A kind of authorization method of digital asset, device, equipment and medium
Technical field
The present invention relates to copyright protection fields, more particularly to a kind of authorization method of digital asset, device, equipment and Jie
Matter.
Background technique
It is that enterprise or individual are important since copyright is the embodiment of personal self-value and the performance of enterprise innovation strength
Intangible asset, therefore facilitate to safeguard the legal power of author or other copyright owners and works user for the protection of copyright
Benefit, and be conducive to works and embody economic value.
Current network-type enterprise would generally provide a user corresponding APP (application program), user can by APP to
Enterprise obtains the digital asset including literature, music, film, scientific works, software, picture etc..Due to the number of enterprise
Assets are often the product by enterprise's creation or enterprise's purchase, therefore enterprise has copyrighted authorization qualification for digital asset,
I.e. enterprise can constrain user to the access right of digital asset.In the current situation, user accesses a certain number by APP and provides
When production, needs to first pass through enterprise's preset certificate server and the APP qualification for accessing the digital asset is inquired and authenticated, into
And the digital asset can be got by the APP of Certificate Authority.But since current certificate server is usually centralization
Equipment, therefore once break down or data be tampered with, then be difficult to ensure when being authorized to the use of digital asset
Reliability and correctness, while also improving the copyright protection difficulty to digital asset.
It can be seen that a kind of authorization method of digital asset is provided, when guaranteeing to authorize the use of digital asset
Reliability and correctness, and then reduce to the copyright protection difficulty of digital asset, be that those skilled in the art are urgently to be resolved
The problem of.
Summary of the invention
The object of the present invention is to provide a kind of authorization method of digital asset, device, equipment and media, to guarantee to number
Reliability and correctness when the use of assets is authorized, and then reduce the copyright protection difficulty to digital asset.
In order to solve the above technical problems, the present invention provides a kind of authorization method of digital asset, it is applied to server, packet
It includes:
Receive the access request to target number assets initiated by application program, wherein application program is in advance with user
Identity logs;
Access request is responded, authority request is initiated to block chain according to the information of access request, and receive the return of block chain
Authority information;Record has user identity to the authority information of target number assets in block chain;
Authority information is back to the application program.
Preferably, including at least the characteristic information of target number assets and the identity information of user identity in access request.
Preferably, further includes:
The characteristic information of target number assets is received, and generates encryption key for the characteristic information of target number assets,
Encryption key is for encrypting corresponding target number assets, and encrypted target number asset store is in the section of content distributing network
Point.
Preferably, the type of authority information includes having the right information and to have no right information;
Correspondingly, before authority information is back to the application program, further includes:
The type of authority information is judged, if authority information is when having the right information, by the encryption key of target number assets
It is back to application program, so that the target number that application program uses encryption key decryption to download from content delivery network node
Assets.
Preferably, when application program, which carries out user identity login, to be passed through, the signing certificate with public key is received, is received
By application program initiate to the access requests of target number assets when, also receive public key, authority information be back to using journey
The data channel of sequence is encrypted using public key.
It preferably, include the default copyright information being embedded in using digital watermark technology in the data of target number assets.
In addition, the present invention also provides a kind of authorization devices of digital asset, comprising:
Request module, for receiving the access request to target number assets initiated by application program, wherein answer
It is logged in advance with user identity with program;
Ask respond module initiates authority request to block chain according to the information of access request for responding access request,
And receive the authority information of block chain return;Record has user identity to the authority information of target number assets in block chain;
Authorization module, for authority information to be back to application program.
In addition, the present invention also provides a kind of authorisation devices of digital asset, comprising:
Memory, for storing computer program;
Processor, when for executing computer program the step of the realization such as authorization method of above-mentioned digital asset.
In addition, being stored with meter on computer readable storage medium the present invention also provides a kind of computer readable storage medium
Calculation machine program, when computer program is executed by processor the step of the realization such as authorization method of above-mentioned digital asset.
In addition, being applied to block chain the present invention also provides a kind of authorization method of digital asset, comprising:
Receive the authority request to target number assets initiated by server, wherein include user in authority request
Identity;
According to authority request, user is returned to the authority information of target number assets to server.
