CN107483987B - Authentication method and device for video stream address - Google Patents
Authentication method and device for video stream address Download PDFInfo
- Publication number
- CN107483987B CN107483987B CN201710524148.9A CN201710524148A CN107483987B CN 107483987 B CN107483987 B CN 107483987B CN 201710524148 A CN201710524148 A CN 201710524148A CN 107483987 B CN107483987 B CN 107483987B
- Authority
- CN
- China
- Prior art keywords
- authentication value
- authentication
- information
- client
- video stream
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/25—Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
- H04N21/258—Client or end-user data management, e.g. managing client capabilities, user preferences or demographics, processing of multiple end-users preferences to derive collaborative data
- H04N21/25866—Management of end-user data
- H04N21/25875—Management of end-user data involving end-user authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/25—Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
- H04N21/254—Management at additional data server, e.g. shopping server, rights management server
- H04N21/2541—Rights Management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/25—Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
- H04N21/258—Client or end-user data management, e.g. managing client capabilities, user preferences or demographics, processing of multiple end-users preferences to derive collaborative data
- H04N21/25808—Management of client data
- H04N21/25816—Management of client data involving client authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/25—Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
- H04N21/266—Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
- H04N21/26606—Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel for generating or managing entitlement messages, e.g. Entitlement Control Message [ECM] or Entitlement Management Message [EMM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/45—Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
- H04N21/462—Content or additional data management, e.g. creating a master electronic program guide from data received from the Internet and a Head-end, controlling the complexity of a video stream by scaling the resolution or bit-rate based on the client capabilities
- H04N21/4627—Rights management associated to the content
Landscapes
- Engineering & Computer Science (AREA)
- Databases & Information Systems (AREA)
- Multimedia (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Graphics (AREA)
- Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
Abstract
The embodiment of the invention provides an authentication method and a device for a video stream address, wherein the authentication method comprises the following steps: acquiring first information for authentication; obtaining a first authentication value based on the first information for authentication and a pre-received LUA script, wherein the LUA script is sent to a client by a server in advance, and the LUA script comprises an encryption algorithm of a video stream address in advance; and sending the first information for authentication and the first authentication value to a server so that the server determines a second authentication value through the encryption algorithm and the first information, and judging whether the first authentication value is matched with the second authentication value, wherein when the first authentication value is matched with the second authentication value, a client side authenticates through a video stream address. The invention solves the technical problem of lower safety of the video stream address authentication method in the prior art.
Description
Technical Field
The invention relates to the technical field of computers, in particular to an authentication method and device for video stream addresses.
Background
Video playing is performed through internet and streaming media technologies, and a video streaming address is generally required to be acquired so as to play the video.
However, for the provider of the video content, since no protection measure is taken on the video stream address for playing the video content, the video stream address is easily obtained by a hacker, so that the hacker can obtain the video content without any authorization, thereby bypassing the video website of the provider and reducing the traffic of the video website.
In order to solve the above problem, the related art adopts a method of authenticating the video stream address to protect the video stream address. However, in the existing video stream address authentication method, an encryption algorithm for authentication is easily obtained, so that the security is low.
Disclosure of Invention
The embodiment of the invention provides an authentication method and device for a video stream address, which are used for solving the technical problem of low safety of the video stream address authentication method in the prior art.
In a first aspect, the present invention provides an authentication method for video stream addresses, including:
acquiring first information for authentication;
obtaining a first authentication value based on the first information and a previously received LUA script, wherein the LUA script is sent to a client by a server in advance, and the LUA script comprises a code of an encryption algorithm of a video stream address in advance;
and sending the first information and the first authentication value to a server so that the server can determine a second authentication value through the encryption algorithm and the first information and judge whether the first authentication value is matched with the second authentication value, wherein when the first authentication value is matched with the second authentication value, a client side authenticates through a video stream address.
Optionally, before the obtaining a first authentication value based on the first information for authentication and the LUA script, the method further includes:
and storing the LUA script in an open-source memory database.
Optionally, before the obtaining a first authentication value based on the first information for authentication and the LUA script, the method further includes:
acquiring the LUA script from the open source memory database;
the obtaining a first authentication value based on the first information and the LUA script includes:
and starting an LUA engine to execute the LUA script by taking the first information as a first parameter for executing the LUA script, obtaining an execution result, and taking the execution result as the first authentication value.
Based on the same inventive concept, a second aspect of the present invention provides an authentication method for video stream addresses, including:
the method comprises the steps that an LUA script comprising an encryption algorithm code of a video stream address is sent to a client in advance;
receiving first information and a first authentication value which are sent by a client and used for authentication, wherein the first authentication value is obtained by the client based on the first information and the LUA script;
obtaining a second authentication value based on the first information and the encryption algorithm;
judging whether the first authentication value is matched with the second authentication value;
when the first authentication value is matched with the second authentication value, the server enables the video stream address to pass the authentication of the client;
and when the first authentication value is not matched with the second authentication value, the server enables the video stream address authentication not to pass through the client.
Optionally, after the server authenticates the video stream address through the client, the method further comprises:
and sending the video stream address of the target video to the client.
