WO2018176531A1 - Procédé et appareil de demande de vidéo et de lecture de vidéo - Google Patents

Procédé et appareil de demande de vidéo et de lecture de vidéo Download PDF

Info

Publication number
WO2018176531A1
WO2018176531A1 PCT/CN2017/081237 CN2017081237W WO2018176531A1 WO 2018176531 A1 WO2018176531 A1 WO 2018176531A1 CN 2017081237 W CN2017081237 W CN 2017081237W WO 2018176531 A1 WO2018176531 A1 WO 2018176531A1
Authority
WO
WIPO (PCT)
Prior art keywords
key value
video
target video
server
terminal
Prior art date
Application number
PCT/CN2017/081237
Other languages
English (en)
Chinese (zh)
Inventor
周志刚
张文明
陈少杰
Original Assignee
武汉斗鱼网络科技有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 武汉斗鱼网络科技有限公司 filed Critical 武汉斗鱼网络科技有限公司
Publication of WO2018176531A1 publication Critical patent/WO2018176531A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/266Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
    • H04N21/26613Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel for generating or managing keys in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/254Management at additional data server, e.g. shopping server, rights management server
    • H04N21/2541Rights Management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/258Client or end-user data management, e.g. managing client capabilities, user preferences or demographics, processing of multiple end-users preferences to derive collaborative data
    • H04N21/25808Management of client data
    • H04N21/25816Management of client data involving client authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/258Client or end-user data management, e.g. managing client capabilities, user preferences or demographics, processing of multiple end-users preferences to derive collaborative data
    • H04N21/25866Management of end-user data
    • H04N21/25875Management of end-user data involving end-user authentication

