥的步骤。The PMS determines, according to the second identifier information, whether the second set top box has playback rights, and when the second set top box has recording rights, performs the step of generating the second recording key.
  8. 一种个人视频录像PVR保护系统,包括:机顶盒以及PVR的管理系统PMS;A personal video recording PVR protection system includes: a set top box and a PVR management system PMS;
    所述机顶盒包括:第一发送模块、第一解密模块以及保存模块;The set top box includes: a first sending module, a first decrypting module, and a saving module;
    所述第一发送模块,设置为当录制指令被触发时,向PVR的管理系统PMS发送获取第一录制密钥的请求信息,其中,所述请求信息包括所述机顶盒的第一标识信息;The first sending module is configured to: when the recording instruction is triggered, send the request information for acquiring the first recording key to the PMS management system PMS, where the request information includes the first identification information of the set top box;
    所述第一解密模块,设置为解密所述第一录制密钥以得到随机密钥,并采用所述随机密钥对解扰后的音视频数据进行加密得到加密节目;The first decryption module is configured to decrypt the first recording key to obtain a random key, and use the random key to encrypt the descrambled audio and video data to obtain an encrypted program;
    所述保存模块,设置为将所述加密节目保存至外部存储设备,实现PVR加密录制;The saving module is configured to save the encrypted program to an external storage device to implement PVR encrypted recording;
    管理系统PMS,设置为接收所述请求信息并生成一随机密钥,根据所述第 一标识信息对应的第一私有密钥对所述随机密钥进行加密以得到第一录制密钥。a management system PMS, configured to receive the request information and generate a random key, according to the The first private key corresponding to the identification information encrypts the random key to obtain a first recording key.
  9. 根据权利要求8所述的PVR保护系统,其中,所述机顶盒还包括:比较模块、第二发送模块以及第二解密模块;The PVR protection system of claim 8, wherein the set top box further comprises: a comparison module, a second sending module, and a second decryption module;
    所述比较模块,设置为当回放指令被触发时,从所述外部存储设备读取所述加密节目、所述第一标识信息以及所述第一录制密钥,将获取的第二标识信息与所述第一标识信息进行比较;The comparing module is configured to: when the playback instruction is triggered, read the encrypted program, the first identification information, and the first recording key from the external storage device, and obtain the second identification information and The first identification information is compared;
    第二发送模块,设置为当所述第二标识信息与所述第一标识信息不相同时,将所述第二标识信息、第一标识信息以及录制节目对应的第一录制密钥发送至所述PMS;The second sending module is configured to: when the second identifier information is different from the first identifier information, send the second identifier information, the first identifier information, and the first recording key corresponding to the recorded program to the PMS;
    第二解密模块,设置为对第二录制密钥进行解密以得到所述随机密钥,并利用所述随机密钥对所述加密节目进行解密,得到解密节目;a second decryption module, configured to decrypt the second recording key to obtain the random key, and decrypt the encrypted program by using the random key to obtain a decrypted program;
    所述PMS还设置为根据所述第二标识信息、所述第一标识信息以及所述第一录制密钥生成第二录制密钥。The PMS is further configured to generate a second recording key according to the second identification information, the first identification information, and the first recording key.
  10. 根据权利要求9所述的PVR保护系统,其中,所述机顶盒还包括:The PVR protection system of claim 9, wherein the set top box further comprises:
    第三解密模块,设置为当所述第二标识信息与所述第一标识信息相同时,解密所述第一录制密钥以得到所述随机密钥,并利用所述随机密钥对所述加密节目进行解密,得到所述解密节目。a third decryption module, configured to: when the second identification information is the same as the first identification information, decrypt the first recording key to obtain the random key, and use the random key pair to The encrypted program is decrypted to obtain the decrypted program.
  11. 一种个人视频录像PVR保护方法,应用于PVR的管理系统PMS,包括:A personal video recording PVR protection method applied to a PVR management system PMS, comprising:
    接收第一机顶盒发送的获取第一录制密钥的请求信息,其中,所述请求信息包括所述第一机顶盒的第一标识信息;Receiving, by the first set top box, request information for acquiring a first recording key, where the request information includes first identification information of the first set top box;
    根据所述第一标识信息,确定所述第一机顶盒是否有录制权限;Determining, according to the first identifier information, whether the first set top box has recording permission;
    当所述第一机顶盒有录制权限时,生成随机密钥,并根据所述第一标识信息和所述随机密钥,得到所述第一录制密钥;When the first set top box has the recording permission, generating a random key, and obtaining the first recording key according to the first identification information and the random key;
    将所述第一录制密钥发送给所述第一机顶盒,以使所述第一机顶盒对所述第一录制密钥解密得到所述随机密钥,利用所述随机密钥对待加密的数据流进行加密,得到加密数据流,进而使第二机顶盒获取所述加密数据流、所述第一标识信息和所述第一录制密钥;Transmitting the first recording key to the first set top box, so that the first set top box decrypts the first recording key to obtain the random key, and the data stream to be encrypted by using the random key Performing encryption to obtain an encrypted data stream, so that the second set top box acquires the encrypted data stream, the first identification information, and the first recording key;
    接收第二机顶盒发送的所述第一标识信息、所述第一录制密钥以及所述第二机顶盒的第二标识信息,其中所述第二机顶盒与第一机顶盒为不同的机顶盒; Receiving, by the second set top box, the first identification information, the first recording key, and the second identification information of the second set top box, where the second set top box and the first set top box are different set top boxes;
    根据所述第二标识信息,确定所述第二机顶盒是否有播放权限;Determining, according to the second identifier information, whether the second set top box has a play permission;
    当所述第二机顶盒有播放权限时,根据所述第一标识信息对所述第一录制密钥进行解密,得到所述随机密钥;Decrypting the first recording key according to the first identification information to obtain the random key when the second set top box has a play permission;
    根据所述第二标识信息和所述随机密钥,得到第二录制密钥;Obtaining a second recording key according to the second identification information and the random key;
    将所述第二录制密钥发送至所述第二机顶盒,以使所述第二机顶盒解密所述第二录制密钥,得到所述随机密钥,并利用所述随机密钥解密所述加密数据流得到解密数据流。Transmitting the second recording key to the second set top box, so that the second set top box decrypts the second recording key, obtaining the random key, and decrypting the encryption by using the random key The data stream gets the decrypted data stream.
  12. 根据权利要求11所述的方法,其中,所述根据所述第一标识信息,确定所述第一机顶盒是否有录制权限包括:The method according to claim 11, wherein the determining, according to the first identification information, whether the first set top box has recording rights comprises:
    根据所述第一标识信息,获取所述第一机顶盒的录制权限信息;Acquiring the recording permission information of the first set top box according to the first identifier information;
    根据所述第一机顶盒的录制权限信息,判断所述第一机顶盒是否有录制权限;Determining, according to the recording permission information of the first set top box, whether the first set top box has recording permission;
    所述根据所述第二标识信息,确定所述第二机顶盒是否有播放权限,包括:Determining, according to the second identifier information, whether the second set top box has a play permission, including:
    根据所述第二标识信息,获取所述第二机顶盒的播放权限信息;Obtaining the playing right information of the second set top box according to the second identifier information;
    根据所述播放权限信息,判断所述第二机顶盒是否有播放权限。Determining whether the second set top box has a play permission according to the play permission information.
  13. 根据权利要求11所述的方法,其中,所述当所述第一机顶盒有录制权限时,生成随机密钥,并根据所述第一标识信息和所述随机密钥,得到所述第一录制密钥,包括:The method according to claim 11, wherein when the first set top box has recording authority, a random key is generated, and the first recording is obtained according to the first identification information and the random key. Key, including:
    当所述第一机顶盒有录制权限时,生成随机密钥,并根据所述第一标识信息获取所述第一机顶盒的第一私有密钥;Generating a random key when the first set top box has the recording permission, and acquiring the first private key of the first set top box according to the first identification information;
