With copy-right protection method and the device that can make carbon copies memory device distribution Active-Movie
Technical field
The present invention relates to the multimedia field, especially by making carbon copies digital literary property protection method and the management devices thereof of memory device with copy form distribution Active-Movie content.
Background technology
Along with the fast development of digitizing and memory technology, the distribution of movie and television contents has been passed by the DVD epoch, and having entered with blue light (BD) and HD DYD is the high definition epoch of representative.Along with the price that can make carbon copies memory device (portable hard drive, SD card, USB flash disk, solid state hard disc) constantly descends, USB3.0 and eSATA technology have improved message transmission rate, making the business model that passes through to shop copy distribution high-definition digital movie and television contents progressively replace tradition is the issuing way of media with the CD, compares the industry goal that disk distribution more meets energy-conserving and environment-protective with making carbon copies memory device distribution movie and television contents simultaneously.Yet, to follow with customer group constantly to enlarge to shop copy mode distribution high definition video content and education video content, rampant pirate phenomenon is still perplexing content supplier and content operator.Avoid pirate for the digital content that makes legal publication and propagate and illegal the use, introducing digital copyright protection technology in the business model that can make carbon copies memory device distribution Active-Movie and system is an important control device.
Belong to the broadcasting cryptographic technique category that stateless is returned type with the copyright protection technology that can make carbon copies memory device distribution Active-Movie, the basic structure of its copyright protection system is as follows:
(1) encrypt digital content: by the content issuer system digital movie and television contents is carried out encryption, use a key to be locked.
(2) secret key encryption: the key that will be used for the enciphered digital movie and television contents by the content issuer system carries out encryption, obtains key file.
(3) encapsulation is transmitted: Active-Movie content and the key file encrypted are encapsulated again, generate new Active-Movie media formats, employing can be made carbon copies memory device and be copied this delivery of content to the consumer.
(4) key obtains and decipher broadcast: playback equipment at first will be handled the Active-Movie file of encapsulation in order to play the Active-Movie content of encryption, finds key file wherein, and to the secret key decryption in the key file.
Obtain the decruption key of digital content, the Active-Movie content is play in deciphering again.
The basic structure of above-mentioned copyright protection system shows that memory device is issued the copy-right protection method of Active-Movie and the key problem of device is the safe transfer that solves digital content and encryption key with making carbon copies, effectively control and legal use problem.Because in the total system that can make carbon copies memory device distribution Active-Movie; " content issuer system " directly is not communicated with numerous playback equipments; authorized content and the protection authorized content key by medium with offline mode transmission and management; this typical stateless is returned the characteristics of the broadcasting cryptographic technique of type, makes to have more complicacy and challenge with copy-right protection method and the device that can make carbon copies memory device distribution Active-Movie.
In the prior art; the digital copyright protection technology that the optical disk system of being directed to is arranged; below draw from publication No. is the patented technology of CN 101770794A; united by big factories of information, household electrical appliances and Hollywood Pictures such as IBM, Intel, Microsoft, Panasonic, SONY, Toshiba, Disney and Warners and to have formulated copyright protection technology-AACS (Advanced Access Content System), its core technology is to realize key management with the binary tree structure of " NNLtree " by name.
Yet the AACS technology faces three big realistic problems in the application of China:
1. information security issue, AACS adopts technology fully by foreign vendor's control, is applied directly to the national information safety policy that China does not meet China as safety technique;
2. cost issues: patent that the AACS technology relates to and system on top of in foreigner's hand, need expensive patent royalty and overhead cost licensing of China;
3. manage the limitation problem: the AACS technology does not relate to the empowerment management to the replication business system.
Prior art; publication No. is that the patented technology of CN 101770794A is a kind of digital literary property protection method and management devices thereof of digital versatile disk system; the blank of China that this technology is filled up, and solved the related problems of AACS technical system, but still face four big realistic problems:
1. propagation medium problem: not breaking away from CD is the distribution system of medium, the decruption key of programme content is handled by CD anti-copying sign and program key binding and is drawn, can't to break away from the CD be the distribution system of medium to total system like this, and be that the distribution system of medium itself has many problems with the CD: limited storage space, the serviceable life of easily causing a large amount of plastic garbages and CD player, also the read-write number of times with laser head was relevant.
2. produce problem in batches: can't realize producing in batches, the strict mode according to authorizing playback equipment is issued CD and is made CD can duplicate the advantage that reduces cost of manufacture originally in enormous quantities to become history, can only making a unique CD at film of a client, to make that also the publisher keeps normally poor-performed, limited the popularization of patent CN 101770794 A.