Definitions

  • the present invention relates to the field of communications technologies, and in particular, to a video request, a video playing method, and a device.
  • the live video broadcast is performed by using the Internet and streaming media technology, and then the video content provider has the video stream address obtained by the third-party platform, so that the video can be directly viewed without going through the live website, that is, the video player bypassing the live website.
  • the video provided is also played.
  • there are some paid video content for the live website For example, the ticket room of the live website can only be viewed when the ticket is purchased.
  • the VIP member can purchase the VIP video, so If the video stream address is stolen, the user who has not purchased the ticket can directly view the ticket room, and the user who does not purchase the VIP member can directly watch the VIP video, and also brings the risk of personal information leakage to the user.
  • the prior art encrypts the video stream address to prevent the video stream address from being stolen, but only the encrypted video stream address is easily cracked, so the video stream address is low in security. Video is easily obtained illegally.
  • the embodiment of the invention solves the technical problem of low video stream address security in the prior art by providing a video request, a video playing method and a device.
  • an embodiment of the present invention provides a video playing method, which is applied to a server, where the method includes:
  • a first Key value for characterizing a video type of the target video and a permission range for characterizing the viewing user if a viewing user corresponding to the user terminal has viewing rights to the target video a second Key value, or returning, to the user terminal, a first Key value for characterizing a video type of the target video, a second Key value for characterizing a permission range of the viewing user, and a random number;
  • the target video is returned to the user terminal.
  • the video stream address request carries the user identification letter of the viewing user
  • the method further includes:
  • the method further includes:
  • the received authentication key value is a terminal-side authentication key value for the target video.
  • the generating the server-side authentication key value for the target video based on the first key value, the second key value, and the request identification identifier group including:
  • a server side authentication key value for the target video including:
  • the request identifies the identifier group, including:
  • it also includes:
  • the request identification identifier group further includes a room identification code where the target network live video is located, and the second key value includes a permission range of the viewing user.
  • the live type identification code and the room identification code of the live network video are included in the request identification identifier group.
  • an embodiment of the present invention provides a video requesting method, which is applied to a user terminal, and includes:
  • the generating, according to the first key value and the second key value, a terminal side authentication key value for the target video and sending To the server including:
  • a terminal side authentication key value for the target video is sent to the server.
  • the generating, by the first key value, the second key value, and the request identification identifier group, a terminal side authentication key value for the target video including:
  • the request identification identifier group carried in the video stream address request includes:
  • the request identification identifier group further includes a room identification code where the target network live video is located, and the second key value includes the permission range of the viewing user.
  • the video type identification code of each webcast video and the room identification code is not limited to the video type identification code.
  • an embodiment of the present invention provides a video playback device, which is applied to a server, where the video playback device includes:
  • An address request receiving module configured to receive a video stream address request for the target video sent by the user terminal
  • a Key value sending module configured to return, to the user terminal, a first Key value for characterizing a video type of the target video and for characterization if a viewing user corresponding to the user terminal has viewing rights to the target video Viewing a second Key value of the user's permission range, or returning to the user terminal a first Key value for characterizing the video type of the target video, and a second key for characterizing the permission range of the viewing user Value and random number;
  • a video returning module configured to receive, when used by the user terminal, a terminal-side authentication key value for the target video generated by using the first key value and the second key value, or for receiving a location Returning the target video to the user terminal when the terminal-side authentication key value for the target video generated by the user terminal is generated based on the first key value, the second key value, and the random number .
  • the device further includes:
  • the authority discriminating module is configured to determine, according to the correspondence between the user identification information and the permission range, whether the viewing user has viewing rights to the target video.
  • the device further includes:
  • An authentication key value generating module configured to generate a server side authentication key value for the target video based on the first key value, the second key value, and the request identification identifier group, or Generating, by the first Key value, the second Key value, the random number, and the request identification identifier group, a server side authentication key value for the target video;
  • the authentication key value comparison module is configured to compare the received authentication key value with the server-side authentication key value of the target video, and if yes, the received authentication key value is The terminal side authentication key value of the target video.
  • the authentication key value generating module is specifically configured to:
  • the request identifies the identifier group, including:
  • the request identification identifier group further includes a room identification code where the target network live video is located, and the second key value includes a permission range of the viewing user.
  • the live type identification code and the room identification code of the live network video are included in the request identification identifier group.
  • an embodiment of the present invention provides a video requesting apparatus, which is applied to a user terminal, where the video requesting apparatus includes:
  • An address request sending module configured to send a video stream address request for the target video to the server
  • a Key value receiving module configured to receive a first Key value returned by the server for characterizing a video type of the target video, and a second Key value for characterizing a permission range of the viewing user, or for receiving Determining, by the server, a first Key value for characterizing a video type of the target video, a second Key value for characterizing a permission range of the viewing user, and a random number;