Optionally, before the sending the LUA script to the client, the method further comprises:
updating the LUA script;
and sending the updated LUA script to the client to update the encryption algorithm in the client.
Based on the same inventive concept, a third aspect of the present invention provides an authentication apparatus for video stream addresses, where the apparatus is a client, and includes:
the acquisition module is used for acquiring first information for authentication;
an obtaining module, configured to obtain a first authentication value based on the first information and a pre-received LUA script, where the LUA script is sent to a client by a server in advance, and a code of an encryption algorithm of a video stream address is included in the LUA script in advance;
and the sending module is used for sending the first information and the first authentication value to a server so that the server can determine a second authentication value through the encryption algorithm and the first information and judge whether the first authentication value is matched with the second authentication value, wherein when the first authentication value is matched with the second authentication value, a client side authenticates through a video stream address.
Based on the same inventive concept, a fourth aspect of the present invention provides an authentication apparatus for video stream addresses, where the apparatus is a server, and the apparatus includes:
the sending module is used for sending the LUA script comprising the encryption algorithm code of the video stream address to the client in advance;
a receiving module, configured to receive first information and a first authentication value that are sent by a client and used for authentication, where the first authentication value is obtained by the client based on the first information and the LUA script;
an obtaining module, configured to obtain a second authentication value based on the first information and the authentication algorithm;
the judging module is used for judging whether the first authentication value is matched with the second authentication value;
the first processing module is used for enabling the server to enable the video stream address to pass the authentication of the client when the first authentication value is matched with the second authentication value;
and the second processing module is used for enabling the video stream address authentication not to pass through the client side by the server when the first authentication value is not matched with the second authentication value.
Based on the same inventive concept, a fifth aspect of the present invention provides a computer-readable storage medium having stored thereon a computer program which, when executed by a processor, performs the steps of:
acquiring first information for authentication;
obtaining a first authentication value based on the first information and a previously received LUA script, wherein the LUA script is sent to a client by a server in advance, and the LUA script comprises a code of an encryption algorithm of a video stream address in advance;
and sending the first information and the first authentication value to a server so that the server can determine a second authentication value through the encryption algorithm and the first information and judge whether the first authentication value is matched with the second authentication value, wherein when the first authentication value is matched with the second authentication value, a client side authenticates through a video stream address.
Based on the same inventive concept, a sixth aspect of the present invention provides a computer device comprising a memory, a processor, and a computer program stored on the memory and executable on the processor, the processor implementing the following steps when executing the program:
acquiring first information for authentication;
obtaining a first authentication value based on the first information and a previously received LUA script, wherein the LUA script is sent to a client by a server in advance, and the LUA script comprises a code of an encryption algorithm of a video stream address in advance;
and sending the first information and the first authentication value to a server so that the server can determine a second authentication value through the encryption algorithm and the first information and judge whether the first authentication value is matched with the second authentication value, wherein when the first authentication value is matched with the second authentication value, a client side authenticates through a video stream address.
One or more technical solutions in the embodiments of the present application have at least one or more of the following technical effects:
in the technical scheme of the embodiment of the invention, a client acquires first information for authentication; obtaining a first authentication value based on the first information and a pre-received LUA script, wherein the LUA script is sent to a client by a server in advance, and the LUA script comprises a code of an encryption algorithm of a video stream address; and sending the first information and the first authentication value to a server so that the server can determine a second authentication value through the encryption algorithm and the first information and judge whether the first authentication value is matched with the second authentication value, wherein when the first authentication value is matched with the second authentication value, a client side authenticates through a video stream address. Because the first authentication value of the client is obtained according to the first information and the LUA script received in advance, and the LUA script comprises the encryption algorithm of the video stream address in advance, firstly, the encryption algorithm is in the LUA script, so that the encryption algorithm is not easy to expose, and the LUA script is an open-source code, the code quantity is large, and the code quantity containing the encryption algorithm can be enlarged. And the client side calculates a first authentication value according to the first information and the encryption algorithm, and the server also obtains a second authentication value according to the same method, so that the server can authenticate the client side only when the first authentication value is matched with the second authentication value, thereby improving the reliability of authentication and solving the technical problem of lower safety in the video stream address authentication method in the prior art.
The foregoing description is only an overview of the technical solutions of the present invention, and the embodiments of the present invention are described below in order to make the technical means of the present invention more clearly understood and to make the above and other objects, features, and advantages of the present invention more clearly understandable.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and those skilled in the art can also obtain other drawings according to the drawings without creative efforts.
Fig. 1 is a flowchart of an authentication method for video stream addresses according to an embodiment of the present invention;
FIG. 2 is a flow chart of another method for authenticating an address of a video stream according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of an authentication apparatus for video stream addresses according to an embodiment of the present invention;
FIG. 4 is a schematic diagram of an apparatus for authenticating an address of a video stream according to another embodiment of the present invention;
fig. 5 is a schematic structural diagram of a computer device according to an embodiment of the present invention.
