CN104253794A - Method and device for controlling the range of content use - Google Patents
Method and device for controlling the range of content use Download PDFInfo
- Publication number
- CN104253794A CN104253794A CN201310262777.0A CN201310262777A CN104253794A CN 104253794 A CN104253794 A CN 104253794A CN 201310262777 A CN201310262777 A CN 201310262777A CN 104253794 A CN104253794 A CN 104253794A
- Authority
- CN
- China
- Prior art keywords
- terminal
- anchor point
- point device
- content
- local area
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 48
- 230000004044 response Effects 0.000 claims description 55
- 238000012545 processing Methods 0.000 claims description 5
- 238000004891 communication Methods 0.000 abstract description 4
- 238000010586 diagram Methods 0.000 description 6
- 238000005516 engineering process Methods 0.000 description 2
- 238000011161 development Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
Landscapes
- Small-Scale Networks (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention discloses a method and device for controlling the range of content use and belongs to the communication field. The method includes the following steps that: the encrypted media streams and digital copyright of content according to the content broadcasting request of a user; the digital copyright of the content is determined as home network copyright according to the digital copyright of the content; a first anchor device is searched in a current local area network where a terminal is located, wherein the first anchor device is an immobile anchor device in a home local area network of the terminal; and if the first anchor device exists, the current local area network where the terminal is located is determined as the home local area network of the terminal, and the encrypted media streams of the content can be decrypted through utilizing the digital copyright, so that the content can be broadcasted. With the method and device for controlling the range of content use of the invention adopted, the user can use content to be used in a home network under control.
Description
Technical Field
The present invention relates to the field of communications, and in particular, to a method and an apparatus for controlling a range of content usage.
Background
With the rapid development of communication network technology, content vendors can sell content to users based on the communication network technology, and users can purchase content from the content vendors and use the purchased content.
In which a content vendor defines the range of content usage by a user, a typical scenario is that the content vendor defines the range of content usage by the user as a home local area network, i.e. the content vendor allows the user to use the content in the home local area network, but does not allow the user to use the content in other networks than the home local area network.
At present, after a content seller sells content with a home lan to a user, there is no feasible method for controlling the user to use the content in the home lan.
Disclosure of Invention
In order to realize the control of the content use of a user in a home local area network, the invention provides a method and a device for controlling the content use range. The technical scheme is as follows:
in a first aspect, a method of controlling a scope of content usage, the method comprising:
acquiring an encrypted media stream of the content and a digital copyright of the content according to a content on-demand request of a user;
determining the digital copyright type of the content as a home network copyright according to the digital copyright of the content;
searching whether a current local area network where a terminal is located has a first anchor point device, wherein the first anchor point device is a non-mobile anchor point device in a home local area network of the terminal;
and if the first anchor point equipment exists, determining that the current local area network where the terminal is located is the home local area network of the terminal, and decrypting the encrypted media stream of the content by using the digital copyright and playing the encrypted media stream.
With reference to the first aspect, in a first possible implementation manner of the first aspect, the determining, according to the digital right of the content, that the type of the digital right of the content is a home network right includes:
and analyzing the digital copyright of the content, and determining that the digital copyright contains the family mark, and then determining that the type of the digital copyright of the content is the family network copyright.
With reference to the first aspect, in a second possible implementation manner of the first aspect, the determining whether a first anchor point device exists in a current local area network where the search terminal is located includes:
sending an anchor point device discovery request to the device in the current local area network of the terminal in a multicast mode;
receiving a response message sent by anchor point equipment, wherein the response message comprises a digital signature generated by the anchor point equipment;
and determining that the anchor point device is the first anchor point device if the first public key of the stored server certificate of the first anchor point device is judged to be capable of decrypting the digital signature.
With reference to the first aspect, in a third possible implementation manner of the first aspect, the determining whether the first anchor point device exists in the current local area network where the search terminal is located includes:
sending an anchor point device discovery request to the device in the current local area network of the terminal in a multicast mode;
receiving a response message sent by anchor point equipment, wherein the response message comprises an equipment identifier of the anchor point equipment;
generating a digital signature, and sending the digital signature to the anchor point device according to the device identifier of the anchor point device, so that the anchor point device encrypts the digital signature according to the stored first private key;
receiving the digital signature encrypted by the anchor point device, and determining that the first public key of the server certificate of the first anchor point device stored in the storage device can decrypt the encrypted digital signature, so as to determine that the anchor point device is the first anchor point device.
With reference to the second or third possible implementation manner of the first aspect, in a fourth possible implementation manner of the first aspect, before searching whether the first anchor point device exists in the current local area network where the terminal is located, the method further includes:
receiving a first public key of a server certificate of the first anchor point device issued by a DRM server;
storing a first public key of a server certificate of the first anchor device.
With reference to the fourth possible implementation manner of the first aspect, in a fifth possible implementation manner of the first aspect, before the receiving the first public key of the server certificate of the first anchor point device sent by the DRM server, the method further includes:
and reporting the equipment identification information of the terminal to a service platform so that the service platform adds the terminal to the set home local area network of the first anchor point equipment according to the equipment identification information of the terminal.
In a second aspect, a method of controlling a scope of content usage, the method comprising:
receiving an anchor point device discovery request sent by a terminal;
sending a response message to the terminal, wherein the response message carries equipment identification information of the anchor point equipment;
receiving a digital signature sent by the terminal according to the response message;
encrypting the digital signature according to the stored first private key;
and sending the encrypted digital signature to the terminal, so that the terminal judges whether the current local area network is the home local area network or not and determines whether to use the content or not according to the judgment result.
In a third aspect, a method of controlling a scope of content usage, the method comprising:
receiving an anchor point device discovery request sent by a terminal;
generating a digital signature, and encrypting the digital signature according to a stored first private key;
and sending the encrypted digital signature to the terminal, so that the terminal judges whether the current local area network is the home local area network or not and determines whether to use the content or not according to the judgment result.