  • An authentication key value obtaining module configured to generate, according to the first key value and the second key value, a terminal side authentication key value for the target video, and send the value to the server, or according to the foregoing a Key value, the second Key value, and the random number generate a terminal side authentication Key value for the target video and send the value to the server, so that the server receives the terminal side for the target video Returning the target video to the user terminal when authenticating the Key value;
  • a video receiving module configured to receive the target video from the server.
  • the authentication key value obtaining module includes:
  • An authentication key value generating unit configured to generate a terminal side authentication key value for the target video based on the first key value, the second key value, and the request identification identifier group, or for using the Generating, by the first Key value, the second Key value, the random number, and the request identification identifier group, a terminal side authentication key value for the target video;
  • the authentication key value sending unit is configured to send the terminal side authentication key value for the target video to the server.
  • the authentication key value generating unit is specifically configured to:
  • the request identification identifier group carried in the video stream address request includes:
  • the request identification identifier group further includes a room identification code where the target network live video is located, and the second key value includes the permission range of the viewing user.
  • the video type identification code of each webcast video and the room identification code is not limited to the video type identification code.
  • the technical solution provided by the present invention is: receiving a video stream address request for a target video sent by a user terminal; and if the viewing user corresponding to the user terminal has viewing rights to the target video, returning a video for characterizing the target video to the user terminal a first Key value of the type and a second Key value for characterizing a permission range of the viewing user; receiving the terminal-side authentication Key value for the target video generated by the user terminal based on the first Key value and the second Key value Return the target video to the user terminal.
  • the video stream address is authenticated according to the video type of the target video and the permission range of the viewing user, so that different types of the target video and different viewing rights of the viewing user are calculated, and different server side and terminal side are calculated.
  • the server For the authentication KEY value for authenticating the video stream address, the server only returns the requested target video for the user terminal that generates the authentication KEY value based on the first and second KEY values, so only the viewing rights of the target video are actually available.
  • the user can obtain the target video from the server, otherwise the server will refuse to deliver the target video.
  • the video stream address can be prevented from being illegally acquired, thus improving the security of the video stream address.
  • the server sends the first key value and the second key value to the terminal, and the server also generates a random number (the client regenerates each request) and sends the same to the terminal.
  • the number and the terminal feature are combined to calculate the final authentication key value.
  • the video stream address request carries the request identification identifier group, including the time identifier of the time when the user terminal sends the video stream address request, so that the generated authentication KEY values of the server side and the terminal side are dependent on non-repetitiveness and
  • the reproducible time identifier further ensures that the calculated authentication KEY value will not be imitated every time, so when a viewing user requests the correct address, it cannot be used by other viewing users because a video stream address can only be used. Use once.
  • FIG. 1 is a flowchart of a video playing method according to an embodiment of the present invention
  • FIG. 2 is a flowchart of a video request method according to an embodiment of the present invention.
  • FIG. 3 is a block diagram of a video playback apparatus according to an embodiment of the present invention.
  • FIG. 4 is a block diagram of a video requesting apparatus according to an embodiment of the present invention.
  • the embodiment of the present invention provides a video request, a video playing method, and a device.
  • the general idea is as follows:
  • the video stream address is authenticated according to the first Key value of the video type of the target video and the second Key value for characterizing the viewing range of the viewing user. Therefore, for different types of target videos and different permission ranges of the viewing users, different authentication KEY values for authenticating the video stream addresses on the server side and the terminal side are calculated, and the server is only based on the first and second servers.
  • the KEY value generates the target video of the user terminal that authenticates the KEY value, thereby greatly enhancing the accuracy of authenticating the video stream address, thereby preventing the video stream address from being illegally acquired, and improving the security of the video stream address. .
  • an embodiment of the present invention provides a video playing method, including the following steps:
  • S101 Receive a video stream address request for a target video that is sent by the user terminal.
  • the target video may be a live webcast video or a recorded video resource stored on a server.
  • the server is provided with a ticket system or a VIP authentication system, and different types of tickets are set for webcast videos of different video types, and different types of VIPs are set for recording videos of different video types.
  • the live webcast video as an example, if the viewing user's permission range of the game ticket is all game-type live rooms, the viewing user with the game ticket has the viewing right for the game-like video; and the viewing range of the viewing user with the sports ticket For all sports live rooms, the viewing users who have game tickets have the right to watch sports videos; the viewing rights of the viewing users with variety tickets are the variety live rooms, and the viewing users with game tickets have watched the variety videos. Permissions.
  • the ticket system is configured to identify whether the viewing user corresponding to the user terminal that sends the video stream address request has a ticket of the video type to which the target video belongs, thereby determining whether the viewing user has viewing rights to the target video.
  • the video stream address request in order to determine whether the viewing user has the viewing right for the target video, carries the user identification information of the viewing user corresponding to the user terminal, such as a username and a password.