Detailed Description
The embodiment of the application provides an authentication method and an authentication device for a video stream address, so as to solve the technical problem of low security of the video stream address authentication method in the prior art, and achieve the technical effect of improving the security of the video stream address authentication method.
The technical scheme in the embodiment of the application has the following general idea:
acquiring first information for authentication; obtaining a first authentication value based on the first information and a previously received LUA script, wherein the LUA script is sent to a client by a server in advance, and the LUA script comprises a code of an encryption algorithm of a video stream address in advance; and sending the first information and the first authentication value to a server so that the server can determine a second authentication value through the encryption algorithm and the first information and judge whether the first authentication value is matched with the second authentication value, wherein when the first authentication value is matched with the second authentication value, a client side authenticates through a video stream address.
In the method, the first authentication value of the client is obtained according to the first information and the LUA script received in advance, and the LUA script comprises the encryption algorithm of the video stream address in advance, firstly, the encryption algorithm is in the LUA script, so that the encryption algorithm is not easy to expose, and the LUA script is an open-source code, so that the code quantity containing the encryption algorithm is large, and the authentication algorithm has to be copied from the LUA script with a large code quantity when the encryption algorithm of the video stream address needs to be cracked, so that the cracking difficulty is increased. And the client side calculates a first authentication value according to the first information and the encryption algorithm, and the server also obtains a second authentication value according to the same method, so that the server can authenticate the client side only when the first authentication value is matched with the second authentication value, thereby improving the reliability of authentication and solving the technical problem of lower safety in the video stream address authentication method in the prior art.
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Example one
The embodiment provides an authentication method for video stream addresses, as shown in fig. 1, the method includes:
step S101, acquiring first information for authentication;
step S102, obtaining a first authentication value based on the first information and a LUA script received in advance, wherein the LUA script is sent to a client in advance by a server, and the LUA script comprises a code of an encryption algorithm of a video stream address in advance;
step S103, sending the first information and the first authentication value to a server, so that the server can determine a second authentication value through the encryption algorithm and the first information, and judge whether the first authentication value is matched with the second authentication value, wherein when the first authentication value is matched with the second authentication value, the client side authenticates through a video stream address.
It should be noted that the method provided in this embodiment is applied to a client, where the client is connected to the server through a network to implement communication; in a specific implementation process, the client may be applied to a mobile terminal device (e.g., a mobile phone, a tablet computer), and may also be applied to a fixed terminal device (e.g., a desktop computer), which is not limited herein. The server is a server for processing video information.
The following describes in detail implementation steps of the method for authenticating an address of a video stream according to an embodiment of the present application with reference to fig. 1.
First, step S101 is executed to obtain first information for authentication.
In this embodiment of the application, the first information used for authentication is related to a video stream address used for requesting a target video, and the target video may be a live video or other videos. The first information is used for the server to authenticate the client, and the user requests the target video from the server. The first information used for authentication comprises authentication information of user identity, unique identification of client equipment, network address of the client and time information of a system. Taking a live video as an example, a client that needs to request to watch the live video needs to acquire first information, where the information includes authentication information of a current user, that is, Token acquired when the user logs in, room number Roomid requested by the user, unique identifier of a client device, that is, device ID, IP address (Internet Protocol address) of the client, and current Time of the system.
Then, step S102 is executed: and obtaining a first authentication value based on the first information and a previously received LUA script, wherein the LUA script is sent to the client by the server in advance, and the LUA script comprises a code of an encryption algorithm of a video stream address in advance.
Specifically, in the authentication method in the prior art, the client calculates a first result according to an encryption algorithm of a video stream address, then the server also calculates a second result according to the encryption algorithm, and then the server compares whether the first result and the second result are consistent to perform authentication. However, since video playing usually adopts Flash to play, authentication of the stream address is mostly written by using Flash codes, and since Flash codes are written by using ActionScript language, the codes are very easy to decompile, and hackers can easily obtain the encryption algorithm of the video stream address in the Flash codes through decompiling, so that security risk exists. In the embodiment of the invention, the client receives the LUA script sent by the server in advance, and codes of the encryption algorithm of the video stream address are written in the LUA script. Therefore, the client is not the directly received encryption algorithm but the LUA script, the encryption algorithm can be obtained only by executing the LUA script, and the LUA script is an open-source code, has a large code amount, and can expand the code amount containing the encryption algorithm.
In order to further improve the difficulty of cracking the video stream address, before the obtaining a first authentication value based on the first information and the LUA script, the method further includes:
and storing the LUA script in an open-source memory database.
Specifically, when the client receives the LUA script sent by the server, the LUA script can be firstly stored in the open-source memory database, and the code amount can be further enlarged by adopting the open-source memory database, so that the code amount of the encryption algorithm of the video stream address is increased, and the cracking difficulty is further improved. For example, the open-source memory database may be Redis, MongoDB, etc., and taking Redis as an example, it is an open-source database written in C language and is based on memory Key-Value. Because the Redis adopts open-source codes and adopts a complex data structure to store data, the difficulty in cracking the encryption algorithm used for authentication in the LUA script is increased. In addition, compared with the prior art that variables are directly adopted to store the encryption algorithm, the complexity and the code amount of the encryption algorithm of the video stream address can be increased by storing the LUA script by utilizing Redis.