In a fourth aspect, a terminal, the terminal comprising:
the device comprises an acquisition unit, a processing unit and a processing unit, wherein the acquisition unit is used for acquiring an encrypted media stream of the content and a digital copyright of the content according to a content on-demand request of a user;
a determining unit, configured to determine, according to the digital rights of the content acquired by the acquiring unit, that the type of the digital rights of the content is a home network rights;
the searching unit is used for searching whether a first anchor point device exists in a current local area network where the terminal is located after the determining unit determines that the terminal is the home network copyright, wherein the first anchor point device is a non-mobile anchor point device in the home local area network of the terminal;
the determining unit is further configured to determine that the current local area network where the terminal is located is a home local area network of the terminal if the searching unit searches that the first anchor point device exists, and decrypt and play the encrypted media stream of the content using the digital rights.
With reference to the fourth aspect, in a first possible implementation manner of the fourth aspect, the determining, by the determining unit, a manner of determining, according to the digital right of the content, that the type of the digital right of the content is a home network right includes:
and analyzing the digital copyright of the content, and determining that the digital copyright contains the family mark, and then determining that the type of the digital copyright of the content is the family network copyright.
With reference to the fourth aspect, in a second possible implementation manner of the fourth aspect, the manner in which the searching unit searches whether the first anchor point device exists in the current local area network where the terminal is located includes:
sending an anchor point device discovery request to the device in the current local area network of the terminal in a multicast mode;
receiving a response message sent by anchor point equipment, wherein the response message comprises a digital signature generated by the anchor point equipment;
and determining that the anchor point device is the first anchor point device if the first public key of the stored server certificate of the first anchor point device is judged to be capable of decrypting the digital signature.
With reference to the fourth aspect, in a third possible implementation manner of the fourth aspect, the manner in which the searching unit searches whether the first anchor point device exists in the current local area network where the terminal is located includes:
sending an anchor point device discovery request to the device in the current local area network of the terminal in a multicast mode;
receiving a response message sent by anchor point equipment, wherein the response message comprises an equipment identifier of the anchor point equipment;
generating a digital signature, and sending the digital signature to the anchor point device according to the device identifier of the anchor point device, so that the anchor point device encrypts the digital signature according to the stored first private key;
receiving the digital signature encrypted by the anchor point device, and determining that the first public key of the server certificate of the first anchor point device stored in the storage device can decrypt the encrypted digital signature, so as to determine that the anchor point device is the first anchor point device.
With reference to the second or third possible implementation manner of the fourth aspect, in a fourth possible implementation manner of the fourth aspect, the terminal further includes:
the receiving unit is used for receiving a first public key of the server certificate of the first anchor point device issued by the DRM server;
a storage unit, configured to store the first public key of the server certificate of the first anchor point device received by the receiving unit.
With reference to the fourth possible implementation manner of the fourth aspect, in a fifth possible implementation manner of the fourth aspect, the terminal further includes:
and the sending unit is used for reporting the equipment identification information of the terminal to a service platform so that the service platform can add the terminal into the set home local area network of the first anchor point equipment according to the equipment identification information of the terminal.
In a fifth aspect, an anchor device, the anchor device comprising:
a receiving unit, configured to receive an anchor point device discovery request sent by a terminal;
a sending unit, configured to send a response message to the terminal after the receiving unit receives the anchor point device discovery request, where the response message carries device identification information of the anchor point device;
the receiving unit is further configured to receive a digital signature sent by the terminal according to the response message after the sending unit sends the response message;
the encryption unit is used for encrypting the digital signature received by the receiving unit according to the stored first private key;
the sending unit is further configured to send the digital signature encrypted by the encryption unit to the terminal, so that the terminal determines whether the current local area network where the terminal is located is a home local area network of the terminal, and determines whether to use the content according to the determination result.
In a sixth aspect, an anchor device, the anchor device comprising:
a receiving unit, configured to receive an anchor point device discovery request sent by a terminal;
the encryption unit is used for generating a digital signature after the receiving unit receives the anchor point device discovery request, and encrypting the digital signature according to a stored first private key;
and the sending unit is used for sending the digital signature encrypted by the encryption unit to the terminal, so that the terminal judges whether the current local area network is the home local area network or not and determines whether to use the content or not according to the judgment result.
In a seventh aspect, a terminal includes a memory and a processor, and is configured to execute the method according to the first aspect or any one of the first to fifth possible implementation manners of the first aspect.
In an eighth aspect, an anchor device comprises a memory and a processor for performing the method of the second aspect.
In a ninth aspect, an anchor point device comprises a memory and a processor for performing the method of the third aspect.
In the embodiment of the invention, if the digital copyright type of the content is the home network copyright, whether a first anchor point device exists in the current local area network of the terminal is searched, and the first anchor point device is a non-mobile anchor point device in the home local area network of the terminal; and if the first anchor point equipment exists, determining that the current local area network is the home local area network of the terminal, and playing the content, so that the user is controlled to use the content in the home local area network.
Drawings
FIG. 1 is a flow chart of a method for controlling the scope of content usage provided by an embodiment of the present invention;
FIG. 2 is a flow chart of a method for controlling the scope of content usage according to another embodiment of the present invention;
FIG. 3 is a flow chart of a method for controlling the scope of content usage according to another embodiment of the present invention;
FIG. 4 is a flow chart of a method for controlling the scope of content usage according to another embodiment of the present invention
Fig. 5 is a schematic structural diagram of a terminal according to an embodiment of the present invention;
fig. 6 is a schematic structural diagram of an anchor point device according to an embodiment of the present invention;
fig. 7 is a schematic structural diagram of an anchor point device according to another embodiment of the present invention;
fig. 8 is a schematic structural diagram of a terminal according to another embodiment of the present invention;
fig. 9 is a schematic structural diagram of an anchor point device according to another embodiment of the present invention;
fig. 10 is a schematic structural diagram of an anchor point device according to another embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, embodiments of the present invention will be described in detail with reference to the accompanying drawings.