  • the server stores the permission range corresponding to each user identification information, so that the server determines whether the viewing user corresponding to the user terminal has the viewing right for the target video according to the correspondence between the user identification information and the permission range. If the viewing user does not have the viewing right for the target video, the server directly rejects the video stream address request of the user terminal, and does not return to the user terminal the first Key value for characterizing the video type of the target video and the permission range for characterizing the viewing user. The second key value. If the viewing user has viewing rights to the target video, the server returns a video type for characterizing the target video to the user terminal. The first Key value and a second Key value used to characterize the scope of viewing of the viewing user.
  • the ticket class KEY value corresponds to the video type one by one, and the ticket class KEY value may be a random string, then the first key value is A string representing the video type of the target video. For example, if the target video is a sports video, the first key value is specifically a character string indicating that the target video is a sports video. For example, if the target video is a game video, the first key value is specifically to represent the target video as a game video. String.
  • the second key value includes the live broadcast type identification code and the room identification code of each live webcast video within the scope of the user's permission.
  • the live type identification code and the room identification code of each live webcast video in the user's permission range are input into the MD5 algorithm, and the second KEY value is obtained by the operation:
  • KEY2 MD5.create(roomid+type)
  • the roomid is the room identification code of each webcast live video within the scope of the user's permission
  • the type is the live type identification code of each webcast live video within the scope of the user's permission.
  • the process proceeds to S103.
  • the target video is returned to the user terminal.
  • the terminal-side authentication key value of the target video is specifically generated by the user terminal according to the following manner:
  • the user terminal If the user terminal receives the first key value and the second key value from the server, the user terminal generates a terminal side authentication key value for the target video based on the first key value and the second key value, and sends the value to the server.
  • the video type of the target video and the permission range of the viewing user are used as the KEY value of the video stream address authentication, so that different authentication KEY values can be obtained for different video types and different permission ranges, and the same video stream address is sent.
  • Receiver The server and the user terminal can always maintain the same authentication KEY value, which can greatly improve the accuracy of video address authentication and avoid illegal acquisition.
  • the terminal side authentication key value for the target video is generated based on the first key value, the second key value, and the request identification identifier group.
  • the request identification identifier group includes a time identifier indicating a time when the user terminal sends the video stream address request, and a terminal feature of at least one type of user terminal: a token (Token) when the user logs in to the server, and a unique ID of the user terminal. (UDID, Unique Device Identifier), the current IP address of the user terminal. Therefore, the video stream address authentication is performed depending on the time, so that the calculated video stream address is different each time, because the uniqueness of time makes a video stream address only Can be used once, so when the viewing user requests the correct video stream address is not available to others, further improving the security of the video stream address.
  • a token When the user logs in to the server
  • UDID Unique Device Identifier
  • time for the terminal to send the video stream address request may be determined according to the system time.
  • the main consideration of this kind of processing is that the server's system time is definitely correct, but the client's time may be that the hacker deliberately modifies the time to facilitate the hacker to crack the video stream address.
  • the time parameter can play a good role in random data, so To ensure the accuracy of time.
  • the server obtains the time of the server system to determine whether the time reported by the client is very different from the server time (for example, by setting a reporting time threshold), if the difference is very small, the client is The reporting time is correct, otherwise the time reported by the client is wrong, otherwise the client video stream address request is rejected.
  • the method further includes the steps of: acquiring a server system time; determining, by using the system time, a time that the user terminal that is characterized by the time identifier sends the video stream address request and the Whether the system time difference is within a preset reporting time threshold, and if yes, determining that the reporting time of the video stream address request is correct; otherwise, determining that the reporting time of the video stream address request is incorrect, rejecting the video stream address request.
  • the request identification identifier group carried in the video stream address request further includes the room identification code of the target network live video, thereby further improving the video stream address security of the webcast video.
  • the server side provides the following implementation process:
  • the server generates a server-side authentication key value for the target video based on the first key value, the second key value, and the request identification identifier group, and compares the received authentication key value with the server-side authentication key value for the target video. Whether it is consistent; if it is consistent, the received authentication key value is a terminal-side authentication key value for the target video generated by the user terminal based on the first key value and the second key value, and the server returns the target to the user terminal. Video; if it is inconsistent, the received authentication key value is sent by other terminals, and the target video is rejected.
  • the manner in which the server side performs the generation of the server-side authentication key value is an implementation manner of combining the MD5 (message digest algorithm) algorithm and the RSA encryption algorithm:
  • first Key value and the second Key value are input into the MD5 algorithm to obtain an intermediate Key value:
  • NewKey MD5.Create(KEY1+KEY2)
  • NewKey is the intermediate Key value
  • KEY1 is the first Key value
  • KEY2 is the second Key value.
  • the intermediate key value and the request identification identifier group are input into the RSA encryption algorithm to calculate the server side authentication key value for the target video:
  • KEY RSA.encrypt(Token+Roomid+ID+IP+Time, NewKey);
  • the time parameter is the time identifier of the user terminal to send the video stream address request
  • the Token parameter is the token when the user logs in to the server
  • the ID parameter is the unique ID of the user terminal (UDID, Unique Device Identifier)
  • the IP parameter is the current state of the user terminal. IP address.
  • the RSA encryption algorithm is taken as an example in the embodiment of the present invention, but other asymmetric encryption algorithms, such as an elliptic curve algorithm, may also be used.
  • the RSA encryption algorithm is an asymmetric encryption algorithm.