In a specific implementation process, the LUA script may be stored by calling an interface provided by the Redis source code, and specific implementation codes are as follows:
Redis.set(“LUA”,plua);
set is an interface provided by Redis to store data.
"LUA" is a key value that stores LUA scripts.
plua is the data pointed to by the key value LUA, i.e. the received LUA script.
Specifically, before obtaining a first authentication value based on the first information for authentication and the LUA script, the method further includes:
and acquiring the LUA script from the open-source memory database.
The obtaining a first authentication value based on the first information and the LUA script includes:
and starting an LUA engine to execute the LUA script by taking the first information as a first parameter for executing the LUA script, obtaining an execution result, and taking the execution result as the first authentication value.
Specifically, in order to obtain the first authentication value, the client needs to obtain the LUA script first, and since the LUA script is stored in the open-source memory database, the LUA script needs to be obtained from the open-source memory database, which may be implemented by calling an interface provided by the Redis source code: char, pLua ═ redis. And then, the first information is used as a first parameter for executing the LUA script, the LUA engine is started to execute the LUA script, the first parameter is input into the LUA script, and a first authentication value is obtained through calculation. In a specific implementation process, the first information may be spliced to obtain a first parameter, which may be Token + Roomid + ID + IP + Time; the first authentication value can be realized by the following steps:
NEWKEY=Luaengine.excute(plua,Token+Roomid+ID+IP+Time);
wherein, luaengine. express is an interface of the LUA engine for executing LUA scripts;
the parameter plua is the LUA script;
the parameter Token + Roomid + ID + IP + Time is used for the first information of authentication.
Optionally, in this embodiment, Redis may also be used to store the calculated first authentication value, and when the first authentication value needs to be sent to the server, the first authentication value is taken out from the Redis and sent to the server.
Then, step S103 is executed, the first information and the first authentication value are sent to a server, so that the server determines a second authentication value through the encryption algorithm and the first information, and determines whether the first authentication value matches the second authentication value, wherein when the first authentication value matches the second authentication value, the client performs authentication through a video stream address.
Further, when the first authentication value is matched with the second authentication value, the server authenticates the client and sends the video stream address of the target video to the client. Otherwise, when the first authentication value is not matched with the second authentication value, the server authentication does not pass through the client, and the video stream address of the target video is refused to be sent to the client.
Specifically, after the client sends the first information for authentication and the first authentication value to the server, the second authentication value calculated by the server is obtained according to the same encryption algorithm as the client and the first information for authentication, so that the second authentication value obtained by the server should be matched with the first authentication value of the client, if the second authentication value is not matched, the client is a forged or illegal client, the authentication is not passed, if the second authentication value is matched, the video stream address authentication is passed, and the client receives the video stream address of the target video, so that the video stream is normally viewed.
Based on the same inventive concept, the application also provides an authentication method of the video stream address, which is applied to a server and is described in the second embodiment.
Example two
The embodiment provides an authentication method for video stream addresses, as shown in fig. 2, the method includes:
step S201, a LUA script including a code of a video stream address encryption algorithm is sent to a client in advance;
step S202, receiving first information and a first authentication value which are sent by a client and used for authentication, wherein the first authentication value is obtained by the client based on the first information and the LUA script;
step S203, based on the first information and the encryption algorithm, a second authentication value is obtained;
step S204, judging whether the first authentication value is matched with the second authentication value;
step S205, when the first authentication value is matched with the second authentication value, the server enables the video stream address to pass the authentication of the client;
step S206, when the first authentication value does not match the second authentication value, the server disables the video stream address authentication from passing through the client.
It should be noted that the method provided by this embodiment is applied to a server, and the server and the client are connected through a network to implement communication; in a specific implementation process, the client may be applied to a mobile terminal device (e.g., a mobile phone, a tablet computer), and may also be applied to a fixed terminal device (e.g., a desktop computer), which is not limited herein. The server is a server for processing video information, and may be a single server or a server group consisting of a plurality of servers.
The following describes in detail implementation steps of the method for authenticating an address of a video stream according to an embodiment of the present application with reference to fig. 2.
Firstly, executing step S201, and sending an LUA script comprising an encryption algorithm code of a video stream address to a client in advance; .
Specifically, in order to improve the difficulty in acquiring or cracking the encryption algorithm, the invention firstly writes the encryption algorithm code of the video stream address into the LUA script in advance at the server side, and then sends the LUA script containing the encryption algorithm to the client side.
Then, step S202 is executed to receive first information and a first authentication value sent by a client, where the first authentication value is obtained by the client through the LUA script and the first information for authentication.
How to obtain the first authentication value has been described in detail in the first embodiment, and is not described herein again.
Step S203 is then executed: and obtaining a second authentication value based on the first information and the encryption algorithm.
In the first embodiment, how to obtain the first authentication value has been described in detail, and the method for the server to obtain the second authentication value is the same as the method for obtaining the first authentication value, and is not described herein again.