Referring to fig. 1, an embodiment of the present invention provides a method for controlling a range of content usage, including:
step 101: acquiring an encrypted media stream of the content and a digital copyright of the content according to a content on-demand request of a user;
step 102: determining the digital copyright type of the content as a home network copyright according to the digital copyright of the content;
step 103: searching whether a current local area network where the terminal is located has a first anchor point device, wherein the first anchor point device is a non-mobile anchor point device in a home local area network of the terminal;
step 104: and if the first anchor point equipment exists, determining that the current local area network where the terminal is located is the home local area network of the terminal, decrypting the encrypted media stream of the content by using the digital copyright and playing the encrypted media stream.
In the embodiment of the invention, if the digital copyright type of the content is the home network copyright, whether a first anchor point device exists in the current local area network of the terminal is searched, wherein the first anchor point device is a non-mobile anchor point device in the home network of the terminal; and if the first anchor point equipment exists, determining that the current local area network is the home local area network of the terminal, and playing the content, so that the user is controlled to use the content in the home local area network.
The embodiment of the invention provides a method for controlling the content use range.
In the embodiment of the invention, a user opens an account in advance to an operator, the operator allocates an anchor point device for the user, the anchor point device is a non-mobile physical device, and the anchor point device is used as a first anchor point device in a home local area network corresponding to the user. Then, the service platform generates a service certificate and a first private key of the first anchor device, where the service certificate at least includes a first public key corresponding to the first private key, and may also include information such as a certificate serial number and/or a validity period, stores the first private key of the first anchor device in the first anchor device, and stores a user account of the user and the service certificate of the first anchor device in a corresponding relationship between the user account and the service certificate in a DRM (Digital rights management) server. Or,
in the embodiment of the present invention, a device manufacturer produces an anchor point device, where the anchor point device is a non-mobile physical device, obtains a service certificate and a first private key of the anchor point device at the same time, and stores the service certificate and the first private key of the anchor point device in the anchor point device. When a user opens an account to an operator, the operator selects an anchor point device for the user from anchor point devices produced by device manufacturers, and the selected anchor point device is used as a first anchor point device in a home local area network corresponding to the user. The service platform acquires the service certificate of the first anchor point device from the first anchor point device, and stores the user account of the user and the service certificate of the first anchor point device in the corresponding relation between the user account and the service certificate in the DRM server.
Further, the service platform may further generate a device certificate of the first anchor point device according to the device identification information of the first anchor point device, where the device certificate includes the device identification information of the first anchor point device, the second public key, and the second private key, and store the device certificate of the first anchor point device in the DRM server.
The user can deploy the first anchor point device in the home local area network, the terminal in the home local area network can register in the service platform and add the terminal to the home local area network, then the first anchor point device is used for determining whether the terminal is located in the home local area network, and the content is used according to the determination result. Referring to fig. 2, the method includes:
step 201: the terminal sends a registration request message to the service platform, wherein the registration request message carries a user account of a user;
further, the registration request message may also carry device identification information of the terminal.
Further, the terminal reports the device identification information of the terminal to the service platform, so that the service platform adds the terminal to the home local area network of the set first anchor point device according to the device identification information of the terminal.
Step 202: the service platform receives the registration request message, and acquires a service certificate of first anchor point equipment in a home local area network where the terminal is located according to a user account carried by the registration request message;
specifically, the service platform acquires a corresponding service certificate from the corresponding relationship between the user account and the service certificate in the DRM server according to the user account carried in the registration request message, and uses the acquired service certificate as the service certificate of the first anchor point device in the home lan where the terminal is located.
Further, the service platform may generate the device certificate of the terminal according to the device identification information of the terminal carried in the registration request message, where the device certificate includes the device identification information of the terminal, the second public key, and the second private key, and store the device certificate of the terminal in the DRM server.
Step 203: the service platform sends the acquired service certificate of the first anchor point device to the terminal;
further, if the service platform generates the device certificate of the terminal, the service platform may also send the device certificate of the terminal to the terminal.
Step 204: the terminal receives a service certificate of the first anchor point device sent by the service platform and stores the service certificate of the first anchor point device;
further, the terminal may also receive the device certificate of the terminal sent by the service platform, and store the device certificate of the terminal.
The streaming media server comprises a digital product, wherein the digital product comprises content identification information and a digital copyright type of a content. A user can use a terminal to a streaming media server to purchase a certain digital product, and the digital copyright type included in the digital product is assumed to be a home network copyright; and after the user purchases the digital product, the terminal sends the product identification of the digital product purchased by the user and the user account of the user to the service platform. The service platform receives the product identification of the digital product and the user account of the user, acquires the content identification and the digital copyright type of the content included in the digital product according to the product identification of the digital product, forms the digital copyright of the content by the content identification information, the digital copyright type and the decryption key of the content included in the digital product, and stores the user account of the user and the digital copyright in the corresponding relation between the user account and the digital copyright in the DRM server.
Step 205: when the content needs to be used, the terminal sends a content on demand request of the user to the service platform, wherein the content on demand request carries a user account of the user and the content identification information of the content;
step 206: the service platform receives the content on-demand request, acquires the digital copyright and the encrypted media stream of the content purchased by the user according to the content on-demand request, and sends the digital copyright and the encrypted media stream of the content to the terminal;
specifically, the service platform receives the content on demand request, acquires the digital rights of all the contents purchased by the user from the corresponding relationship between the user account and the digital rights in the DRM server according to the user account of the user carried by the content on demand request, acquires the digital rights of the contents from the digital rights of all the contents purchased by the user according to the content identification information of the contents, acquires the encrypted media stream of the contents according to the content identification information of the contents, and sends the digital rights and the encrypted media stream of the contents to the terminal.