The authorization method of digital asset provided by the present invention, application program are logged in advance with user identity, obtain by
After the access request to target number assets that application program is initiated, permission is initiated to block chain according to the information of access request
Request, since user identity pre-recorded in block chain is to the authority information of target number assets, by block chain
Corresponding authority information can be returned to by initiating authority request, and then by authority information return value application program to complete to authorize.By
Have the characteristics that decentralization in block chain, recorded in hold the recognizing of all nodes under block chain network, and can not
It is tampered, therefore corresponding relationship is pre-recorded in block chain by this method, opposite can guarantee according to corresponding relationship to number
The reliability and correctness that assets are authorized thereby reduce the copyright protection difficulty to digital asset.In addition, of the invention
Authorization device, equipment and the medium of a kind of digital asset are also provided, beneficial effect is same as above.
Detailed description of the invention
In order to illustrate the embodiments of the present invention more clearly, attached drawing needed in the embodiment will be done simply below
It introduces, it should be apparent that, drawings in the following description are only some embodiments of the invention, for ordinary skill people
For member, without creative efforts, it is also possible to obtain other drawings based on these drawings.
Fig. 1 is a kind of flow chart of the authorization method of digital asset provided in an embodiment of the present invention;
Fig. 2 is the flow chart of the authorization method of another digital asset provided in an embodiment of the present invention;
Fig. 3 is the system flow chart of digital asset authorization provided in an embodiment of the present invention;
Fig. 4 is a kind of structure chart of the authorization device of digital asset provided in an embodiment of the present invention.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete
Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, rather than whole embodiments.Based on this
Embodiment in invention, those of ordinary skill in the art are without making creative work, obtained every other
Embodiment belongs to the scope of the present invention.
Core of the invention is to provide a kind of authorization method of digital asset, to guarantee to award the use of digital asset
Reliability and correctness temporary, and then reduce the copyright protection difficulty to digital asset.Another core of the invention is to mention
For a kind of authorization device of digital asset, equipment and medium.
In order to enable those skilled in the art to better understand the solution of the present invention, with reference to the accompanying drawings and detailed description
The present invention is described in further detail.
Embodiment one
Fig. 1 is a kind of flow chart of the authorization method of digital asset provided in an embodiment of the present invention.Referring to FIG. 1, digital
The specific steps of the authorization method of assets include:
Step S10: the access request to target number assets initiated by application program is received.
Wherein, application program is logged in advance with user identity.
It should be noted that since difference, application is generally not present in the application program itself that enterprise provides a user
Program itself is only used in the often login application program that user provides the approach for obtaining digital asset, and has differences
The digital asset access right of user identity, different user identity has differences.Such as the application program of current video type
In, user can access particular video frequency content by way of paying, i.e., the user identity of paying customer, which has, obtains particular video frequency
The permission of content, and the user identity of non-paid user does not have the permission for obtaining particular video frequency content then.This step obtain with
It, can be in the next steps for target user's identity after the access request that the application program of target user's identity logs is initiated
The access authority for whether enjoying target number assets is determined.In addition, application program mentioned by this step can be mobile phone
Using, computer applications or TV applications etc., it is not specifically limited herein.
Step S11: response access request initiates authority request, and reception area to block chain according to the information of access request
The authority information that block chain returns.
Record has user identity to the authority information of target number assets in block chain.
It should be noted that since the node of block chain network is safeguarded and more new block chain jointly, and have between node
The corresponding relationship for having common recognition mechanism, therefore being recorded in block chain can not be tampered, mutually in the same time under, it is each in block chain network
Content in block chain accessed by a node is all the same.In this step, by the power between user identity and digital asset
Limit information is previously recorded in block chain the reliability and correctness that can ensure authority information, the permission letter of this step meaning
Breath characterization is for user identity to permission possessed by target number assets.
Step S12: authority information is back to application program.
It is understood that due to authority information characterization be access authority of the user identity to target number assets, because
After authority information is back to application program by this, application program can understand according to the content of authority information, the user's body of itself
Whether part can access to target number assets, that is, being awarded to using routine access target number assets
Power.