Then, step S204 is performed: and judging whether the first authentication value is matched with the second authentication value.
In a specific implementation process, the determining whether the first authentication value and the second authentication value are matched may be: and judging whether the first authentication value is the same as the second authentication value or whether the first authentication value is equivalent to the second authentication value.
When the first authentication value matches the second authentication value, step S205 is executed: the server authenticates the video stream address through the client. Further, after the server passes the authentication of the client, the server also sends the video stream address of the target video to the client.
When the first authentication value does not match the second authentication value, step S206 is executed: the server disables video stream address authentication from the client.
Specifically, the server calculates the second authentication value of the video stream address by using the same encryption algorithm and the first information for authentication as those of the client. Therefore, the server obtains that the second authentication value should be matched with the first authentication value of the client, if the second authentication value is not matched with the first authentication value, the client is a forged or illegal client, the authentication is not passed, if the second authentication value is matched with the first authentication value, the server sends the video stream address corresponding to the first information for authentication to the client, and the authentication passes the client.
In the method for authenticating an address of a video stream provided in this embodiment, before the sending the LUA script to the client, the method further includes:
updating the LUA script;
and sending the updated LUA script to the client to update the encryption algorithm in the client.
Specifically, in the embodiment of the present invention, since the code of the encryption algorithm of the video stream address is written into the LUA script in advance, and the LUA script is a script language and is an interpretive execution language, and can be executed without recompilation, the encryption algorithm in the LUA script may be updated by the method of updating the LUA script in the present invention, and the server sends the updated LUA script to the client, so that the encryption algorithm in the client may be updated. The method for updating the LUA scripts can adopt a random updating method, so that if a hacker wants to acquire the encryption algorithm, all the LUA scripts need to be acquired, and the encryption algorithm is acquired from the LUA scripts, so that the difficulty of cracking the encryption algorithm is further improved.
In the method for authenticating an address of a video stream provided in this embodiment, the first information for authentication includes: authentication information of the user identity, a unique identifier of the client device, a network address of the client and time information of the system.
The specific content of the first information for authentication has been described in detail in the first embodiment, and will not be described again here.
Since the method described in the second embodiment of the present invention and the method described in the first embodiment belong to the same inventive concept, the implementation steps and principles of the method provided in the second embodiment will be understood by those skilled in the art based on the first embodiment, and thus will not be described herein again.
Based on the same inventive concept, the application also provides a device corresponding to the authentication method of the video stream address in the first embodiment, which is detailed in the third embodiment.
EXAMPLE III
This embodiment provides an authentication apparatus for video stream addresses, where the apparatus is a client, as shown in fig. 3, the apparatus includes:
an obtaining module 301, configured to obtain first information for authentication;
an obtaining module 302, configured to obtain a first authentication value based on the first information and a pre-received LUA script, where the LUA script is sent to a client by a server in advance, and a code of an encryption algorithm of a video stream address is included in the LUA script in advance;
a sending module 303, configured to send the first information for authentication and the first authentication value to a server, so that the server determines a second authentication value through the authentication algorithm and the first information for authentication, and determines whether the first authentication value matches the second authentication value.
Since the device introduced in the third embodiment of the present invention is a device used for implementing the authentication method for video stream addresses in the first embodiment of the present invention, based on the method introduced in the first embodiment of the present invention, those skilled in the art can understand the specific structure and deformation of the device, and thus, details are not described herein again. All the devices adopted in the method of the first embodiment of the present invention belong to the protection scope of the present invention.
Based on the same inventive concept, the application also provides a device corresponding to the authentication method of the video stream address in the second embodiment, which is detailed in the fourth embodiment.
Example four
This embodiment provides an authentication apparatus for video streaming addresses, where the apparatus is a server, and as shown in fig. 4, the apparatus includes:
a sending module 401, configured to send a LUA script including an encryption algorithm code of a video stream address to a client in advance;
a receiving module 402, configured to receive first information for authentication and a first authentication value sent by a client, where the first authentication value is obtained by the client through the first information for authentication and the LUA script;
an obtaining module 403, configured to obtain a second authentication value based on the first information for authentication and the authentication algorithm;
a judging module 404, configured to judge whether the first authentication value matches the second authentication value;
a first processing module 405, configured to, when the first authentication value matches the second authentication value, enable the server to authenticate the video stream address through the client;
a second processing module 406, configured to, when the first authentication value does not match the second authentication value, disable the video stream address authentication from the client by the server.
Optionally, the apparatus further comprises a third processing module, configured to, after the authentication passes through the client,
and sending the video stream address of the target video to the client.
Since the device described in the fourth embodiment of the present invention is a device used for implementing the authentication method for video stream addresses in the second embodiment of the present invention, based on the method described in the second embodiment of the present invention, those skilled in the art can understand the specific structure and deformation of the device, and thus, details are not described herein again. All the devices adopted by the method of the second embodiment of the invention belong to the protection scope of the invention.