Further, the service platform may further obtain the device certificate of the terminal from the DRM server according to the identification information of the terminal, encrypt the digital rights of the content according to a second private key included in the device certificate of the terminal, and then send the encrypted digital rights of the content to the terminal.
The digital copyright of the content comprises decryption, content identification information of the content and the type of the digital copyright is home network copyright.
Step 207: the terminal receives the digital copyright and the encrypted media stream of the content, and determines the range of using the content as a home local area network according to the digital copyright of the content;
specifically, the terminal receives the digital rights and the encrypted media stream of the content, and determines that the range of using the content is the home local area network according to the fact that the type of the digital rights of the content included in the digital rights is the home network rights.
Further, after receiving the digital right of the content, the terminal decrypts the digital right of the content according to a second public key included in the device certificate stored in the terminal, and then determines that the range of using the content is the home local area network according to the decrypted digital right of the content.
Step 208: the terminal searches whether a first anchor point device exists in a current local area network where the terminal is located, wherein the first anchor point device is a non-mobile anchor point device in a home local area network where the terminal is located;
specifically, a terminal multicasts an anchor point device discovery request to a network device in a current local area network where the terminal is located, and a non-mobile anchor point device in the current local area network responds after receiving the anchor point device discovery request; the terminal receives a response message for the anchor point device to respond, wherein the response message carries the device identification information of the anchor point device, so that the non-mobile anchor point device in the current local area network where the terminal is located is determined; and the terminal determines whether the anchor point equipment corresponding to the equipment identification information is the first anchor point equipment according to the service certificate of the first anchor point equipment, and if so, determines that the first anchor point equipment exists in the current local area network where the equipment identification information is located.
The terminal multicasts the discovery request of the anchor point device to the network device in the current local area network where the terminal is located. The anchor point device in the current local area network receives the anchor point device discovery request and starts responding, namely the anchor point device sends a response message to the terminal, wherein the response message carries the device identification information of the anchor point device. The terminal receives the response message sent by the anchor point device, determines whether the anchor point device corresponding to the device identification information is the first anchor point device according to the service certificate of the first anchor point device stored by the terminal, and searches that the first anchor point device exists in the current network where the terminal is located if the anchor point device corresponding to the device identification information is the first anchor point device.
The determining, by the terminal, whether the anchor point device corresponding to the device identification information is the first anchor point device according to the service certificate of the first anchor point device may include:
the terminal generates a digital signature and sends the digital signature to the anchor point device according to the device identification information; the anchor point device encrypts the digital signature according to the stored first private key and sends the encrypted digital signature; and the terminal receives the encrypted digital signature sent by the anchor point device, decrypts the encrypted digital signature according to a first public key included in a service certificate of the first anchor point device stored by the terminal, and if the digital signature is decrypted successfully, the anchor point device corresponding to the device identifier is determined to be the first anchor point device, namely the current local area network where the terminal is located is determined to be the home local area network where the terminal is located.
In the embodiment of the present invention, the terminal may also send an anchor point device discovery request to a device in its current local area network in a multicast manner. And the anchor point equipment in the local area network receives the anchor point equipment discovery request, generates a digital signature, encrypts the digital signature according to the stored first private key, and sends a response message to the terminal, wherein the response message carries the encrypted digital signature. And the terminal receives the response message sent by the anchor point device, judges that the first public key of the stored server certificate of the first anchor point device can decrypt the digital signature, and determines that the anchor point device is the first anchor point device.
Step 209: and if the terminal searches the first anchor point device, determining that the terminal is positioned in the home local area network where the terminal is positioned, decrypting the encrypted media stream of the content by using the digital copyright and playing the encrypted media stream.
Specifically, if the terminal searches the first anchor point device, it determines that the terminal is located in the home lan where the terminal is located, decrypts the encrypted media stream of the content according to a decryption key included in the digital right of the content, and plays the media stream of the content after decryption.
In the embodiment of the invention, the terminal registers to the service platform and obtains the service certificate of the first anchor point device in the home local area network where the terminal is located. When the content needs to be used, the terminal obtains the digital version of the content from the service platform, and determines that the content use range is the home local area network according to the digital copyright of the content, then whether the anchor point device exists in the current local area network where the terminal is located is searched, whether the anchor point device is the first anchor point device is determined according to the service certificate of the first device, if so, the current local area network is determined to be the home local area network of the terminal, and the content is used, so that the user is controlled to use the content in the home local area network.
Referring to fig. 3, an embodiment of the present invention provides a method for controlling a range of content usage, including:
step 301: receiving an anchor point device discovery request sent by a terminal;
step 302: sending a response message to the terminal, wherein the response message carries the equipment identification information of the anchor point equipment;
step 303: receiving the digital signature sent by the terminal according to the response message;
step 304: encrypting the digital signature according to the stored first private key;
step 305: and sending the encrypted digital signature to the terminal, so that the terminal judges whether the current local area network is the home local area network or not and determines whether to use the content or not according to the judgment result.
In the embodiment of the invention, the digital signature sent by the terminal is received, the digital signature is encrypted according to the stored first private key, and the encrypted digital signature is sent to the terminal, so that the terminal judges whether the current local area network is the home local area network of the terminal and determines whether to use the content according to the judgment result, and thus, the user is controlled to use the content in the home local area network.
Referring to fig. 4, an embodiment of the present invention provides a method for controlling a range of content usage, including:
step 401: receiving an anchor point device discovery request sent by a terminal;
step 402: generating a digital signature, and encrypting the digital signature according to a stored first private key;
step 403: and sending the encrypted digital signature to the terminal, so that the terminal judges whether the current local area network is the home local area network or not and determines whether to use the content or not according to the judgment result.