The authorization method of digital asset provided by the present invention, application program are logged in advance with user identity, obtain by
After the access request to target number assets that application program is initiated, permission is initiated to block chain according to the information of access request
Request, since user identity pre-recorded in block chain is to the authority information of target number assets, by block chain
Corresponding authority information can be returned to by initiating authority request, and then by authority information return value application program to complete to authorize.By
Have the characteristics that decentralization in block chain, recorded in hold the recognizing of all nodes under block chain network, and can not
It is tampered, therefore corresponding relationship is pre-recorded in block chain by this method, opposite can guarantee according to corresponding relationship to number
The reliability and correctness that assets are authorized thereby reduce the copyright protection difficulty to digital asset.
Embodiment two
On the basis of the above embodiments, the present invention also provides a series of preferred embodiments.
As a preferred embodiment, including at least the characteristic information of target number assets and user in access request
The identity information of identity.
It should be noted that characteristic information is generated and the data to digital asset carry out feature extraction, it is different
Characteristic information corresponding to available digital assets is all different.Since the data volume of characteristic information is often much smaller than digital asset sheet
The data volume of body, thus as request carry out transmission be can more efficiently.Each characteristic information is by corresponding number money
It produces and carries out feature extraction and generate, and be not in repetition between characteristic information, therefore characteristic information is in the present embodiment
The a certain digital asset of characterization can be uniquely corresponded to as CID (Content ID).In addition, can currently be calculated by MD5Hash etc.
Method generates characteristic information, and the mode due to generating characteristic information is content known in those skilled in the art, therefore is not done herein
Specifically repeat.Present embodiment is by the characteristic information of target number assets and user identity to should be used as access request, with this
Access request can concisely, be accurately shown to be so which target number assets what user identity accesses to, improve access
The high efficiency of request.
Fig. 2 is the flow chart of the authorization method of another digital asset provided in an embodiment of the present invention.Step S10- in Fig. 2
S12 is identical as Fig. 1, and details are not described herein.
As shown in Fig. 2, as a preferred embodiment, further include:
Step S20: the characteristic information of target number assets is received, and generates and adds for the characteristic information of target number assets
Key, encryption key is for encrypting corresponding target number assets, and encrypted target number asset store is in content distribution
Network node.
It should be noted that encryption key can the key schedule according to provided by the prior art generate, and not
The encryption key of same target number assets is different, and the safety of each target number assets is ensured with this.Digital asset
It can specifically by the encryption of encryption key and be uploaded in CDN (content distributing network) node, in turn, application program can be to
CDN initiates to carry the visit order of encryption key, and then CDN is determined corresponding to encryption key according to preset corresponding relationship
Target number assets, i.e. application program have the digital asset of access authority, and then to application transfer target number assets,
Application program can be decrypted and be used to it by encryption key after receiving target number assets.It needs to illustrate
It is that content distributing network is the device network for storing digital asset, relatively reliable number can be provided for application transfer
The support of assets.In addition, ordinal relation between step S20 and remaining step can according to the actual situation depending on, do not do herein
It is specific to limit.
In addition, as a preferred embodiment, the type of authority information includes having the right information and to have no right information;
Correspondingly, before authority information is back to application program, further includes:
The type of authority information is judged, if authority information is when having the right information, by the encryption key of target number assets
It is back to application program, so that the target number that application program uses encryption key decryption to download from content delivery network node
Assets.
It should be noted that in the present embodiment, the type of authority information includes to have the right information and to have no right information,
Whether the user identity for characterizing application program respectively has a permission of access target digital asset, and then by authority information
It is back to before application program, first the type of authority information is judged, it, will be by target when authority information is to have the right information
The encryption key return value application program of digital asset, and then application program can explicitly learn that user identity has acquisition target
The permission of digital asset, and the target number assets downloaded using encryption key decryption from content delivery network node.
In addition, as a preferred embodiment, receiving band when application program progress user identity login passes through
Have a signing certificate of public key, receive by application program initiates to the access requests of target number assets when, also receive public key, general
The data channel that authority information is back to application program is encrypted using public key.
It should be noted that application program can receive characterization after logining successfully with user identity in present embodiment
The proof of user identity, i.e. signing certificate have public key in signing certificate, provide secrecy branch with the communication process to application program
It holds, and then during authority information is back to application program, is added by public key to used data channel is communicated
It is close, it can guarantee that during authority information is transmitted to application program be not in that it is logical to improve data the case where being stolen with this
The safety of road transmitting rights information.