  • the RSA algorithm is characterized by the ability to generate a pair of public and private keys (the public and private keys are uniquely paired. If the data is encrypted with a public key, only the private key can be decrypted. Out of the original data, the server will send the first key value to the client, and the server can generate a private key Key according to the first key value (as the public key of the RSA) through the RSA algorithm (and store the private key, The subsequent terminal reports the characteristics of the terminal.
  • the terminal When the terminal receives the first key value of the server, when the terminal features of the terminal are reported, the characteristics of the terminal (token, ID, IP, etc.) are encrypted by using the RSA algorithm. After receiving the reported data, the server uses the private key generated by RSA to decrypt it.
  • the advantage of this processing is that the information reported by the terminal is encrypted to ensure the security of the data reported by the terminal, and the RSA algorithm is used to encrypt, so the hacker cannot decrypt even if the information is intercepted without the private key, because the private key is only stored by the server. .
  • the server sends the first key value and the second key value to the terminal, and the server also generates a random number (the client regenerates each request) and sends the same to the terminal. The number will be calculated together with the terminal characteristics to obtain the final authentication key value.
  • the advantage of increasing this random number is that the time value cannot be completely guaranteed because one dimension of the time parameter always changes, because the time data is regular, so here Adding a server to send a random number further strengthens the randomness of the finally generated authentication key value.
  • the calculation of the authentication Key value is:
  • KEY RSA.encrypt(Token+Roomid+ID+IP+Time, NewKey)
  • KEY RSA.encrypt(Token+Roomid+ID+IP+Time+Random, NewKey)
  • Random Both the server and the terminal are added together with the random number when calculating the final authentication key. This random number is sent by the server because it is generally considered that the server is definitely safe.
  • an embodiment of the present invention provides a video requesting method, which is applied to a user terminal corresponding to the foregoing video playing method. Referring to FIG. 2, the video requesting method includes:
  • S202 Receive a first Key value returned by the server for characterizing a video type of the target video, and a second Key value used to represent a permission range of the viewing user.
  • S203 Generate a terminal-side authentication key value for the target video according to the first key value and the second key value, and send the value to the server, so that the server returns the target video to the user terminal when receiving the terminal-side authentication key value for the target video. ;
  • S203 includes the following refinement steps:
  • an implementation manner of generating a terminal-side authentication key value for the target video is specifically:
  • the request identification identifier group carried in the video stream address request includes: a time identifier indicating a time at which the user terminal sends the video stream address request, and at least one terminal feature of the user terminal as follows: The token when the user logs in to the server, the unique ID of the user terminal, and the current IP address of the user terminal are viewed.
  • the request identification identifier group further includes a room identification code where the target network live video is located, and the second key value includes each part of the viewing user's permission range.
  • the video type identifier of the live webcast video and the room identification code is included in the request identification identifier group.
  • the embodiment of the present video request method corresponds to the technical features in the implementation of the foregoing video playing method. Therefore, based on the video playing method introduced by the present invention, those skilled in the art can understand the implementation manner of the video requesting device, and thus will not be described herein. .
  • the server sends the first key value and the second key value to the terminal, and the server also generates a random number (the client regenerates each request) and sends the same to the terminal. The number will be calculated together with the terminal characteristics to obtain the final authentication key value.
  • the advantage of increasing this random number is that the time value cannot be completely guaranteed because one dimension of the time parameter always changes, because the time data is regular, so here Adding a server to send a random number further strengthens the randomness of the finally generated authentication key value.
  • an embodiment of the present invention provides a video playing device for implementing the foregoing video playing method, which is applied to a server.
  • the video playing device includes:
  • the address request receiving module 301 is configured to receive a video stream address request for the target video sent by the user terminal;
  • the Key value sending module 302 is configured to: if the viewing user corresponding to the user terminal has the viewing right to the target video, return a first Key value for characterizing the video type of the target video to the user terminal, and Characterizing a second Key value of the range of rights of the viewing user;
  • a video returning module 303 configured to receive, by the user terminal, a terminal-side authentication key value for the target video generated by the first key value and the second key value, to the user terminal Return to the target video.
  • the device further includes:
  • the authority discriminating module is configured to determine, according to the correspondence between the user identification information and the permission range, whether the viewing user has viewing rights to the target video.
  • the device further includes:
  • An authentication key value generating module configured to generate a server side authentication key value for the target video based on the first key value, the second key value, and the request identification identifier group;
  • the authentication key value comparison module is configured to compare the received authentication key value with the server-side authentication key value of the target video, and if yes, the received authentication key value is The terminal side authentication key value of the target video.
  • the authentication key value generating module is specifically configured to:
  • the request identifying the identifier group includes:
  • the request identification identifier group further includes a room identification code where the target network live video is located, and the second key value includes the viewing user.
  • the server sends the first key value and the second key value to the terminal, and the server also generates a random number (the client regenerates each request) and sends the same to the terminal. The number will be calculated together with the terminal characteristics to obtain the final authentication key value.
  • the advantage of increasing this random number is that the time value cannot be completely guaranteed because one dimension of the time parameter always changes, because the time data is regular, so here Adding a server to send a random number further strengthens the randomness of the finally generated authentication key value.