    根据所述第一私有密钥对所述随机密钥进行加密,得到所述第一录制密钥。And encrypting the random key according to the first private key to obtain the first recording key.
  14. 根据权利要求11所述的方法,其中,所述根据所述第二标识信息和所述随机密钥,得到第二录制密钥包括:The method according to claim 11, wherein the obtaining the second recording key according to the second identification information and the random key comprises:
    根据所述第二标识信息,获取所述第二机顶盒的第二私有密钥;Obtaining, according to the second identifier information, a second private key of the second set top box;
    根据所述第二私有密钥对所述随机密钥进行加密,得到第二录制密钥。Encrypting the random key according to the second private key to obtain a second recording key.
  15. 一种个人视频录像PVR保护方法,应用于第一机顶盒,包括:A personal video recording PVR protection method is applied to a first set top box, including:
    向PVR的管理系统PMS发送第一录制密钥的请求信息,其中,所述请求信息包括所述第一机顶盒的第一标识信息,以使所述PMS根据所述第一标识信息,确定所述第一机顶盒是否有录制权限,并在所述第一机顶盒有录制权限时,生成随机密钥,并根据所述第一标识信息和所述随机密钥,得到并向所述第一机顶盒发送所述第一录制密钥; Sending the request information of the first recording key to the management system PMS of the PVR, where the request information includes the first identification information of the first set top box, so that the PMS determines the according to the first identification information. Whether the first set top box has the recording permission, and when the first set top box has the recording permission, generates a random key, and obtains and sends the first set top box according to the first identification information and the random key. Describe the first recording key;
    接收所述PVR的管理系统PMS发送的所述第一录制密钥;Receiving the first recording key sent by the management system PMS of the PVR;
    对所述第一录制密钥解密得到所述随机密钥,利用所述随机密钥对待加密的数据流进行加密,得到加密数据流。Decrypting the first recording key to obtain the random key, and encrypting the data stream to be encrypted by using the random key to obtain an encrypted data stream.
  16. 根据权利要求15所述的方法,其中,所述对所述第一录制密钥解密得到所述随机密钥,包括:The method of claim 15, wherein the decrypting the first recording key to obtain the random key comprises:
    利用所述第一标识信息对应的第一私有密钥对所述第一录制密钥进行解密,得到所述随机密钥。Decrypting the first recording key by using a first private key corresponding to the first identifier information to obtain the random key.
  17. 一种个人视频录像PVR保护方法,应用于第二机顶盒,包括:A personal video recording PVR protection method is applied to a second set top box, including:
    获取第一机顶盒进行加密后的加密数据流、第一机顶盒的第一标识信息和第一录制密钥,其中,所述第一录制密钥为PVR的管理系统PMS在所述第一机顶盒有录制权限时,根据生成的随机密钥和所述第一标识信息得到的;Acquiring the encrypted data stream after the first set top box is encrypted, the first identification information of the first set top box, and the first recording key, wherein the management system PMS whose first recording key is a PVR is recorded in the first set top box When the permission is obtained, according to the generated random key and the first identification information;
    向所述PMS发送所述第一标识信息、所述第一录制密钥和所述第二机顶盒的第二标识信息,以使所述PMS根据所述第二标识信息,确定所述第二机顶盒是否有播放权限,并在所述第二机顶盒有播放权限时,根据所述第一标识信息对所述第一录制密钥进行解密,得到所述随机密钥,并根据所述第二标识信息和所述随机密钥,得到第二录制密钥,并向所述第二机顶盒发送所述第二录制密钥;Sending, by the PMS, the first identification information, the first recording key, and the second identification information of the second set top box, so that the PMS determines the second set top box according to the second identification information. Whether there is a play permission, and when the second set top box has a play permission, decrypting the first record key according to the first identifier information, obtaining the random key, and according to the second identifier information And obtaining the second recording key by using the random key, and sending the second recording key to the second set top box;
    接收所述PVR的管理系统PMS发送的所述第二录制密钥;Receiving the second recording key sent by the management system PMS of the PVR;