In the embodiment of the invention, an anchor point device discovery request sent by a terminal is received, a digital signature is generated, the digital signature is encrypted according to a stored first private key, the encrypted digital signature is sent to the terminal, the terminal is enabled to judge whether the current local area network where the terminal is located is the home local area network of the terminal and determine whether to use the content according to the judgment result, and therefore, the purpose that a user uses the content in the home local area network is achieved.
Referring to fig. 5, an embodiment of the present invention provides a terminal, including:
an obtaining unit 501, configured to obtain, according to a content on-demand request of a user, an encrypted media stream of the content and a digital rights of the content;
a determining unit 502, configured to determine, according to the digital rights of the content acquired by the acquiring unit 501, that the type of the digital rights of the content is a home network rights;
a searching unit 503, configured to search whether a first anchor point device exists in a current local area network where the terminal is located after the determining unit 502 determines that the current local area network is the home network copyright, where the first anchor point device is a non-mobile anchor point device in the home local area network of the terminal;
the determining unit 502 is further configured to determine that the current local area network where the terminal is located is a home local area network of the terminal if the searching unit 503 searches that the first anchor point device exists, and decrypt and play the encrypted media stream of the content using the digital rights.
The determining unit 502 determines, according to the digital rights of the content, that the type of the digital rights of the content is a home network rights, including:
and analyzing the digital copyright of the content, and determining that the digital copyright contains the family mark, and then determining that the type of the digital copyright of the content is the family network copyright.
The searching unit 503 is configured to search whether the first anchor point device exists in the current local area network where the terminal is located, and includes:
sending an anchor point device discovery request to the device in the current local area network of the terminal in a multicast mode;
receiving a response message sent by anchor point equipment, wherein the response message comprises a digital signature generated by the anchor point equipment;
and determining that the anchor point device is the first anchor point device if the first public key of the stored server certificate of the first anchor point device is judged to be capable of decrypting the digital signature.
The searching unit 503 is configured to search whether the first anchor point device exists in the current local area network where the terminal is located, and includes:
sending an anchor point device discovery request to the device in the current local area network of the terminal in a multicast mode;
receiving a response message sent by anchor point equipment, wherein the response message comprises an equipment identifier of the anchor point equipment;
generating a digital signature, and sending the digital signature to the anchor point device according to the device identifier of the anchor point device, so that the anchor point device encrypts the digital signature according to the stored first private key;
receiving the digital signature encrypted by the anchor point device, and determining that the first public key of the server certificate of the first anchor point device stored in the storage device can decrypt the encrypted digital signature, so as to determine that the anchor point device is the first anchor point device.
Further, the terminal further includes:
the receiving unit is used for receiving a first public key of the server certificate of the first anchor point device issued by the DRM server;
a storage unit, configured to store the first public key of the server certificate of the first anchor point device received by the receiving unit.
Further, the terminal further includes:
and the sending unit is used for reporting the equipment identification information of the terminal to a service platform so that the service platform can add the terminal into the set home local area network of the first anchor point equipment according to the equipment identification information of the terminal.
In the embodiment of the invention, if the digital copyright type of the content is the home network copyright, whether a first anchor point device exists in the current local area network of the terminal is searched, and the first anchor point device is a non-mobile anchor point device in the home local area network of the terminal; and if the first anchor point equipment exists, determining that the current local area network is the home local area network of the terminal, and playing the content, so that the user is controlled to use the content in the home local area network.
Referring to fig. 6, an embodiment of the present invention provides an anchor point device, including:
a receiving unit 601, configured to receive an anchor point device discovery request sent by a terminal;
a sending unit 602, configured to send a response message to the terminal, where the response message carries device identification information of an anchor point device;
the receiving unit 601 is further configured to receive a digital signature sent by the terminal according to the response message;
an encryption unit 603 configured to perform encryption processing on the digital signature received by the receiving unit 601 according to the stored first private key;
the sending unit 602 is further configured to send the digital signature encrypted by the encrypting unit 603 to the terminal, so that the terminal determines whether the current lan where the terminal is located is a home lan of the terminal, and determines whether to use the content according to the determination result.
In the embodiment of the invention, the digital signature sent by the terminal is received, the digital signature is encrypted according to the stored first private key, and the encrypted digital signature is sent to the terminal, so that the terminal judges whether the current local area network is the home local area network of the terminal and determines whether to use the content according to the judgment result, and thus, the user is controlled to use the content in the home local area network.
Referring to fig. 7, an embodiment of the present invention provides an anchor point device, including:
a receiving unit 701, configured to receive an anchor point device discovery request sent by a terminal;
an encrypting unit 702, configured to generate a digital signature after the receiving unit 701 receives the anchor point device discovery request, and encrypt the digital signature according to a stored first private key;
a sending unit 703, configured to send the digital signature encrypted by the encrypting unit 702 to the terminal, so that the terminal determines whether the current local area network where the terminal is located is a home local area network of the terminal, and determines whether to use the content according to the determination result.
In the embodiment of the invention, an anchor point device discovery request sent by a terminal is received, a digital signature is generated, the digital signature is encrypted according to a stored first private key, the encrypted digital signature is sent to the terminal, the terminal is enabled to judge whether the current local area network where the terminal is located is the home local area network of the terminal and determine whether to use the content according to the judgment result, and therefore, the purpose that a user uses the content in the home local area network is achieved.
Referring to fig. 8, an embodiment of the present invention provides a terminal, which includes a memory 801 and a processor 802, and is configured to execute the following method:
acquiring an encrypted media stream of the content and a digital copyright of the content according to a content on-demand request of a user;
determining the digital copyright type of the content as a home network copyright according to the digital copyright of the content;
searching whether a current local area network where a terminal is located has a first anchor point device, wherein the first anchor point device is a non-mobile anchor point device in a home local area network of the terminal;
and if the first anchor point equipment exists, determining that the current local area network where the terminal is located is the home local area network of the terminal, and decrypting the encrypted media stream of the content by using the digital copyright and playing the encrypted media stream.