3. administrative vulnerability problem: though among CN 101770794 A to replication business management carry out that some are perfect, do not encrypt when but movie and television contents enters the replication business system and is stored in the replication business system, exist replication business to copy the security breaches of non-encrypted movie and television contents.And in actual life, publisher and publisher's function is distinguished to some extent, and only the management at replication business produces managerial leak.
4. the restricted problem of system: comprise all replication business keys and the corresponding relation of replication business ID in the system key packet described in CN 101770794 A, and this packet is built in playback equipment, and in the reality because actual operation mode is constantly to grow up and development, replication business is to bring in constant renewal in and eliminate, therefore can cause the built-in system data bag of playback terminal that needs constantly to upgrade just can satisfy the daily phenomenon of watching demand of consumer, the restricted problem that is called system, convenience and operation and the popularization of this method in real society used have been limited.
Summary of the invention
At above-mentioned problems of the prior art, the purpose of this invention is to provide copy-right protection method and device that a kind of usefulness can be made carbon copies memory device distribution Active-Movie.It adopts conbined public or double key that asymmetric encryption techniques is set up with the digital copyright protecting security system that can make carbon copies memory device distribution Active-Movie; realization is to the core memory server; the safety management of content issuer system and empowerment management; to satisfy high-definition content publication and the consumption demand that China has a high potential; the present invention has energy savings, and is safe and reliable, promotes fast; easy maintenance, the characteristics that running cost is cheap.
In order to realize above-mentioned goal of the invention, technical scheme of the present invention realizes as follows:
With copy-right protection method and the device that can make carbon copies memory device distribution Active-Movie; it uses and comprises the content manager by publisher; the centralized stores Authorization Manager; publisher's Authorization Manager; the authentication management system that the device authorization manager is formed; by publisher's authority manager; the content-encrypt manager; content derives encapsulation manager; the centralized stores system that the P2P manager is formed; by publisher's authority manager; the apparatus bound Authorization Manager; content derives encapsulation manager; the publisher system that the P2P manager is formed; by the play authorization file manager; the Play Control manager; the playback equipment that the deciphering presentation manager is formed, its key step is:
1) system authorization:
1. the publisher's content manager in the authentication management system writes down the numbering of publisher and the publication number of its movie and television contents of publishing, signature publishes and distributes the certificate of authority of Active-Movie content by native system, and is entered into the request of centralized stores system to centralized stores Authorization Manager proposition program;
2. the centralized stores Authorization Manager in the authentication management system receives after the typing request in online mode to be that publisher's authority manager of centralized stores system provides publisher's authority, comprises the ciphertext of encryption key of Active-Movie content of the certificate of authority, publisher's numbering, movie and television contents publication number, the usefulness centralized stores system public key encryption of publisher's signature in publisher's authority;
3. the publisher's Authorization Manager in the authentication management system is that publisher's authority manager in the publisher system provides the publisher authority with the offline mode, comprises the private key of publisher system in publisher's authority and contains publisher's uniquely identified publisher certificate;
4. the device authorization manager in the authentication management system is that apparatus bound Authorization Manager in the publisher system provides the playback equipment PKI in online mode;
5. the device authorization manager in the authentication management system is that the play authorization file manager of playback equipment provides the device authorization file in the mode of off-line, comprises the private key of playback equipment and the private key of centralized stores system in the device authorization file;
2) Active-Movie content-encrypt typing:
1. publisher's authority manager of centralized stores system is received publisher's authority, by the contents encryption key in private key deciphering publisher of the centralized stores system authority, contents encryption key is passed to the content-encrypt manager, and the content that publisher's authority is passed to the centralized stores system derives encapsulation manager;
2. the content-encrypt manager of centralized stores system is received contents encryption key, the respective digital movie and television contents is encrypted by symmetric encipherment algorithm, and derived encapsulation manager for the content of centralized stores system the Active-Movie delivery of content of encrypting;
3. the content of centralized stores system derives encapsulation manager, and movie and television contents and publisher's authority packing with encrypting are stored in the disk array of centralized stores system;
3) distribution of Active-Movie content (being used to prevent that illegal contents from entering the publisher system):
1. the content of centralized stores system derives encapsulation manager, file a request by line publisher Authorization Manager and to obtain publisher's PKI and publisher's certificate, publisher's certificate is passed through publisher's public key encryption, and pack with movie and television contents and publisher's authority of encrypting, copy in the publisher system by making carbon copies memory device;
2. the publisher's authority manager in the publisher system is by the publisher certificate of publisher system private key deciphering by public key encryption, and the publisher certificate comparison built-in with system, judge the movie and television contents of encryption and the legitimacy that publisher's authority is stored in the publisher system;
3. the P2P manager of centralized stores system is as the P2P manager of server with online mode management publisher system, the P2P manager of publisher system with publisher's certificate as numbering, the P2P manager of centralized stores system is obtained publisher's certificate by the content derivation encapsulation manager of centralized stores system, selects correct publisher P2P manager to send correct content (movie and television contents, publisher's authority, the publisher's certificate that comprise encryption) by publisher's certificate;