In addition, as a preferred embodiment, including to utilize digital watermarking skill in the data of target number assets
The default copyright information of art insertion.
Digital watermark technology (Digital Watermarking) is that some identification informations (i.e. digital watermarking) are directly embedding
Enter in digital carrier (including multimedia, document, software etc.), but do not influence the use value of original vector, is also not easy by people
Consciousness system (such as vision or auditory system) perceive or notice.Information in the carrier is hidden by these, can achieve
Confirmation creator of content, buyer, transmission secret information judge the purpose of whether carrier is tampered.In present embodiment,
After default copyright information is embedded in target number assets by digital watermark technology, mesh can be learned according to default copyright information
The copyright ownership of digital asset is marked, and default copyright information is difficult to be tampered, improves the copyright guarantor to target number assets
Shield degree.
The application also provides the embodiment under a kind of concrete application scene, please refers to digital asset as shown in Figure 3 and awards
The system flow chart of power.
Functional interpretation is carried out to the noun mentioned in this scene embodiment below:
Key server is previously stored with the characteristic information generated by digital asset, and finger print data is as characterization number money
Unique CID (Content ID) of identity is produced, and is previously stored with the corresponding encryption key of each CID, is added by the way that CID is corresponding
The corresponding digital asset of the CID can be decrypted in key.There are between CID and encryption key in key server
Corresponding relationship;
Assets uploading device, can be to the node upload digital assets of content distributing network;
Content distributing network can provide digital asset to application program;
Application program, can be by certificate server authenticating identity and to key server application to the corresponding of certain CID
Digital asset accesses, and according to the corresponding digital asset for obtaining content distributing network and providing of CID;
Certificate server is prestored the letter of identity of application program and is authenticated with the identity to application program;
Block chain, for recording each user identity for the permission of digital asset.
The executing subject of technical solution provided herein is the key server in Fig. 3, the entirety of present embodiment
Process is divided into two major parts, the respectively upload operation of digital asset and the access to digital asset, wherein number money
The upload of production is related to step (1) and (2) in figure, and step (3)-(6) in figure are related to the access of digital asset.
In the upload operation part of digital asset, step (1), (2) are specifically included:
Assets uploading device obtains the corresponding encryption key of the CID to key server by the CID of digital asset, in turn
Encryption production is carried out to digital asset by encryption key and is uploaded to content distributing network.
In digital asset access operation part, step (3) specifically:
Application program sends certification application to certificate server, and such as account, password, certificate server is according to preset identity
The table of comparisons searches account, the corresponding user identity of password, and the letter of identity for characterizing the user identity is returned to application program.
Step (4)-(5) specifically:
Application program initiates the access to the corresponding digital asset of target CID to key server by letter of identity, close
Key server judges application program by accessing the corresponding relationship between the letter of identity and CID recorded in advance in block chain
Whether current identity is able to access that the corresponding digital asset of target CID, if it is, returning to CID pairs of the target to application program
The encryption key answered.
Step (6) specifically:
Application program obtains corresponding digital asset according to encryption key, and then is carried out by encryption key to digital asset
It decrypts and uses.
Embodiment three
Hereinbefore the embodiment of the authorization method of digital asset is described in detail, the present invention also provides one
The authorization device of kind digital asset corresponding with this method, since the embodiment of device part and the embodiment of method part are mutual
It is corresponding, therefore the embodiment of device part refers to the description of the embodiment of method part, wouldn't repeat here.
Fig. 4 is a kind of structure chart of the authorization device of digital asset provided in an embodiment of the present invention.The embodiment of the present invention mentions
The authorization device of the digital asset of confession, comprising:
Request module 10, for receiving the access request to target number assets initiated by application program, wherein
Application program is logged in advance with user identity.
Ask respond module 11 is initiated permission to block chain according to the information of access request and is asked for responding access request
It asks, and receives the authority information of block chain return;Record has user identity to the authority information of target number assets in block chain.
Authorization module 12, for authority information to be back to application program.