  • the video playback device is a device for implementing the foregoing video playback method according to the embodiment of the present invention. Therefore, based on the video playback method introduced by the present invention, those skilled in the art can understand the specific structure and deformation of the video playback device, and thus No longer. Any device used in the video playing method of the present invention is within the scope of the present invention.
  • an embodiment of the present invention further provides a video requesting apparatus for implementing the foregoing video requesting method, which is applied to a user terminal.
  • the video requesting apparatus includes:
  • An address request sending module 401 configured to send a video stream address request for the target video to the server;
  • the Key value receiving module 402 is configured to receive a first Key value returned by the server for characterizing a video type of the target video and a second Key value used to represent a permission range of the viewing user;
  • the authentication key value obtaining module 403 is configured to generate a terminal side authentication key value for the target video according to the first key value and the second key value, and send the value to the server, so that the server receives Returning the target video to the user terminal when the terminal side authentication key value is used for the target video;
  • the video receiving module 404 is configured to receive the target video from the server.
  • the authentication key value obtaining module 403 includes:
  • the authentication key value generating unit is configured to generate a terminal side authentication key value for the target video based on the first key value, the second key value, and the request identification identifier group;
  • the authentication key value sending unit is configured to send the terminal side authentication key value for the target video to the server.
  • the authentication key value generating unit is specifically configured to:
  • the request identification identifier group carried in the video stream address request includes:
  • Characterizing a time identifier of the time at which the user terminal sends the video stream address request and At least one terminal feature of the user terminal: the token when the user logs in to the server, the unique ID of the user terminal, and the current IP address of the user terminal.
  • the request identification identifier group further includes a room identification code where the target network live video is located, and the second key value includes the rights of the viewing user.
  • the server sends the first key value and the second key value to the terminal, and the server also generates a random number (the client regenerates each request) and sends the same to the terminal. The number will be calculated together with the terminal characteristics to obtain the final authentication key value.
  • the advantage of increasing this random number is that the time value cannot be completely guaranteed because one dimension of the time parameter always changes, because the time data is regular, so here Adding a server to send a random number further strengthens the randomness of the finally generated authentication key value.
  • the present video requesting device is an electronic device used in the foregoing video requesting method according to the embodiment of the present invention. Therefore, those skilled in the art can understand the specific structure and deformation of the video requesting device based on the method described in the video requesting method embodiment of the present invention. Therefore, it will not be repeated here.
  • the apparatus used in the video request method of the present invention is within the scope of the present invention.
  • the technical solution provided by the present invention is: receiving a video stream address request for a target video sent by a user terminal; and if the viewing user corresponding to the user terminal has viewing rights to the target video, returning a video for characterizing the target video to the user terminal a first Key value of the type and a second Key value for characterizing a permission range of the viewing user; receiving the terminal-side authentication Key value for the target video generated by the user terminal based on the first Key value and the second Key value Return the target video to the user terminal.
  • the video stream address is authenticated according to the video type of the target video and the permission range of the viewing user, so that different types of the target video and different viewing rights of the viewing user are calculated, and different server side and terminal side are calculated.
  • the server For the authentication KEY value for authenticating the video stream address, the server only returns the requested target video for the user terminal that generates the authentication KEY value based on the first and second KEY values, so only the viewing rights of the target video are actually available.
  • the user can obtain the target video from the server, otherwise the server will refuse to deliver the target video. Therefore, the accuracy of authenticating the video stream address is greatly enhanced, and the video stream address can be prevented from being illegally acquired, thereby improving the security of the video stream address.
  • the server sends the first key value and the second key value to the terminal, and the server also generates a random number (the client regenerates each request) and sends the same to the terminal.
  • the number and the terminal feature are combined to calculate the final authentication key value.
  • the video stream address request carries the request identification identifier group, including the time identifier of the time when the user terminal sends the video stream address request, so that the generated authentication KEY values of the server side and the terminal side are dependent on non-repetitiveness and
  • the reproducible time identifier further ensures that the calculated authentication KEY value will not be imitated every time, so when a viewing user requests the correct address, it cannot be used by other viewing users because a video stream address can only be used. Use once.
  • embodiments of the present invention can be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment, or a combination of software and hardware. Moreover, the invention can take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) including computer usable program code.
  • computer-usable storage media including but not limited to disk storage, CD-ROM, optical storage, etc.
  • the computer program instructions can also be stored in a computer readable memory that can direct a computer or other programmable data processing device to operate in a particular manner, such that the instructions stored in the computer readable memory produce an article of manufacture comprising the instruction device.
  • the apparatus implements the functions specified in one or more blocks of a flow or a flow and/or block diagram of the flowchart.
  • These computer program instructions can also be loaded onto a computer or other programmable data processing device such that a series of operational steps are performed on a computer or other programmable device to produce computer-implemented processing for execution on a computer or other programmable device.
  • the instructions provide steps for implementing the functions specified in one or more of the flow or in a block or blocks of a flow diagram.