3) DecryptDecryption of programme content:
1. the apparatus bound Authorization Manager in the publisher system according to user's purchase information issuing file Play Control information, and is combined into the play authorization file with file Play Control information, publisher's authority, publisher's certificate.Simultaneously, the PKI that the apparatus bound Authorization Manager is obtained user's playback equipment by online mode slave unit Authorization Manager is encrypted the play authorization file, obtains the play authorization ciphertext, and this process is called the apparatus bound empowerment management;
2. the derivation of the content in publisher system encapsulation manager is packaged into an independently file with the Active-Movie content of play authorization ciphertext and encryption, be called programme content, the user can make carbon copies memory device and the programme content copy is gone home to connect playback equipment watches by using;
3. the play authorization file manager of playback equipment obtains file Play Control information, publisher's certificate and publisher's authority according to playback equipment private key deciphering play authorization ciphertext;
4. the Play Control manager of playback equipment reads file Play Control information, publisher's certificate, publisher's authority, judge the legitimacy and the control information of digital movie and television contents, have at the broadcasting time that allows and call the deciphering presentation manager under the remaining situation;
5. the deciphering presentation manager of playback equipment is decrypted the ciphertext with the encryption key of the Active-Movie content of centralized stores system public key encryption in publisher's authority according to built-in centralized stores system private key, obtain the encryption key of Active-Movie content, taking symmetrical decryption technology deciphering to play the Active-Movie content by encryption key obtains the Active-Movie content expressly, carries out decodes and plays again.
In above-mentioned digital literary property protection method, the binding of described and playback equipment is meant that the play authorization ciphertext is the ciphertext after PKI through user's playback equipment carries out encryption, every mandate playback equipment has absolute unique a pair of PKI and private key, and the play authorization ciphertext has comprised file Play Control information, publisher's certificate, publisher's authority; The ciphertext of encryption key of Active-Movie content that comprises the certificate of authority, publisher's numbering, movie and television contents publication number, the usefulness centralized stores system public key encryption of publisher signature in publisher's authority.
Realize that above-mentioned usefulness can make carbon copies the copy-right protection method and the device of memory device distribution Active-Movie, its design feature is that it is made up of authentication management system, centralized stores system, publisher system and playback equipment.Authentication management system is made up of publisher's content manager, centralized stores Authorization Manager, publisher's Authorization Manager and device authorization manager; The centralized stores system derives encapsulation manager by publisher's authority manager, content-encrypt manager, content and the P2P manager is formed; The publisher system is made up of publisher's authority manager, apparatus bound Authorization Manager, content derivation encapsulation manager, P2P manager; Playback equipment is made up of play authorization file manager, Play Control manager, deciphering presentation manager.Authentication management system is with the empowerment management of online mode control centralized stores system and publisher system, authentication management system is with the empowerment management of the mode controls playing equipment of off-line, and authentication management system is finished the asymmetric encryption of contents encryption key and made publisher's authority; The centralized stores system finishes the encryption to digital movie and television contents; The publisher system finishes the binding of the Active-Movie content of encryption and playback equipment and finishes the encapsulation programme content and the copy issuing working, and playback equipment is finished the Play Control management and the deciphering playback process function of Active-Movie content.
The present invention is owing to adopted above-mentioned method and device thereof; for providing a kind of based on the digital copyright protecting pattern of conbined public or double key to asymmetric encryption techniques with making carbon copies memory device distribution Active-Movie; especially the current demand at China's digital copyright protecting provides a kind of reliable digital copyright protection technology; thereby help being promoted widely in China, really realize the safety propagation of digital content and the target of legal use with the copyright protection technology that can make carbon copies memory device distribution Active-Movie.The present invention uses the encipherment protection of symmetric encipherment algorithm realization to digital content, and based on rivest, shamir, adelman, uses safeguard protection and the control of two groups of public private key pairs realizations to digital movie and television contents encryption key.Simultaneously; body series begins digital movie and television contents is realized encipherment protection in first link of programme content input system; use independently licensing scheme realization to the empowerment management of centralized stores system, publisher system and playback equipment system and effectively control; for setting up orderly Active-Movie content consumption market; realize the copyright protection and the safety management of Active-Movie content; the reliable technique assurance not only is provided, and has used the present invention to set up and use the system that can make carbon copies memory device distribution Active-Movie that following advantage is arranged:
1) content of copyright of publisher obtains the most effective protection, and the Active-Movie content of publisher's distribution enters system and is the content that process is encrypted, and encryption key is encrypted once more by centralized stores system private key.Therefore propagate the Active-Movie content of giving the publisher and do not have the possibility of being used by piracy, be better than similar technology and enter the scheme of the program of replication business system without protection.