Preferably, the determining, according to the digital rights of the content, that the type of the digital rights of the content is a home network rights includes:
and analyzing the digital copyright of the content, and determining that the digital copyright contains the family mark, and then determining that the type of the digital copyright of the content is the family network copyright.
Preferably, the searching whether the first anchor point device exists in the current local area network where the terminal is located includes:
sending an anchor point device discovery request to the device in the current local area network of the terminal in a multicast mode;
receiving a response message sent by anchor point equipment, wherein the response message comprises a digital signature generated by the anchor point equipment;
and determining that the anchor point device is the first anchor point device if the first public key of the stored server certificate of the first anchor point device is judged to be capable of decrypting the digital signature.
Preferably, the searching whether the first anchor point device exists in the current local area network where the terminal is located includes:
sending an anchor point device discovery request to the device in the current local area network of the terminal in a multicast mode;
receiving a response message sent by anchor point equipment, wherein the response message comprises an equipment identifier of the anchor point equipment;
generating a digital signature, and sending the digital signature to the anchor point device according to the device identifier of the anchor point device, so that the anchor point device encrypts the digital signature according to the stored first private key;
receiving the digital signature encrypted by the anchor point device, and determining that the first public key of the server certificate of the first anchor point device stored in the storage device can decrypt the encrypted digital signature, so as to determine that the anchor point device is the first anchor point device.
Preferably, before searching whether the first anchor point device exists in the current local area network where the terminal is located, the method further includes:
receiving a first public key of a server certificate of the first anchor point device issued by a DRM server;
storing a first public key of a server certificate of the first anchor device.
Preferably, before receiving the public key of the server certificate of the first anchor point device issued by the DRM server, the method further includes:
and reporting the equipment identification information of the terminal to a service platform so that the service platform adds the terminal to the set home local area network of the first anchor point equipment according to the equipment identification information of the terminal.
In the embodiment of the invention, if the digital copyright type of the content is the home network copyright, whether a first anchor point device exists in the current local area network of the terminal is searched, and the first anchor point device is a non-mobile anchor point device in the home local area network of the terminal; and if the first anchor point equipment exists, determining that the current local area network is the home local area network of the terminal, and playing the content, so that the user is controlled to use the content in the home local area network.
Referring to fig. 9, an embodiment of the present invention provides an anchor point device, including a memory 901 and a processor 902, configured to perform the following method:
receiving an anchor point device discovery request sent by a terminal;
sending a response message to the terminal, wherein the response message carries equipment identification information of the anchor point equipment;
receiving a digital signature sent by the terminal according to the response message;
encrypting the digital signature according to the stored first private key;
and sending the encrypted digital signature to the terminal, so that the terminal judges whether the current local area network is the home local area network or not and determines whether to use the content or not according to the judgment result.
In the embodiment of the invention, the digital signature sent by the terminal is received, the digital signature is encrypted according to the stored first private key, and the encrypted digital signature is sent to the terminal, so that the terminal judges whether the current local area network is the home local area network of the terminal and determines whether to use the content according to the judgment result, and thus, the user is controlled to use the content in the home local area network.
Referring to fig. 10, an embodiment of the present invention provides an anchor point device, including a memory 1001 and a processor 1002, configured to perform the following method:
receiving an anchor point device discovery request sent by a terminal;
generating a digital signature, and encrypting the digital signature according to a stored first private key;
and sending the encrypted digital signature to the terminal, so that the terminal judges whether the current local area network is the home local area network or not and determines whether to use the content or not according to the judgment result.
In the embodiment of the invention, an anchor point device discovery request sent by a terminal is received, a digital signature is generated, the digital signature is encrypted according to a stored first private key, the encrypted digital signature is sent to the terminal, the terminal is enabled to judge whether the current local area network where the terminal is located is the home local area network of the terminal and determine whether to use the content according to the judgment result, and therefore, the purpose that a user uses the content in the home local area network is achieved.
It will be understood by those skilled in the art that all or part of the steps for implementing the above embodiments may be implemented by hardware, or may be implemented by a program instructing relevant hardware, where the program may be stored in a computer-readable storage medium, and the above-mentioned storage medium may be a read-only memory, a magnetic disk or an optical disk, etc.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like that fall within the spirit and principle of the present invention are intended to be included therein.
Claims (19)
1. A method of controlling a scope of content usage, the method comprising:
acquiring an encrypted media stream of the content and a digital copyright of the content according to a content on-demand request of a user;
determining the digital copyright type of the content as a home network copyright according to the digital copyright of the content;
searching whether a current local area network where a terminal is located has a first anchor point device, wherein the first anchor point device is a non-mobile anchor point device in a home local area network of the terminal;
and if the first anchor point equipment exists, determining that the current local area network where the terminal is located is the home local area network of the terminal, and decrypting the encrypted media stream of the content by using the digital copyright and playing the encrypted media stream.
2. The method of claim 1, wherein the determining the type of the digital right of the content as a home network right according to the digital right of the content comprises:
and analyzing the digital copyright of the content, and determining that the digital copyright contains the family mark, and then determining that the type of the digital copyright of the content is the family network copyright.
3. The method of claim 1, wherein the searching whether the first anchor point device exists in the current local area network where the terminal is located comprises:
sending an anchor point device discovery request to the device in the current local area network of the terminal in a multicast mode; receiving a response message sent by anchor point equipment, wherein the response message comprises a digital signature generated by the anchor point equipment;
and determining that the anchor point device is the first anchor point device if the first public key of the stored server certificate of the first anchor point device is judged to be capable of decrypting the digital signature.