Landscapes

  • Engineering & Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Multimedia (AREA)
  • Signal Processing (AREA)
  • Computer Graphics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)

Abstract

La présente invention concerne un procédé et un appareil de demande de vidéo et de lecture de vidéo, appliqués au domaine technique des communications. Le procédé de lecture de vidéo consiste à : recevoir une demande d'adresse de flux vidéo envoyée par un terminal utilisateur pour une vidéo cible ; et si un spectateur correspondant au terminal d'utilisateur a une autorisation de visualisation pour la vidéo cible, renvoyer, au terminal utilisateur, une première valeur de clé pour caractériser un type de vidéo de la vidéo cible et une seconde valeur de clé pour caractériser une plage d'autorisation du spectateur ; et renvoyer la vidéo cible au terminal utilisateur si une valeur de clé d'authentification côté terminal envoyée par le terminal d'utilisateur et générée pour la vidéo cible sur la base de la première valeur de clé et de la seconde valeur de clé est reçue. La présente invention résout le problème technique, rencontré dans l'état de la technique, de faible sécurité d'adresse de flux vidéo, ce qui améliore ainsi considérablement la précision d'authentification d'adresse de flux vidéo, évite l'acquisition non autorisée d'adresses de flux vidéo, améliore la sécurité des adresses de flux vidéo.
PCT/CN2017/081237 2017-03-31 2017-04-20 Procédé et appareil de demande de vidéo et de lecture de vidéo WO2018176531A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201710206554.0A CN107426589B (zh) 2017-03-31 2017-03-31 一种视频请求、视频播放方法及装置
CN201710206554.0 2017-03-31

Publications (1)

Publication Number Publication Date
WO2018176531A1 true WO2018176531A1 (fr) 2018-10-04

Family

ID=60423889

Family Applications (2)

Application Number Title Priority Date Filing Date
PCT/CN2017/081237 WO2018176531A1 (fr) 2017-03-31 2017-04-20 Procédé et appareil de demande de vidéo et de lecture de vidéo
PCT/CN2017/107056 WO2018176816A1 (fr) 2017-03-31 2017-10-20 Procédé et dispositif de demande et lecture de vidéo

Family Applications After (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/107056 WO2018176816A1 (fr) 2017-03-31 2017-10-20 Procédé et dispositif de demande et lecture de vidéo

Country Status (2)

Country Link
CN (1) CN107426589B (fr)
WO (2) WO2018176531A1 (fr)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110012301B (zh) * 2018-01-04 2022-01-04 武汉斗鱼网络科技有限公司 一种视频流地址的鉴权方法及装置
CN112770143B (zh) * 2019-11-01 2022-08-02 腾讯科技(深圳)有限公司 一种互动视频播放系统和方法
CN112600806B (zh) * 2020-12-04 2023-04-28 广州酷狗计算机科技有限公司 音频播放方法、装置、服务器及存储介质

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130266138A1 (en) * 2012-04-10 2013-10-10 Microsoft Corporation Content encryption key management
CN103686241A (zh) * 2013-12-23 2014-03-26 珠海迈科电子科技有限公司 机顶盒防盗链的方法及装置
CN104811773A (zh) * 2015-04-28 2015-07-29 天脉聚源(北京)传媒科技有限公司 基于防盗链的频道播放实现方法、系统及设备
US20160119438A1 (en) * 2014-10-23 2016-04-28 Google Inc. Systems and methods of sharing media and data content across devices through local proximity
CN105721411A (zh) * 2015-05-15 2016-06-29 乐视云计算有限公司 一种防止盗链的方法、防止盗链的服务器及客户端
CN105915494A (zh) * 2015-12-07 2016-08-31 乐视云计算有限公司 防盗链方法及系统
CN106028064A (zh) * 2016-06-24 2016-10-12 武汉斗鱼网络科技有限公司 一种直播视频流播放地址权限校验方法及系统