2) promote facility, the present invention is low for publisher's system requirements, and the business space of 5 square meters is arranged, a computing machine and certain storage space, and can satisfy registration becomes the environmental requirement that the publisher carries out business.
3) environmental protection, the present invention uses and can make carbon copies memory device distribution Active-Movie content, for one-time consumption product character is main films and television programs, abandoned the distribution pattern of CD, the user consumes in the mode that copies, watches, deletes, copies fresh content with making carbon copies memory device, and is significant to entire society's environment maintenance.
4) operation cost is cheap; the present invention has carried out perfect to security of system and ease of use on design details; the present invention is finished by computer system in operation automatically with the copy-right protection method that can make carbon copies memory device distribution Active-Movie and device, and playback equipment does not need to upgrade once more after by the disposable mandate of system.Can make carbon copies memory device distribution Active-Movie content and can generate in batches in batches that copy makes cost lower.
The invention will be further described below in conjunction with the drawings and specific embodiments.
Description of drawings
Fig. 1 is the principle assumption diagram of management devices of the present invention;
Fig. 2 is the system authorization processing flow chart of the inventive method;
Fig. 3 is the Active-Movie content-encrypt typing process flow diagram of the inventive method;
Fig. 4 is the Active-Movie distribution of contents process flow diagram of the inventive method;
Fig. 5 is the programme content DecryptDecryption process flow diagram of the inventive method;
Embodiment
Referring to Fig. 1, realize that usefulness of the present invention can make carbon copies the copy-right protection method and the device of memory device distribution Active-Movie and be made up of authentication management system A, the B of centralized stores system, the C of publisher system and playback equipment D.Authentication management system A is made up of publisher's content manager 1, centralized stores Authorization Manager 2, publisher's Authorization Manager 3 and device authorization manager 4, be responsible for finishing publisher's authority signature, the contents encryption key of Active-Movie generates and to contents encryption key centralized stores system public key encryption, manages functions such as playback equipment public, private key, management publisher's system authorization and playback equipment mandate.The B of centralized stores system is made up of publisher's authority manager 5, content-encrypt manager 6, content derivation encapsulation manager 7, P2P manager 15, be responsible for the encryption of Active-Movie content 14, the Active-Movie content 23 of encryption and the 18 packing storages of publisher's authority, the distribution of contents of storing packing is to the C of publisher system.The C of publisher system is by publisher's authority manager 8, apparatus bound Authorization Manager 9, content derives encapsulation manager 10 and P2P manager 16 is formed, be responsible for the blocking-up illegal contents and enter the publisher system, generate play authorization ciphertext 33 by playback equipment public key encryption play authorization file 32, thereby the Active-Movie content is tied to playback equipment, content among the C of publisher system derives encapsulation manager 10 play authorization ciphertext 33 and the Active-Movie content 23 of encrypting is encapsulated as programme content 34, and programme content 34 passes to the consumer by making carbon copies memory device 15 with copy mode.Playback equipment D is made up of play authorization file manager 11, Play Control manager 12, deciphering presentation manager 13, is responsible for finishing the legal deciphering playing function of Active-Movie content.Among the present invention, the play authorization ciphertext 33 that programme content 34 is loaded with (comprising publisher's authority 18, publisher's certificate 25, Play Control information 31) is important security of system data, for the safety management that realizes total system provides important support.
Referring to Fig. 1 to Fig. 5, the step when the inventive method is used is:
1) system authorization:
1. the publisher's content manager among the authentication management system A 1 writes down the numbering of publisher and the publication number of its movie and television contents of publishing, signature publishes and distributes the certificate of authority 17 of Active-Movie content by native system, and is entered into the request of the B of centralized stores system to centralized stores Authorization Manager 2 proposition programs.
2. the centralized stores Authorization Manager 2 among the authentication management system A receives after the typing request in online mode to be that publisher's authority manager 5 of the B of centralized stores system provides publisher's authority 18.The ciphertext of encryption key of Active-Movie content that comprises the certificate of authority 17, publisher's numbering, movie and television contents publication number, the usefulness centralized stores system public key encryption of publisher signature in publisher's authority.