EXAMPLE five
Based on the same inventive concept, the present application further provides a computer-readable storage medium having a computer program stored thereon, which when executed by a processor, performs the steps of:
acquiring first information for authentication;
obtaining a first authentication value based on the first information and a previously received LUA script, wherein the LUA script is sent to a client by a server in advance, and the LUA script comprises a code of an encryption algorithm of a video stream address in advance;
and sending the first information for authentication and the first authentication value to a server so that the server determines a second authentication value through the encryption algorithm and the first information for authentication and judges whether the first authentication value is matched with the second authentication value, wherein when the first authentication value is matched with the second authentication value, a client side authenticates through a video stream address.
EXAMPLE six
Based on the same inventive concept, the present application further provides a computer device, please refer to fig. 5, which includes a storage 501, a processor 502, and a computer program 503 stored on the storage and running on the processor, wherein the processor 502 implements the following steps when executing the program:
acquiring first information for authentication;
obtaining a first authentication value based on the first information and a previously received LUA script, wherein the LUA script is sent to a client by a server in advance, and the LUA script comprises a code of an encryption algorithm of a video stream address in advance;
and sending the first information for authentication and the first authentication value to a server so that the server determines a second authentication value through the encryption algorithm and the first information for authentication and judges whether the first authentication value is matched with the second authentication value, wherein when the first authentication value is matched with the second authentication value, a client side authenticates through a video stream address.
For convenience of explanation, only the parts related to the embodiments of the present invention are shown, and details of the specific techniques are not disclosed. The memory 501 may be used to store a computer program 503 including software programs, modules and data, and the processor 502 executes the computer program 503 stored in the memory 501 by running, thereby executing various functional applications of the electronic device and data processing.
In a specific implementation process, the memory 501 may be used for storing software programs and modules, and the processor 502 executes various functional applications and data processing of the electronic device by operating the software programs and modules stored in the memory 501. The memory 501 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application 5 required for at least one function, and the like; the storage data area may store data 5 created according to use of the electronic device, and the like. Further, the memory 501 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid state storage device. The processor 502 is a control center of the electronic device, connects various parts of the whole electronic device by using various interfaces and lines, and performs various functions of the electronic device and processes data by running or executing software programs and/or modules stored in the memory 501 and calling data stored in the memory 501, thereby performing overall monitoring of the electronic device. Alternatively, processor 502 may include one or more processing units; preferably, the processor 502 may be integrated with an application processor, wherein the application processor mainly handles operating systems, user interfaces, application programs, and the like.
The technical scheme provided in the embodiment of the application at least has the following technical effects or advantages:
in the technical scheme of the embodiment of the invention, first information for authentication is obtained through a client; obtaining a first authentication value based on the first information for authentication and a pre-received LUA script, wherein the LUA script is sent to a client by a server in advance, and the LUA script comprises an encryption algorithm of a video stream address in advance; and sending the first information for authentication and the first authentication value to a server so that the server determines a second authentication value through the encryption algorithm and the first information for authentication and judges whether the first authentication value is matched with the second authentication value, wherein when the first authentication value is matched with the second authentication value, the client passes authentication. Because the first authentication value of the client is obtained according to the first information for authentication and the previously received LUA script, and the LUA script is pre-programmed with the encryption algorithm of the video stream address, firstly, the encryption algorithm is in the LUA script, so that the encryption algorithm is not easy to expose, and the LUA script is an open-source code, so that the code quantity containing the encryption algorithm is large, and the authentication algorithm has to be copied from the LUA script with a large code quantity when the encryption algorithm of the video stream address needs to be cracked, thereby increasing the cracking difficulty. And the client side calculates a first authentication value according to the first information for authentication and the authentication algorithm, and the server also obtains a second authentication value according to the same method, so that the server can authenticate the client side only when the first authentication value is matched with the second authentication value, thereby improving the reliability of authentication and solving the technical problem of lower safety in the video stream address authentication method in the prior art.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
While preferred embodiments of the present invention have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. Therefore, it is intended that the appended claims be interpreted as including preferred embodiments and all such alterations and modifications as fall within the scope of the invention.
It will be apparent to those skilled in the art that various modifications and variations can be made in the embodiments of the present invention without departing from the spirit or scope of the embodiments of the invention. Thus, if such modifications and variations of the embodiments of the present invention fall within the scope of the claims of the present invention and their equivalents, the present invention is also intended to encompass such modifications and variations.
Claims (10)
1. A method for authenticating video stream addresses, comprising:
acquiring first information for authentication; the first information comprises authentication information of user identity, identification of client equipment, network address of a client and time information of a system;
taking the first information as a first parameter for executing the LUA script, and starting an LUA engine to execute the LUA script to obtain a first authentication value; the LUA script is sent to a client in advance by a server, and the LUA script comprises codes of an encryption algorithm of a video stream address in advance;
and sending the first information and the first authentication value to a server so that the server can determine a second authentication value through the encryption algorithm and the first information and judge whether the first authentication value is matched with the second authentication value, wherein when the first authentication value is matched with the second authentication value, the client side authenticates through a video stream address.