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100592785C (zh) * 2005-05-30 2010-02-24 Ut斯达康通讯有限公司 数字版权管理的系统和网络电视运营系统
US8893302B2 (en) * 2005-11-09 2014-11-18 Motorola Mobility Llc Method for managing security keys utilized by media devices in a local area network
CN102025749B (zh) * 2011-01-18 2013-12-11 中国联合网络通信集团有限公司 移动流媒体业务防盗用方法
WO2015063933A1 (fr) * 2013-10-31 2015-05-07 株式会社 東芝 Dispositif de lecture de contenu, procédé de lecture de contenu et système de lecture de contenu
CN105721903B (zh) * 2014-12-26 2017-12-12 乐视网信息技术(北京)股份有限公司 在线播放视频的方法和系统
US11997365B2 (en) * 2015-01-27 2024-05-28 Charter Communications Operating, Llc System and method of content streaming and downloading
CN105307052B (zh) * 2015-10-27 2018-09-25 无锡天脉聚源传媒科技有限公司 一种视频请求处理方法及装置
CN105872626A (zh) * 2015-12-15 2016-08-17 乐视网信息技术(北京)股份有限公司 一种视频播放方法及装置
CN105847881B (zh) * 2016-03-31 2019-07-09 武汉斗鱼网络科技有限公司 一种防盗播视频播放器与服务器及系统
CN106230860B (zh) * 2016-09-06 2020-09-25 腾讯科技(深圳)有限公司 发送流媒体的方法和装置

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130266138A1 (en) * 2012-04-10 2013-10-10 Microsoft Corporation Content encryption key management
CN103686241A (zh) * 2013-12-23 2014-03-26 珠海迈科电子科技有限公司 机顶盒防盗链的方法及装置
US20160119438A1 (en) * 2014-10-23 2016-04-28 Google Inc. Systems and methods of sharing media and data content across devices through local proximity
CN104811773A (zh) * 2015-04-28 2015-07-29 天脉聚源(北京)传媒科技有限公司 基于防盗链的频道播放实现方法、系统及设备
CN105721411A (zh) * 2015-05-15 2016-06-29 乐视云计算有限公司 一种防止盗链的方法、防止盗链的服务器及客户端
CN105915494A (zh) * 2015-12-07 2016-08-31 乐视云计算有限公司 防盗链方法及系统
CN106028064A (zh) * 2016-06-24 2016-10-12 武汉斗鱼网络科技有限公司 一种直播视频流播放地址权限校验方法及系统

Also Published As

Publication number Publication date
WO2018176816A1 (fr) 2018-10-04
CN107426589A (zh) 2017-12-01
CN107426589B (zh) 2018-08-10

Similar Documents

Publication Publication Date Title
US11615386B1 (en) Block chain authentication systems and methods
US10637855B2 (en) Enhanced authentication for secure communications
US20190340384A1 (en) Key providing method, video playing method, server and client
JP4617763B2 (ja) 機器認証システム、機器認証サーバ、端末機器、機器認証方法、および機器認証プログラム
WO2020062668A1 (fr) Procédé d'authentification d'identité, dispositif d'authentification d'identité et support lisible par ordinateur
CN108769067B (zh) 一种鉴权校验方法、装置、设备和介质
KR102219277B1 (ko) 인증된 컨텐츠 전달 제어를 위한 시스템 및 방법
CN106571951B (zh) 审计日志获取方法、系统及装置
WO2020000786A1 (fr) Procédé et appareil de vote, et dispositif informatique et support de stockage lisible par ordinateur
US11640448B2 (en) License confirmation via embedded confirmation challenge
JP2018503199A (ja) アカウント復元プロトコル
US9276741B2 (en) Content encryption key management
US9215064B2 (en) Distributing keys for decrypting client data
CN110662091B (zh) 第三方直播视频接入方法、存储介质、电子设备及系统
JPWO2019239591A1 (ja) 認証システム、認証方法、アプリケーション提供装置、認証装置、及び認証用プログラム
US10764294B1 (en) Data exfiltration control
WO2019001083A1 (fr) Procédé et dispositif d'authentification pour adresse de flux vidéo
CN108881966B (zh) 一种信息处理方法以及相关设备
CN107145769A (zh) 一种数字版权管理drm方法、设备及系统
WO2020062667A1 (fr) Procédé de gestion d'actifs de données, dispositif de gestion d'actifs de données et support lisible par ordinateur
WO2019071859A1 (fr) Procédé et appareil pour empêcher un vol de cadeau sur une plate-forme de diffusion en direct
CN108259183B (zh) 一种关注方法、装置、电子设备及介质
WO2018176531A1 (fr) Procédé et appareil de demande de vidéo et de lecture de vidéo
WO2013170822A2 (fr) Procédé et dispositif de traitement de mot de passe pour la connexion à un serveur
US20220353081A1 (en) User authentication techniques across applications on a user device

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17903557

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17903557

Country of ref document: EP

Kind code of ref document: A1