3. the publisher's Authorization Manager among the authentication management system A 3 is that publisher's authority manager 8 among the C of publisher system provides publisher's authority 19 with the offline mode, comprises the private key of publisher system in publisher's authority 19 and contains publisher's uniquely identified publisher certificate.
4. the device authorization manager among the authentication management system A 4 is that apparatus bound Authorization Manager 9 among the C of publisher system provides playback equipment PKI 20 with the online mode.
5. the device authorization manager 4 among the authentication management system A is that the play authorization file manager 11 of playback equipment D provides device authorization file 21 in the mode of off-line, comprises the private key of playback equipment and the private key of centralized stores system in the device authorization file.
2) Active-Movie content-encrypt typing:
1. publisher's authority manager 5 of the B of centralized stores system is received publisher's authority 18, by the contents encryption key 22 in the B of the centralized stores system private key deciphering publisher authority 18, contents encryption key 22 is passed to content-encrypt manager 6, and the content that publisher's authority is passed to the B of centralized stores system derives encapsulation manager 7.
2. the content-encrypt manager 6 of the B of centralized stores system is received contents encryption key 22, respective digital movie and television contents 14 is encrypted by symmetric encipherment algorithm, form the Active-Movie content 23 of encrypting, and the Active-Movie content 23 of encrypting is passed to the content derivation encapsulation manager 7 of the B of centralized stores system.
3. the content of the B of centralized stores system derives encapsulation manager 7, with the Active- Movie content 23 and 18 packings of publisher's authority of encrypting, and is stored in the disk array 24 of the B of centralized stores system.
3) distribution of Active-Movie content (being used to prevent that illegal contents from entering the publisher system):
1. the content of the B of centralized stores system derives encapsulation manager 7, by line publisher Authorization Manager 3 file a request obtain publisher's PKI 26 and publisher's certificate 25 with publisher's certificate 25 by publisher's public key encryption, obtain publisher's certificate ciphertext 28, and pack with movie and television contents 23 and publisher's authority 18 of encrypting, copy among the C of publisher system by making carbon copies memory device 27.
2. the publisher's authority manager among the C of publisher system 8 is by the publisher certificate 25 of publisher system private key deciphering by public key encryption, and the publisher certificate comparison built-in with system, judge the movie and television contents 23 of encryption and the legitimacy that publisher's authority 18 is stored in the publisher system, be stored in publisher's system disk array 29 for legal content.
3. the P2P manager 15 of the B of centralized stores system is as the P2P manager 16 of server with the online mode management publisher C of system, the P2P manager 16 of the C of publisher system with publisher's certificate as numbering, the P2P manager of the B of centralized stores system is obtained publisher's certificate by the content derivation encapsulation manager 7 of the B of centralized stores system, selects correct publisher P2P manager to send correct content (movie and television contents 23, publisher's authority 18, the publisher's certificate 25 that comprise encryption) by publisher's certificate.
3) DecryptDecryption of programme content
1. the apparatus bound Authorization Manager 9 among the C of publisher system according to user's purchase information issuing file Play Control information 31, and is combined into play authorization file 32 with file Play Control information 31, publisher's authority 18, publisher's certificate 25.Simultaneously, 30 pairs of play authorization files 32 of PKI that apparatus bound Authorization Manager 9 is obtained user's playback equipment by online mode slave unit Authorization Manager 4 are encrypted, and obtain play authorization ciphertext 33, and this process is called the apparatus bound empowerment management.
2. the content among the C of publisher system derives encapsulation manager 10 play authorization ciphertext 31 and the Active-Movie content 23 of encrypting is packaged into an independently file, be called programme content 34, the user can make carbon copies memory device 15 and programme content 34 copies are gone home to connect playback equipment D watches by using.
3. the play authorization file manager 11 of playback equipment D obtains file Play Control information 31, publisher's certificate 25 and publisher's authority 18 according to the play authorization ciphertext 33 in the playback equipment D private key deciphering programme content 34.
4. the Play Control manager 12 of playback equipment D reads file Play Control information 31, publisher's certificate 25, publisher's authority 18, judge the legitimacy and the control information of digital movie and television contents, have at the broadcasting time that allows and call deciphering presentation manager 13 under the remaining situation.
5. the deciphering presentation manager 12 of playback equipment D is decrypted the ciphertext with the contents encryption key of the Active-Movie of centralized stores system public key encryption in publisher's authority 18 according to the built-in B of centralized stores system private key, obtain the contents encryption key 22 of Active-Movie, taking symmetrical decryption technology deciphering to play the Active-Movie content by contents encryption key 22 obtains the Active-Movie content expressly, carries out decodes and plays again.