    对所述第二录制密钥解密得到所述随机密钥,利用所述随机密钥对所述加密数据流进行解密,得到解密数据流。Decrypting the second recording key to obtain the random key, and decrypting the encrypted data stream by using the random key to obtain a decrypted data stream.
  18. 根据权利要求17所述的方法,其中,所述对所述第二录制密钥解密得到所述随机密钥,包括:The method of claim 17, wherein the decrypting the second recording key to obtain the random key comprises:
    利用所述第二标识信息对应的第二私有密钥对所述第二录制密钥进行解密,得到所述随机密钥。Decrypting the second recording key by using a second private key corresponding to the second identifier information to obtain the random key.
  19. 一种PVR的管理系统PMS,包括:A PVR management system PMS, comprising:
    接收模块,设置为:接收第一机顶盒发送的获取第一录制密钥的请求信息,其中,所述请求信息包括所述第一机顶盒的第一标识信息;The receiving module is configured to: receive the request information for acquiring the first recording key sent by the first set top box, where the request information includes the first identification information of the first set top box;
    权限判断模块,设置为:根据所述第一标识信息,确定所述第一机顶盒是否有录制权限;The permission judging module is configured to: determine, according to the first identifier information, whether the first set top box has recording permission;
    密钥处理模块,设置为:当所述第一机顶盒有录制权限时,生成随机密钥,并根据所述第一标识信息和所述随机密钥,得到所述第一录制密钥; a key processing module, configured to: when the first set top box has a recording permission, generate a random key, and obtain the first recording key according to the first identification information and the random key;
    密钥发送模块,设置为:将所述第一录制密钥发送给所述第一机顶盒,以使所述第一机顶盒对所述第一录制密钥解密得到所述随机密钥,利用所述随机密钥对待加密的数据流进行加密,得到加密数据流,进而使第二机顶盒获取所述加密数据流、所述第一标识信息和所述第一录制密钥;a key sending module, configured to: send the first recording key to the first set top box, so that the first set top box decrypts the first recording key to obtain the random key, by using the The random key encrypts the encrypted data stream to obtain an encrypted data stream, so that the second set top box acquires the encrypted data stream, the first identification information, and the first recording key;
    所述接收模块还设置为:接收第二机顶盒发送的所述第一标识信息、所述第一录制密钥以及所述第二机顶盒的第二标识信息,其中所述第二机顶盒与第一机顶盒为不同的机顶盒;The receiving module is further configured to: receive the first identification information, the first recording key, and the second identification information of the second set top box sent by the second set top box, where the second set top box and the first set top box For different set top boxes;
    所述权限判断模块还设置为:根据所述第二标识信息,确定所述第二机顶盒是否有播放权限;The right judging module is further configured to: determine, according to the second identifier information, whether the second set top box has a play permission;
    所述密钥处理模块还设置为:当所述第二机顶盒有播放权限时,根据所述第一标识信息对所述第一录制密钥进行解密,得到所述随机密钥;根据所述第二标识信息和所述随机密钥,得到第二录制密钥;The key processing module is further configured to: when the second set top box has a play permission, decrypt the first record key according to the first identifier information, to obtain the random key; Identifying the information and the random key to obtain a second recording key;
    所述密钥发送模块还设置为:将所述第二录制密钥发送至所述第二机顶盒,以使所述第二机顶盒解密所述第二录制密钥,得到所述随机密钥,并利用所述随机密钥解密所述加密数据流得到解密数据流。The key sending module is further configured to: send the second recording key to the second set top box, so that the second set top box decrypts the second recording key to obtain the random key, and Decrypting the encrypted data stream with the random key results in a decrypted data stream.
  20. 一种计算机可读存储介质,存储有计算机可执行指令,所述计算机可执行指令用于执行权利要求1-7和11-18任一项所述的方法。 A computer readable storage medium storing computer executable instructions for performing the method of any of claims 1-7 and 11-18.
PCT/CN2017/110334 2016-11-10 2017-11-10 Pvr protection method and system WO2018086566A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201610989564.1A CN106533668B (en) 2016-11-10 2016-11-10 A kind of network-based PVR guard method and system
CN201610989564.1 2016-11-10