4. The method of claim 1, wherein the searching whether the first anchor point device exists in the current local area network where the terminal is located comprises:
sending an anchor point device discovery request to the device in the current local area network of the terminal in a multicast mode;
receiving a response message sent by anchor point equipment, wherein the response message comprises an equipment identifier of the anchor point equipment;
generating a digital signature, and sending the digital signature to the anchor point device according to the device identifier of the anchor point device, so that the anchor point device encrypts the digital signature according to the stored first private key;
receiving the digital signature encrypted by the anchor point device, and determining that the first public key of the server certificate of the first anchor point device stored in the storage device can decrypt the encrypted digital signature, so as to determine that the anchor point device is the first anchor point device.
5. The method of claim 3 or 4, wherein before searching whether the first anchor point device exists in the current local area network where the terminal is located, the method further comprises:
receiving a first public key of a server certificate of the first anchor point device issued by a DRM server;
storing a first public key of a server certificate of the first anchor device.
6. The method of claim 5, wherein before receiving the first public key of the server certificate of the first anchor device issued by the Digital Rights Management (DRM) server, further comprising:
and reporting the equipment identification information of the terminal to a service platform so that the service platform adds the terminal to the set home local area network of the first anchor point equipment according to the equipment identification information of the terminal.
7. A method of controlling a scope of content usage, the method comprising:
receiving an anchor point device discovery request sent by a terminal;
sending a response message to the terminal, wherein the response message carries equipment identification information of the anchor point equipment;
receiving a digital signature sent by the terminal according to the response message;
encrypting the digital signature according to the stored first private key;
and sending the encrypted digital signature to the terminal, so that the terminal judges whether the current local area network is the home local area network or not and determines whether to use the content or not according to the judgment result.
8. A method of controlling a scope of content usage, the method comprising:
receiving an anchor point device discovery request sent by a terminal;
generating a digital signature, and encrypting the digital signature according to a stored first private key;
and sending the encrypted digital signature to the terminal, so that the terminal judges whether the current local area network is the home local area network or not and determines whether to use the content or not according to the judgment result.
9. A terminal, characterized in that the terminal comprises:
the device comprises an acquisition unit, a processing unit and a processing unit, wherein the acquisition unit is used for acquiring an encrypted media stream of the content and a digital copyright of the content according to a content on-demand request of a user;
a determining unit, configured to determine, according to the digital rights of the content acquired by the acquiring unit, that the type of the digital rights of the content is a home network rights;
the searching unit is used for searching whether a first anchor point device exists in a current local area network where the terminal is located after the determining unit determines that the terminal is the home network copyright, wherein the first anchor point device is a non-mobile anchor point device in the home local area network of the terminal;
the determining unit is further configured to determine that the current local area network where the terminal is located is a home local area network of the terminal if the searching unit searches that the first anchor point device exists, and decrypt and play the encrypted media stream of the content using the digital rights.
10. The terminal according to claim 9, wherein the determining unit determines a manner in which the type of the digital rights of the content is a home network rights, based on the digital rights of the content, includes:
and analyzing the digital copyright of the content, and determining that the digital copyright contains the family mark, and then determining that the type of the digital copyright of the content is the family network copyright.
11. The terminal of claim 9, wherein the manner of searching whether the first anchor point device exists in the current local area network where the terminal is located by the searching unit comprises:
sending an anchor point device discovery request to the device in the current local area network of the terminal in a multicast mode;
receiving a response message sent by anchor point equipment, wherein the response message comprises a digital signature generated by the anchor point equipment;
and determining that the anchor point device is the first anchor point device if the first public key of the stored server certificate of the first anchor point device is judged to be capable of decrypting the digital signature.
12. The terminal of claim 9, wherein the manner of searching whether the first anchor point device exists in the current local area network where the terminal is located by the searching unit comprises:
sending an anchor point device discovery request to the device in the current local area network of the terminal in a multicast mode;
receiving a response message sent by anchor point equipment, wherein the response message comprises an equipment identifier of the anchor point equipment;
generating a digital signature, and sending the digital signature to the anchor point device according to the device identifier of the anchor point device, so that the anchor point device encrypts the digital signature according to the stored first private key;
receiving the digital signature encrypted by the anchor point device, and determining that the first public key of the server certificate of the first anchor point device stored in the storage device can decrypt the encrypted digital signature, so as to determine that the anchor point device is the first anchor point device.
13. The terminal according to claim 11 or 12, characterized in that the terminal further comprises:
the receiving unit is used for receiving a first public key of the server certificate of the first anchor point device issued by a DRM server;
a storage unit, configured to store the first public key of the server certificate of the first anchor point device received by the receiving unit.
14. The terminal of claim 13, wherein the terminal further comprises:
and the sending unit is used for reporting the equipment identification information of the terminal to a service platform so that the service platform can add the terminal into the set home local area network of the first anchor point equipment according to the equipment identification information of the terminal.
15. An anchor device, comprising:
a receiving unit, configured to receive an anchor point device discovery request sent by a terminal;
a sending unit, configured to send a response message to the terminal after the receiving unit receives the anchor point device discovery request, where the response message carries device identification information of the anchor point device;
the receiving unit is further configured to receive a digital signature sent by the terminal according to the response message after the sending unit sends the response message;
the encryption unit is used for encrypting the digital signature received by the receiving unit according to the stored first private key;
the sending unit is further configured to send the digital signature encrypted by the encryption unit to the terminal, so that the terminal determines whether the current local area network where the terminal is located is a home local area network of the terminal, and determines whether to use the content according to the determination result.
16. An anchor device, comprising:
a receiving unit, configured to receive an anchor point device discovery request sent by a terminal;
the encryption unit is used for generating a digital signature after the receiving unit receives the anchor point device discovery request, and encrypting the digital signature according to a stored first private key;
and the sending unit is used for sending the digital signature encrypted by the encryption unit to the terminal, so that the terminal judges whether the current local area network is the home local area network or not and determines whether to use the content or not according to the judgment result.