The authorization device of digital asset provided by the present invention, application program are logged in advance with user identity, obtain by
After the access request to target number assets that application program is initiated, permission is initiated to block chain according to the information of access request
Request, since user identity pre-recorded in block chain is to the authority information of target number assets, by block chain
Corresponding authority information can be returned to by initiating authority request, and then by authority information return value application program to complete to authorize.By
Have the characteristics that decentralization in block chain, recorded in hold the recognizing of all nodes under block chain network, and can not
It is tampered, therefore corresponding relationship is pre-recorded in block chain by the present apparatus, opposite can guarantee according to corresponding relationship to number
The reliability and correctness that assets are authorized thereby reduce the copyright protection difficulty to digital asset.
Example IV
The present invention also provides a kind of authorisation devices of digital asset, comprising:
Memory, for storing computer program;
Processor, when for executing computer program the step of the realization such as authorization method of above-mentioned digital asset.
The authorisation device of digital asset provided by the present invention, application program are logged in advance with user identity, obtain by
After the access request to target number assets that application program is initiated, permission is initiated to block chain according to the information of access request
Request, since user identity pre-recorded in block chain is to the authority information of target number assets, by block chain
Corresponding authority information can be returned to by initiating authority request, and then by authority information return value application program to complete to authorize.By
Have the characteristics that decentralization in block chain, recorded in hold the recognizing of all nodes under block chain network, and can not
It is tampered, therefore corresponding relationship is pre-recorded in block chain by this equipment, opposite can guarantee according to corresponding relationship to number
The reliability and correctness that assets are authorized thereby reduce the copyright protection difficulty to digital asset.
The present invention also provides a kind of computer readable storage medium, computer journey is stored on computer readable storage medium
Sequence, when computer program is executed by processor the step of the realization such as authorization method of above-mentioned digital asset.
Computer readable storage medium provided by the present invention, application program are logged in advance with user identity, obtain by
After the access request to target number assets that application program is initiated, permission is initiated to block chain according to the information of access request
Request, since user identity pre-recorded in block chain is to the authority information of target number assets, by block chain
Corresponding authority information can be returned to by initiating authority request, and then by authority information return value application program to complete to authorize.By
Have the characteristics that decentralization in block chain, recorded in hold the recognizing of all nodes under block chain network, and can not
It is tampered, therefore corresponding relationship is pre-recorded in block chain by this computer readable storage medium, opposite can guarantee basis
The reliability and correctness that corresponding relationship authorizes digital asset, it is difficult to the copyright protection of digital asset to thereby reduce
Degree.
Embodiment five
The present invention also provides a kind of authorization methods of digital asset, are applied to block chain, comprising:
Receive the authority request to target number assets initiated by server, wherein include user in authority request
Identity;
According to authority request, user identity is returned to the authority information of target number assets to server.
The present invention also provides the authorization methods for the digital asset for being applied to block chain, with the above-mentioned number applied to server
The corresponding execution of the authorization method of assets, and identical beneficial effect can be reached, it specifically please refers to above-mentioned applied to service
The beneficial effect of the authorization method of the digital asset of device, at this to repeating no more.
A kind of authorization method of digital asset provided by the present invention, device, equipment and medium have been carried out in detail above
It introduces.Each embodiment is described in a progressive manner in specification, and the highlights of each of the examples are implement with other
The difference of example, the same or similar parts in each embodiment may refer to each other.For device, equipment disclosed in embodiment
And for medium, since it is corresponded to the methods disclosed in the examples, so being described relatively simple, related place is referring to method
Part illustrates.It should be pointed out that for those skilled in the art, before not departing from the principle of the invention
It puts, can be with several improvements and modifications are made to the present invention, these improvement and modification also fall into the guarantor of the claims in the present invention
It protects in range.
It should also be noted that, in the present specification, relational terms such as first and second and the like be used merely to by
One entity or operation are distinguished with another entity or operation, without necessarily requiring or implying these entities or operation
Between there are any actual relationship or orders.Moreover, the terms "include", "comprise" or its any other variant meaning
Covering non-exclusive inclusion, so that the process, method, article or equipment for including a series of elements not only includes that
A little elements, but also including other elements that are not explicitly listed, or further include for this process, method, article or
The intrinsic element of equipment.In the absence of more restrictions, the element limited by sentence "including a ...", is not arranged
Except there is also other identical elements in the process, method, article or apparatus that includes the element.