Publications (1)

Publication Number Publication Date
WO2018086566A1 true WO2018086566A1 (en) 2018-05-17

Family

ID=58350920

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/110334 WO2018086566A1 (en) 2016-11-10 2017-11-10 Pvr protection method and system

Country Status (2)

Country Link
CN (1) CN106533668B (en)
WO (1) WO2018086566A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114389839A (en) * 2021-12-10 2022-04-22 国网浙江省电力有限公司宁波供电公司 PMS data transmission system and method based on 5G network module

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106533668B (en) * 2016-11-10 2019-09-10 深圳创维数字技术有限公司 A kind of network-based PVR guard method and system
CN107820128B (en) * 2017-11-10 2019-12-27 深圳创维-Rgb电子有限公司 USB recording function customizing method and device and computer readable storage medium
CN113542877B (en) * 2021-07-13 2023-05-05 四川长虹网络科技有限责任公司 PVR resource sharing method, PVR resource sharing system, computer equipment and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030235393A1 (en) * 2002-06-25 2003-12-25 International Business Machines Corporation Personal video recording with storage space requirement checking
CN103024475A (en) * 2012-12-21 2013-04-03 深圳市九洲电器有限公司 Method and system of recording and authorization playing of television programs
CN103974117A (en) * 2013-02-06 2014-08-06 中兴通讯股份有限公司 Sharing recording method, sharing recording device, sharing recording server and set-top boxes
CN106533668A (en) * 2016-11-10 2017-03-22 深圳创维数字技术有限公司 Network-based PVR protection method and system

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102281468A (en) * 2011-08-09 2011-12-14 深圳市九洲电器有限公司 Method and device for recording and playing personal video record, and set-top box

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030235393A1 (en) * 2002-06-25 2003-12-25 International Business Machines Corporation Personal video recording with storage space requirement checking
CN103024475A (en) * 2012-12-21 2013-04-03 深圳市九洲电器有限公司 Method and system of recording and authorization playing of television programs
CN103974117A (en) * 2013-02-06 2014-08-06 中兴通讯股份有限公司 Sharing recording method, sharing recording device, sharing recording server and set-top boxes
CN106533668A (en) * 2016-11-10 2017-03-22 深圳创维数字技术有限公司 Network-based PVR protection method and system

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114389839A (en) * 2021-12-10 2022-04-22 国网浙江省电力有限公司宁波供电公司 PMS data transmission system and method based on 5G network module
CN114389839B (en) * 2021-12-10 2023-12-08 国网浙江省电力有限公司宁波供电公司 PMS data transmission system and method based on 5G network module

Also Published As

Publication number Publication date
CN106533668A (en) 2017-03-22
CN106533668B (en) 2019-09-10

Similar Documents

Publication Publication Date Title
US11417663B2 (en) System and method for data collection and exchange with protected memory devices
WO2018177110A1 (en) Media content licensing method and device
US20230306089A1 (en) Systems and methods for content security
US10055553B2 (en) PC secure video path
US20100310076A1 (en) Method for Performing Double Domain Encryption in a Memory Device
AU2012241181B2 (en) System and method for asset lease management
WO2018086566A1 (en) Pvr protection method and system
US20060235956A1 (en) Information process distribution system, information processing apparatus and information process distribution method
WO2018064955A1 (en) Method and system for recording and playing back program
US20070064936A1 (en) Content data delivery method and content data delivery system and handheld device for use therein
US8180709B2 (en) Method and device for consuming rights objects having inheritance structure in environment where the rights objects are distributed over plurality of devices
US20040250077A1 (en) Method of establishing home domain through device authentication using smart card, and smart card for the same
US9800561B2 (en) Secure sharing of user annotated subscription media with trusted devices
US8997216B2 (en) Recording medium apparatus and control method for authenticating a device based on a revocation list
US9083685B2 (en) Method and system for content replication control
WO2011072607A1 (en) File segmented protection method, apparatus and system
KR101944468B1 (en) Method, host device, storage and machine-readable storage medium for protecting contents
CN108650526B (en) Identification method, computer equipment and storage medium
KR20090000273A (en) Method for implementing drm function and additional function using drm device and system thereof
US20060045478A1 (en) Method and apparatus for transmitting and receiving protected contents at home
US8634555B2 (en) Information processing apparatus, information processing method, and program
JP5361031B2 (en) Cryptographic authentication processing method and apparatus
JP2006155332A (en) Apparatus and method for outputting contents, and apparatus and method for acquiring contents
CN204652425U (en) A kind of personalized digital media broadcast control system
CN102231854A (en) Multimedia broadcasting program recording method and data card equipment

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17869840

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17869840

Country of ref document: EP

Kind code of ref document: A1