17. A terminal, characterized in that the terminal comprises a memory and a processor for performing the method according to any of claims 1 to 6.
18. An anchor device, comprising a memory and a processor configured to perform the method of claim 7.
19. An anchor device, comprising a memory and a processor configured to perform the method of claim 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310262777.0A CN104253794B (en) | 2013-06-27 | 2013-06-27 | A kind of method and device for the scope that control content uses |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310262777.0A CN104253794B (en) | 2013-06-27 | 2013-06-27 | A kind of method and device for the scope that control content uses |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104253794A true CN104253794A (en) | 2014-12-31 |
| CN104253794B CN104253794B (en) | 2017-12-01 |
Family
ID=52188335
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310262777.0A Active CN104253794B (en) | 2013-06-27 | 2013-06-27 | A kind of method and device for the scope that control content uses |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104253794B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104837035A (en) * | 2015-04-30 | 2015-08-12 | 华为软件技术有限公司 | Video playing method and terminal |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1859245A (en) * | 2005-11-02 | 2006-11-08 | 华为技术有限公司 | Power managing method in digital household network and household network system |
| CN101459826A (en) * | 2008-12-30 | 2009-06-17 | 青岛华威视通数字传媒有限公司 | Copyright protection method for video play-on-demand system |
| CN101814990A (en) * | 2010-04-15 | 2010-08-25 | 华中科技大学 | Home network-oriented digital rights certificate management system |
| CN101951335A (en) * | 2010-09-29 | 2011-01-19 | 广州市聚晖电子科技有限公司 | System and method for realizing interconnection and interworking protocol stack between digital home network devices |
| CN102177676A (en) * | 2008-10-10 | 2011-09-07 | 三星电子株式会社 | System and method for setting up security for controlled device by control point in a home network |
| CN102655511A (en) * | 2012-05-25 | 2012-09-05 | 中山大学 | Home gateway based cloud security decryption method and system |
-
2013
- 2013-06-27 CN CN201310262777.0A patent/CN104253794B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1859245A (en) * | 2005-11-02 | 2006-11-08 | 华为技术有限公司 | Power managing method in digital household network and household network system |
| CN102177676A (en) * | 2008-10-10 | 2011-09-07 | 三星电子株式会社 | System and method for setting up security for controlled device by control point in a home network |
| CN101459826A (en) * | 2008-12-30 | 2009-06-17 | 青岛华威视通数字传媒有限公司 | Copyright protection method for video play-on-demand system |
| CN101814990A (en) * | 2010-04-15 | 2010-08-25 | 华中科技大学 | Home network-oriented digital rights certificate management system |
| CN101951335A (en) * | 2010-09-29 | 2011-01-19 | 广州市聚晖电子科技有限公司 | System and method for realizing interconnection and interworking protocol stack between digital home network devices |
| CN102655511A (en) * | 2012-05-25 | 2012-09-05 | 中山大学 | Home gateway based cloud security decryption method and system |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104837035A (en) * | 2015-04-30 | 2015-08-12 | 华为软件技术有限公司 | Video playing method and terminal |
| CN104837035B (en) * | 2015-04-30 | 2018-07-13 | 华为软件技术有限公司 | A kind of video broadcasting method and terminal |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104253794B (en) | 2017-12-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11055429B2 (en) | Key providing method, video playing method, server and client | |
| CN107645725B (en) | Network configuration method and system, routing equipment and network access equipment | |
| JP4981921B2 (en) | Method and apparatus for license creation in a mobile digital rights management network | |
| CN109146481B (en) | Method, medium and device for automatically importing account private key of blockchain wallet and blockchain system | |
| US9633029B2 (en) | Method, server, and user terminal for providing and acquiring media content | |
| CN107801165B (en) | Business short message pushing method and device, computer equipment and storage medium | |
| US9251334B1 (en) | Enabling playback of media content | |
| US7995766B2 (en) | Group subordinate terminal, group managing terminal, server, key updating system, and key updating method therefor | |
| CN103003821A (en) | Method and apparatus for providing drm service | |
| JP2008524914A (en) | Digital Rights Management Method for Broadcast / Multicast Service | |
| WO2013056622A1 (en) | Method for verifying access identity of set top box and authentication server | |
| US20180183582A1 (en) | Encryption management, content recording management, and playback management in a network environment | |
| JP4666015B2 (en) | Content distribution system, content receiving terminal, and content distribution method | |
| JP2011172276A (en) | Method, device and system for relating entities for protecting content to each other | |
| CN111726801B (en) | Network security control method | |
| CN104298896A (en) | Method and system for managing and distributing digital rights | |
| US20120272055A1 (en) | Method and apparatus for establishing secured link between devices | |
| CN104813334A (en) | Network terminal system, display device, terminal device, information processing method in display device, and program | |
| JP2017050846A (en) | Authentication method, notification method, source equipment and sink equipment | |
| CN104462877B (en) | A kind of digital resource acquisition method under copyright protection and system | |
| JP2009508431A (en) | Inter-entity linking method and apparatus for service protection, and system thereof | |
| US20160210596A1 (en) | Method, device and system for controlling presentation of application | |
| CN104573475A (en) | Method and system for authenticating transcoding service program | |
| CN103237011A (en) | Digital-content encryption transmission method and server side | |
| CN104253794B (en) | A kind of method and device for the scope that control content uses |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20200210 Address after: 518129 Bantian HUAWEI headquarters office building, Longgang District, Guangdong, Shenzhen Patentee after: HUAWEI TECHNOLOGIES Co.,Ltd. Address before: 210012 HUAWEI Nanjing base, 101 software Avenue, Yuhuatai District, Jiangsu, Nanjing Patentee before: Huawei Technologies Co.,Ltd. |
|
| TR01 | Transfer of patent right |