2. The method of claim 1, wherein prior to said initiating a LUA engine to execute the LUA script using the first information as a first parameter for executing the LUA script to obtain a first authentication value, the method further comprises:
and storing the LUA script in an open-source memory database.
3. The method of claim 2, wherein prior to said initiating a LUA engine to execute the LUA script using the first information as a first parameter for executing the LUA script to obtain a first authentication value, the method further comprises:
and acquiring the LUA script from the open-source memory database.
4. A method for authenticating video stream addresses, comprising:
the method comprises the steps that an LUA script comprising an encryption algorithm code of a video stream address is sent to a client in advance;
receiving first information and a first authentication value which are sent by a client and used for authentication, wherein the first authentication value is obtained by enabling a LUA engine to execute a LUA script by using the first information as a first parameter for executing the LUA script by the client; the first information comprises authentication information of user identity, identification of client equipment, network address of a client and time information of a system;
obtaining a second authentication value based on the first information and the encryption algorithm;
judging whether the first authentication value is matched with the second authentication value;
when the first authentication value is matched with the second authentication value, the server enables the video stream address to pass the authentication of the client;
and when the first authentication value is not matched with the second authentication value, the server enables the video stream address authentication not to pass through the client.
5. The method of claim 4, wherein after the authenticating passes the client, the method further comprises:
and sending the video stream address of the target video to the client.
6. The method of claim 4, wherein prior to said sending the LUA script to the client, the method further comprises:
updating the LUA script;
and sending the updated LUA script to the client to update the encryption algorithm in the client.
7. An authentication device for video stream addresses, wherein the device is a client, comprising:
the acquisition module is used for acquiring first information for authentication; the first information comprises authentication information of user identity, identification of client equipment, network address of a client and time information of a system;
an obtaining module, configured to use the first information as a first parameter for executing a LUA script, and start a LUA engine to execute the LUA script to obtain a first authentication value, where the LUA script is sent to a client by a server in advance, and the LUA script includes a code of an encryption algorithm of a video stream address in advance;
and the sending module is used for sending the first information and the first authentication value to a server so that the server can determine a second authentication value through the encryption algorithm and the first information and judge whether the first authentication value is matched with the second authentication value, wherein when the first authentication value is matched with the second authentication value, a client side authenticates through a video stream address.
8. An apparatus for authenticating video stream addresses, wherein the apparatus is a server, comprising:
the sending module is used for sending the LUA script comprising the encryption algorithm code of the video stream address to the client in advance;
the authentication method comprises the steps that a receiving module is used for receiving first information used for authentication and a first authentication value sent by a client, wherein the first authentication value is obtained by enabling a LUA engine to execute a LUA script by using the first information as a first parameter for executing the LUA script by the client; the first information comprises authentication information of user identity, identification of client equipment, network address of a client and time information of a system;
an obtaining module, configured to obtain a second authentication value based on the first information and the encryption algorithm;
the judging module is used for judging whether the first authentication value is matched with the second authentication value;
the first processing module is used for enabling the server to enable the video stream address to pass the authentication of the client when the first authentication value is matched with the second authentication value;
and the second processing module is used for enabling the video stream address authentication not to pass through the client side by the server when the first authentication value is not matched with the second authentication value.
9. A computer-readable storage medium, on which a computer program is stored, which program, when executed by a processor, carries out the steps of:
acquiring first information for authentication; the first information comprises authentication information of user identity, identification of client equipment, network address of a client and time information of a system;
using the first information as a first parameter for executing a LUA script, starting a LUA engine to execute the LUA script to obtain a first authentication value, wherein the LUA script is sent to a client by a server in advance, and the LUA script comprises a code of an encryption algorithm of a video stream address in advance;
and sending the first information and the first authentication value to a server so that the server can determine a second authentication value through the encryption algorithm and the first information and judge whether the first authentication value is matched with the second authentication value, wherein when the first authentication value is matched with the second authentication value, a client side authenticates through a video stream address.
10. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor when executing the program performs the steps of:
acquiring first information for authentication;
the first information comprises authentication information of user identity, identification of client equipment, network address of a client and time information of a system;
using the first information as a first parameter for executing a LUA script, starting a LUA engine to execute the LUA script to obtain a first authentication value, wherein the LUA script is sent to a client by a server in advance, and the LUA script comprises a code of an encryption algorithm of a video stream address in advance;
and sending the first information and the first authentication value to a server so that the server can determine a second authentication value through the encryption algorithm and the first information and judge whether the first authentication value is matched with the second authentication value, wherein when the first authentication value is matched with the second authentication value, a client side authenticates through a video stream address.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710524148.9A CN107483987B (en) | 2017-06-30 | 2017-06-30 | Authentication method and device for video stream address |
PCT/CN2018/082500 WO2019001082A1 (en) | 2017-06-30 | 2018-04-10 | Authentication method and device for video stream address |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710524148.9A CN107483987B (en) | 2017-06-30 | 2017-06-30 | Authentication method and device for video stream address |
Publications (2)
Publication Number | Publication Date |
---|---|
CN107483987A CN107483987A (en) | 2017-12-15 |
CN107483987B true CN107483987B (en) | 2020-02-07 |
Family
ID=60596334
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710524148.9A Active CN107483987B (en) | 2017-06-30 | 2017-06-30 | Authentication method and device for video stream address |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN107483987B (en) |
WO (1) | WO2019001082A1 (en) |
Families Citing this family (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107483987B (en) * | 2017-06-30 | 2020-02-07 | 武汉斗鱼网络科技有限公司 | Authentication method and device for video stream address |
CN108235067B (en) * | 2018-01-04 | 2020-09-08 | 武汉斗鱼网络科技有限公司 | Authentication method and device for video stream address |
CN110011950B (en) * | 2018-01-04 | 2021-11-09 | 武汉斗鱼网络科技有限公司 | Authentication method and device for video stream address |
CN108307211B (en) * | 2018-01-05 | 2020-02-07 | 武汉斗鱼网络科技有限公司 | Video stream address authentication method, storage medium, device and system |
CN108966043A (en) * | 2018-08-08 | 2018-12-07 | 福州智永信息科技有限公司 | A kind of video consistent method for authenticating and system |
WO2021234453A1 (en) | 2020-05-20 | 2021-11-25 | Aummune Ltd. | Bispecific personalized aptamers |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101719210A (en) * | 2009-12-25 | 2010-06-02 | 武汉大学 | File use control method based on linux platform digital copyright management |
CN101834867A (en) * | 2010-05-07 | 2010-09-15 | 杭州华三通信技术有限公司 | Client security protection method and device |
CN105721411A (en) * | 2015-05-15 | 2016-06-29 | 乐视云计算有限公司 | Method for preventing hotlinking, server and client terminalfor preventing hotlinking |
CN105959728A (en) * | 2016-06-27 | 2016-09-21 | 武汉斗鱼网络科技有限公司 | System and method for counting number of online users of live platform |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20120117041A1 (en) * | 2010-11-08 | 2012-05-10 | Verisign, Inc. | Debugging a stored procedure in a database |
CN107483987B (en) * | 2017-06-30 | 2020-02-07 | 武汉斗鱼网络科技有限公司 | Authentication method and device for video stream address |
-
2017
- 2017-06-30 CN CN201710524148.9A patent/CN107483987B/en active Active
-
2018
- 2018-04-10 WO PCT/CN2018/082500 patent/WO2019001082A1/en active Application Filing
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101719210A (en) * | 2009-12-25 | 2010-06-02 | 武汉大学 | File use control method based on linux platform digital copyright management |
CN101834867A (en) * | 2010-05-07 | 2010-09-15 | 杭州华三通信技术有限公司 | Client security protection method and device |
CN105721411A (en) * | 2015-05-15 | 2016-06-29 | 乐视云计算有限公司 | Method for preventing hotlinking, server and client terminalfor preventing hotlinking |
CN105959728A (en) * | 2016-06-27 | 2016-09-21 | 武汉斗鱼网络科技有限公司 | System and method for counting number of online users of live platform |
Also Published As
Publication number | Publication date |
---|---|
CN107483987A (en) | 2017-12-15 |
WO2019001082A1 (en) | 2019-01-03 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107483987B (en) | Authentication method and device for video stream address | |
CN111935094B (en) | Database access method, device, system and computer readable storage medium | |
TWI682297B (en) | Method, device and system for preventing cross-website request forgery | |
KR102087478B1 (en) | Method and apparatus of downloading and installing a client | |
CN108881228B (en) | Cloud registration activation method, device, equipment and storage medium | |
US10019558B2 (en) | Controlling licensable features of software using access tokens | |
US10333925B2 (en) | Seamless provision of authentication credential data to cloud-based assets on demand | |
CN102238007A (en) | Method, device and system for acquiring session token of user by third-party application | |
US20120210436A1 (en) | System and method for fingerprinting in a cloud-computing environment | |
CN110011950B (en) | Authentication method and device for video stream address | |
US9507921B2 (en) | User-specific application activation for remote sessions | |
CN110198296B (en) | Authentication method and device, storage medium and electronic device | |
CN109286620B (en) | User right management method, system, device and computer readable storage medium | |
CN112671720A (en) | Token construction method, device and equipment for cloud platform resource access control | |
US20140137227A1 (en) | Systems and Methods for Enhancement of Single Sign-On Protection | |
US20160182481A1 (en) | Method for authenticating a device | |
CN105429943B (en) | Information processing method and terminal thereof | |
CN106992859B (en) | Bastion machine private key management method and device | |
US20140373096A1 (en) | Roaming Internet-Accessible Application State Across Trusted and Untrusted Platforms | |
US10282539B2 (en) | Authentication and secure communication with application extensions | |
CN110601832A (en) | Data access method and device | |
CN107566329A (en) | A kind of access control method and device | |
CN108184146B (en) | Method for calculating popularity of live broadcast platform and related equipment | |
CN108235067B (en) | Authentication method and device for video stream address | |
US20150101059A1 (en) | Application License Verification |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |