[go: up one dir, main page]

CN105516812A - Data security processing system - Google Patents

Data security processing system Download PDF

Info

Publication number
CN105516812A
CN105516812A CN201610059914.4A CN201610059914A CN105516812A CN 105516812 A CN105516812 A CN 105516812A CN 201610059914 A CN201610059914 A CN 201610059914A CN 105516812 A CN105516812 A CN 105516812A
Authority
CN
China
Prior art keywords
advertisement data
end server
authenticated
top box
address information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201610059914.4A
Other languages
Chinese (zh)
Inventor
刘飞
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Inspur Software Group Co Ltd
Original Assignee
Inspur Software Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Inspur Software Group Co Ltd filed Critical Inspur Software Group Co Ltd
Priority to CN201610059914.4A priority Critical patent/CN105516812A/en
Publication of CN105516812A publication Critical patent/CN105516812A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/45Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
    • H04N21/458Scheduling content for creating a personalised stream, e.g. by combining a locally stored advertisement with an incoming stream; Updating operations, e.g. for OS modules ; time-related management operations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/23Processing of content or additional data; Elementary server operations; Server middleware
    • H04N21/234Processing of video elementary streams, e.g. splicing of video streams or manipulating encoded video stream scene graphs
    • H04N21/2347Processing of video elementary streams, e.g. splicing of video streams or manipulating encoded video stream scene graphs involving video stream encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/441Acquiring end-user identification, e.g. using personal code sent by the remote control or by inserting a card
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/45Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
    • H04N21/462Content or additional data management, e.g. creating a master electronic program guide from data received from the Internet and a Head-end, controlling the complexity of a video stream by scaling the resolution or bit-rate based on the client capabilities
    • H04N21/4623Processing of entitlement messages, e.g. ECM [Entitlement Control Message] or EMM [Entitlement Management Message]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/45Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
    • H04N21/462Content or additional data management, e.g. creating a master electronic program guide from data received from the Internet and a Head-end, controlling the complexity of a video stream by scaling the resolution or bit-rate based on the client capabilities
    • H04N21/4627Rights management associated to the content

Landscapes

  • Engineering & Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Multimedia (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Storage Device Security (AREA)

Abstract

本发明实施例提供了一种数据安全的处理系统,涉及电视技术领域,用以更全面的保护广告数据的安全。所述系统包括前端服务器及机顶盒;前端服务器获取认证后的广告数据,并将广告数据利用预设加密算法,对广告数据进行加密,将加密的广告数据发送至机顶盒;认证后的广告数据是通过所述前端服务器认证的广告数据;机顶盒接收前端服务器发送的加密的广告数据,根据解密算法,对加密的广告数据进行解密;若机顶盒解密出广告数据,则存储广告数据;并且,机顶盒在接收前端服务器发送的加密的广告数据时,监听在预设时间内是否再次接收到加密的广告数据;若在预设时间内没有再次接收到加密的广告数据,则删除存储的广告数据。

An embodiment of the present invention provides a data security processing system, relates to the technical field of television, and is used for more comprehensively protecting the security of advertisement data. The system includes a front-end server and a set-top box; the front-end server obtains the authenticated advertisement data, encrypts the advertisement data with a preset encryption algorithm, and sends the encrypted advertisement data to the set-top box; the authenticated advertisement data is passed The advertisement data authenticated by the front-end server; the set-top box receives the encrypted advertisement data sent by the front-end server, and decrypts the encrypted advertisement data according to the decryption algorithm; if the advertisement data is decrypted by the set-top box, the advertisement data is stored; and, the set-top box receives the advertisement data at the front end When the encrypted advertisement data is sent by the server, it is monitored whether the encrypted advertisement data is received again within the preset time; if the encrypted advertisement data is not received again within the preset time, the stored advertisement data is deleted.

Description

一种数据安全的处理系统A Data Safe Processing System

技术领域technical field

本发明涉及电视技术领域,尤其涉及一种数据安全的处理系统。The invention relates to the technical field of television, in particular to a data security processing system.

背景技术Background technique

随着科学技术的发展,机顶盒的业务类型越来越多。在机顶盒上开发广告类增值业务,越来越受到各广电行业运营商、中间件厂家、机顶盒软件开发企业的青睐。广告类增值业务在丰富了机顶盒的产品功能、提高了用户体验,且增加了运营商的收益。With the development of science and technology, there are more and more business types of set-top boxes. The development of advertising value-added services on set-top boxes is increasingly favored by operators in the broadcasting and television industry, middleware manufacturers, and set-top box software development companies. Advertising value-added services enrich the product functions of set-top boxes, improve user experience, and increase the revenue of operators.

但是,在投放广告信息时,都是从前端服务器向机顶盒终端单向推送。其间缺乏足够的保护手段,一旦广告数据的传输系统被不法分子攻破,将带来无法挽回的损失。However, when advertising information is placed, it is pushed one-way from the front-end server to the set-top box terminal. There is a lack of adequate protection measures, and once the transmission system of advertising data is breached by criminals, it will cause irreparable losses.

发明内容Contents of the invention

本发明的实施例提供一种数据安全的处理系统,用以更全面的保护广告数据的安全。Embodiments of the present invention provide a data security processing system to more comprehensively protect the security of advertisement data.

为达到上述目的,本发明的实施例采用如下技术方案:In order to achieve the above object, embodiments of the present invention adopt the following technical solutions:

本发明实施例提供了一种数据安全的处理系统,包括:前端服务器及机顶盒;其中,所述前端服务器获取认证后的广告数据,并将所述广告数据利用预设加密算法,对所述广告数据进行加密,将加密的所述广告数据发送至机顶盒;所述认证后的广告数据是通过所述前端服务器认证的广告数据;所述机顶盒接收所述前端服务器发送的加密的广告数据,根据解密算法,对所述加密的广告数据进行解密;若所述机顶盒解密出广告数据,则存储所述广告数据;并且,所述机顶盒在接收所述前端服务器发送的加密的广告数据时,监听在预设时间内是否再次接收到所述加密的广告数据;若在预设时间内没有再次接收到所述加密的广告数据,则删除存储的所述广告数据。An embodiment of the present invention provides a data security processing system, including: a front-end server and a set-top box; wherein, the front-end server obtains the authenticated advertisement data, and uses a preset encryption algorithm to encrypt the advertisement data. The data is encrypted, and the encrypted advertisement data is sent to a set-top box; the authenticated advertisement data is the advertisement data authenticated by the front-end server; the set-top box receives the encrypted advertisement data sent by the front-end server, and decrypts the algorithm to decrypt the encrypted advertisement data; if the set-top box decrypts the advertisement data, then store the advertisement data; and when the set-top box receives the encrypted advertisement data sent by the front-end server, it listens to the Whether the encrypted advertisement data is received again within a set time; if the encrypted advertisement data is not received again within a preset time, the stored advertisement data is deleted.

可选地,所述前端服务器获取认证后的广告数据包括:所述前端服务器对发送广告数据的用户进行身份认证;若所述发送广告数据的用户通过身份认证,则将所述用户发送的广告数据确定为认证后的广告数据;或者,所述前端服务器接收用户发送的广告数据,确定所述广告数据中的地址信息是否为预设地址信息,若所述广告数据中的地址信息为预设地址信息,则将所述广告数据确定为认证后的广告数据;或者,所述前端服务器将从移动设备中获取的广告数据确定为认证后的广告数据。Optionally, the acquisition of the authenticated advertisement data by the front-end server includes: the front-end server authenticates the user who sends the advertisement data; if the user who sends the advertisement data passes the identity authentication, then the advertisement sent by the user The data is determined to be authenticated advertisement data; or, the front-end server receives the advertisement data sent by the user, and determines whether the address information in the advertisement data is preset address information, if the address information in the advertisement data is preset address information, the advertisement data is determined as authenticated advertisement data; or, the front-end server determines the advertisement data acquired from the mobile device as authenticated advertisement data.

可选地,所述前端服务器获取认证后的广告数据包括:所述前端服务器对发送广告数据的用户进行身份认证;若所述发送广告数据的用户通过身份认证,则接收所述用户发送的广告数据,并确定所述广告数据中的地址信息是否为预设地址信息,若所述广告数据中的地址信息为预设地址信息,则将所述广告数据确定为认证后的广告数据。Optionally, the acquisition of the authenticated advertisement data by the front-end server includes: the front-end server authenticates the user who sends the advertisement data; if the user who sends the advertisement data passes the identity authentication, then receives the advertisement sent by the user data, and determine whether the address information in the advertisement data is preset address information, and if the address information in the advertisement data is preset address information, then determine the advertisement data as authenticated advertisement data.

可选地,所述前端服务器获取认证后的广告数据包括:所述前端服务器对发送广告数据的用户进行身份认证;若所述发送广告数据的用户通过身份认证,则将所述移动设备中获取的广告数据确定为认证后的广告数据。Optionally, the acquisition of the authenticated advertisement data by the front-end server includes: the front-end server authenticates the user who sends the advertisement data; if the user who sends the advertisement data passes the identity authentication, then obtains the The advertisement data of is determined as the authenticated advertisement data.

可选地,所述前端服务器获取认证后的广告数据包括:所述前端服务器从所述移动设备中获取的广告数据,并确定所述广告数据中的地址信息是否为预设地址信息,若所述广告数据中的地址信息为预设地址信息,则将所述广告数据确定为认证后的广告数据。Optionally, obtaining the authenticated advertisement data by the front-end server includes: the advertisement data obtained by the front-end server from the mobile device, and determining whether the address information in the advertisement data is preset address information, if the If the address information in the advertisement data is preset address information, the advertisement data is determined as authenticated advertisement data.

可选地,所述前端服务器获取认证后的广告数据包括:所述前端服务器对发送广告数据的用户进行身份认证;若所述发送广告数据的用户通过身份认证,则从所述移动设备中获取的广告数据,并确定所述广告数据中的地址信息是否为预设地址信息,若所述广告数据中的地址信息为预设地址信息,则将所述广告数据确定为认证后的广告数据。Optionally, the acquisition of the authenticated advertisement data by the front-end server includes: the front-end server authenticates the user who sends the advertisement data; if the user who sends the advertisement data passes the identity authentication, obtains from the mobile device and determine whether the address information in the advertisement data is preset address information, and if the address information in the advertisement data is preset address information, then determine the advertisement data as authenticated advertisement data.

可选地,所述前端服务器对发送广告数据的用户进行身份认证包括:所述前端服务器检测用户是否插入U盾;若插入U盾,则从所述U盾中获取身份信息,对所述身份信息进行验证。Optionally, the front-end server performing identity authentication on the user who sends the advertisement data includes: the front-end server detects whether the user inserts a USB-shield; The information is verified.

可选地,所述若所述机顶盒解密出广告数据,则存储所述广告数据包括:Optionally, if the set-top box decrypts the advertisement data, storing the advertisement data includes:

若所述机顶盒解密出广告数据,则对所述广告数据进行解析获取所述广告数据的版本号;根据所述广告数据的版本号,确定所述广告数据是否已存储;若确定未存储所述广告数据,则根据所述广告数据更新已存储的广告数据。If the set-top box decrypts the advertisement data, then analyze the advertisement data to obtain the version number of the advertisement data; determine whether the advertisement data has been stored according to the version number of the advertisement data; if it is determined that the advertisement data has not been stored, Advertisement data, then update the stored advertisement data according to the advertisement data.

可选地,还包括:若确定存储了所述广告数据,则不处理解密后的所述广告数据。Optionally, the method further includes: if it is determined that the advertisement data is stored, not processing the decrypted advertisement data.

可选地,在所述前端服务器在将加密后的所述广告数据发送至机顶盒之后,还包括:所述前端服务器向管理员发送广告数据发送至机顶盒的提示消息。Optionally, after the front-end server sends the encrypted advertisement data to the set-top box, the method further includes: the front-end server sends a prompt message that the advertisement data is sent to the set-top box to the administrator.

本发明实施例提供了一种数据安全的处理系统,包括:前端服务器及机顶盒;其中,前端服务器获取认证后的广告数据,并将广告数据利用预设加密算法,对广告数据进行加密,将加密的广告数据发送至机顶盒;机顶盒接收前端服务器发送的加密的广告数据,根据解密算法,对加密的广告数据进行解密;若机顶盒解密出广告数据,则存储广告数据;并且,机顶盒在接收前端服务器发送的加密的广告数据时,监听在预设时间内是否再次接收到加密后的广告数据;若在预设时间内没有再次接收到加密后的广告数据,则删除存储的广告数据。这样,在数据安全的处理系统中,前端服务器获取认证后的广告数据,由于此认证后的数据是通过前端服务器认证的广告数据,因此,认证后的广告数据为安全的广告数据,此时前端服务器可以将认证后的广告数据发送至机顶盒。为了防止传输过程中,广告数据被替换,此时前端服务器可以利用预设加密算法对此认证后的广告数据进行加密,并将加密后的广告数据发送至机顶盒。机顶盒在接收到加密的广告数据后,可以对此加密的广告数据解密,解密出广告数据后,可以存储此广告数据。机顶盒在接收前端服务器发送的加密的广告数据时,需要在预设时间内继续监听是否再次接收到加密的广告数据,若在预设时间内没有再次接收到加密的广告数据,则机顶盒将存储的广告数据删除。这样可以在前端服务器获取的认证后的广告数据为非法数据时,将此非法数据发送至机顶盒,此时若管理员将前端服务器关闭时,机顶盒则在预设时间内无法接收到加密的广告数据,机顶盒可以将存储的广告数据删除,从而可以将已存储的非法数据删除,停止播放此非法数据。也就是说,在本发明中的数据安全的处理系统可以在前端服务器及机顶盒均实现对广告数据的安全保护,从而可以实现更全面的保护广告数据的安全的目的。An embodiment of the present invention provides a data security processing system, including: a front-end server and a set-top box; wherein, the front-end server obtains the authenticated advertisement data, and encrypts the advertisement data using a preset encryption algorithm, and encrypts the advertisement data. The set-top box receives the encrypted advertisement data sent by the front-end server, and decrypts the encrypted advertisement data according to the decryption algorithm; if the set-top box decrypts the advertisement data, it stores the advertisement data; and, the set-top box receives the advertisement data sent by the front-end server When the encrypted advertisement data is received, it is monitored whether the encrypted advertisement data is received again within the preset time; if the encrypted advertisement data is not received again within the preset time, the stored advertisement data is deleted. In this way, in the data security processing system, the front-end server obtains the authenticated advertisement data. Since the authenticated data is the advertisement data authenticated by the front-end server, the authenticated advertisement data is safe advertisement data. At this time, the front-end The server can send the authenticated advertisement data to the set-top box. In order to prevent the advertisement data from being replaced during transmission, the front-end server may encrypt the authenticated advertisement data by using a preset encryption algorithm, and send the encrypted advertisement data to the set-top box. After the set-top box receives the encrypted advertisement data, it can decrypt the encrypted advertisement data, and after decrypting the advertisement data, it can store the advertisement data. When the set-top box receives the encrypted advertisement data sent by the front-end server, it needs to continue to monitor whether the encrypted advertisement data is received again within the preset time. If the encrypted advertisement data is not received again within the preset time, the set-top box will store the encrypted advertisement data. Advertising data deletion. In this way, when the authenticated advertisement data obtained by the front-end server is illegal data, the illegal data can be sent to the set-top box. At this time, if the administrator closes the front-end server, the set-top box cannot receive the encrypted advertisement data within the preset time , the set-top box can delete the stored advertisement data, so that the stored illegal data can be deleted, and the playing of the illegal data can be stopped. That is to say, the data security processing system in the present invention can realize the security protection of the advertisement data in both the front-end server and the set-top box, so as to realize the purpose of protecting the security of the advertisement data more comprehensively.

附图说明Description of drawings

为了更清楚地说明本发明实施例的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the following will briefly introduce the accompanying drawings that need to be used in the description of the embodiments or the prior art. Obviously, the accompanying drawings in the following description are only some of the present invention. Embodiments, for those of ordinary skill in the art, other drawings can also be obtained based on these drawings without any creative effort.

图1为本发明实施例提供的一种数据安全的系统的示意图;FIG. 1 is a schematic diagram of a data security system provided by an embodiment of the present invention;

图2为本发明实施例提供的另一种数据安全的系统的示意图。FIG. 2 is a schematic diagram of another data security system provided by an embodiment of the present invention.

具体实施方式detailed description

下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

本发明实施例提供了一种数据安全的系统,如图1所示,包括:前端服务器及机顶盒。其中,An embodiment of the present invention provides a data security system, as shown in FIG. 1 , including: a front-end server and a set-top box. in,

101、前端服务器获取认证后的广告数据,并将广告数据利用预设加密算法,对广告数据进行加密,将加密的广告数据发送至机顶盒。101. The front-end server obtains the authenticated advertisement data, encrypts the advertisement data by using a preset encryption algorithm, and sends the encrypted advertisement data to the set-top box.

其中,认证后的广告数据是通过前端服务器认证的广告数据。Wherein, the authenticated advertisement data is the advertisement data authenticated by the front-end server.

具体的,前端服务器利用预设的认证方法可以获取到认证后的广告数据,在获取到认证后的广告数据后可以为其获取的广告数据为合法的广告数据,此时前端服务器可以将其获取的认证后的广告数据发送至机顶盒中。由于前端服务器与机顶盒间通过传输介质,例如cable(线缆)连接,为了防止传输介质被非法分子嫁接,导致前端服务器对机顶盒失去控制能力,此时前端服务器需要对待发送至机顶盒的广告数据进行加密处理。这样一来,即时非法分子对传输介质进行嫁接,由于其无法获知前端服务器的加密算法及机顶盒的解密算法,进而无法伪造广告数据。前端服务器可以利用预设加密算法对认证后的广告数据进行加密,进而可以将加密后的广告数据发送至机顶盒中。Specifically, the front-end server can obtain the authenticated advertisement data by using the preset authentication method. After obtaining the authenticated advertisement data, the advertisement data obtained for it is legal advertisement data. At this time, the front-end server can obtain it The authenticated advertisement data is sent to the set-top box. Since the front-end server and the set-top box are connected through a transmission medium, such as a cable (cable), in order to prevent the transmission medium from being grafted by illegal elements, the front-end server loses control over the set-top box. At this time, the front-end server needs to encrypt the advertisement data to be sent to the set-top box deal with. In this way, even if illegal elements graft the transmission medium, because they cannot know the encryption algorithm of the front-end server and the decryption algorithm of the set-top box, they cannot forge advertisement data. The front-end server can use a preset encryption algorithm to encrypt the authenticated advertisement data, and then can send the encrypted advertisement data to the set-top box.

需要说明的是,前端服务器可以与机顶盒预先约定好使用的加密算法及解密算法。这样一来,前端服务器可以利用约定好的加密算法对广告数据进行加密,而机顶盒可以利用约定好的解密算法对接收的加密广告数据进行解密,进而获取到所需的广告数据。进一步的,加密算法可以是对称加密算法,可以是非对称加密算法,还可以是其他高级加密算法,本发明对此不做限制。其中,由于加密算法与解密算法是对应的,在加密算法确定后,其对应的解密算法也就确定出。It should be noted that the front-end server may pre-agreed with the set-top box on the encryption algorithm and decryption algorithm to be used. In this way, the front-end server can use the agreed encryption algorithm to encrypt the advertisement data, and the set-top box can use the agreed decryption algorithm to decrypt the received encrypted advertisement data, and then obtain the required advertisement data. Further, the encryption algorithm may be a symmetric encryption algorithm, an asymmetric encryption algorithm, or other advanced encryption algorithms, which is not limited in the present invention. Wherein, since the encryption algorithm corresponds to the decryption algorithm, after the encryption algorithm is determined, the corresponding decryption algorithm is also determined.

进一步的,前端服务器是生成广告数据的服务器。为了保证生成的广告数据为合法的广告数据,管理员可以设定认证方法,这样一来,前端服务器将认证获取的广告数据认为是合法的广告数据。管理员在可以设定不同的认证方法,前端服务器可以根据不同的认证方法获取认证后的广告数据。具体如下:Further, the front-end server is a server that generates advertisement data. In order to ensure that the generated advertisement data is legitimate advertisement data, the administrator can set an authentication method, so that the front-end server will regard the advertisement data acquired through authentication as legitimate advertisement data. The administrator can set different authentication methods, and the front-end server can obtain the authenticated advertisement data according to different authentication methods. details as follows:

前端服务器获取认证后的广告数据包括:前端服务器对发送广告数据的用户进行身份认证;若发送广告数据的用户通过身份认证,则将用户发送的广告数据确定为认证后的广告数据。Obtaining the authenticated advertisement data by the front-end server includes: the front-end server authenticates the user who sends the advertisement data; if the user who sends the advertisement data passes the identity authentication, the advertisement data sent by the user is determined as the authenticated advertisement data.

具体的,用户需要登录至前端服务器时,前端服务器可以先对用户的身份进行认证。此时前端服务器可以获取用户的身份信息,从而根据用户的身份信息对用户进行身份认证。在前端服务器在确定出获取的身份信息为合法的身份信息时,可以确定出此用户通过身份认证。此时,用户通过身份验证后,可以向前端服务器发送广告数据,前端服务器可以将通过身份认证的用户发送的广告数据确定为认证后的广告数据。Specifically, when a user needs to log in to the front-end server, the front-end server may first authenticate the identity of the user. At this time, the front-end server can obtain the identity information of the user, so as to authenticate the user according to the identity information of the user. When the front-end server determines that the acquired identity information is legal, it can determine that the user has passed identity authentication. At this time, after the user passes the authentication, he can send advertisement data to the front-end server, and the front-end server can determine the advertisement data sent by the authenticated user as the authenticated advertisement data.

在前端服务器在确定出获取的身份信息为不合法的身份信息时,可以确定出此用户没有通过身份认证。此时,前端服务器可以将此用户发送的广告数据丢弃。When the front-end server determines that the acquired identity information is illegal, it can determine that the user has not passed identity authentication. At this time, the front-end server may discard the advertisement data sent by the user.

进一步的,前端服务器对发送广告数据的用户进行身份认证包括:前端服务器检测用户是否插入U盾;若插入U盾,则从U盾中获取身份信息,对身份信息进行验证。Further, the identity authentication of the user sending the advertisement data by the front-end server includes: the front-end server detects whether the user has inserted a USB-shield; if the USB-shield is inserted, the identity information is obtained from the USB-shield, and the identity information is verified.

具体的,前端服务器对发送广告数据的用户进行身份认证的方法可以是利用U盾来进行验证。此时,前端服务器监听用户是否插入U盾。在监听到用户插入U盾时,可以从U盾中获取到用户的身份信息,进而可以对身份信息进行验证。Specifically, the method for the front-end server to authenticate the identity of the user who sends the advertisement data may be to use a USB-shield for authentication. At this time, the front-end server monitors whether the user inserts the USB-shield. When it is detected that the user inserts the USB-shield, the user's identity information can be obtained from the USB-shield, and then the identity information can be verified.

需要说明的是,前端服务器对发送广告数据的用户进行身份认证的方法还可以是其他方法,例如,前端服务器可以接收用户输入的用户名及密码,进而对此用户的用户名及密码作为用户的身份信息,进行相应的验证。本发明对此不作限制。It should be noted that the method for the front-end server to authenticate the user who sends the advertisement data can also be other methods. For example, the front-end server can receive the user name and password input by the user, and then use the user name and password of the user as the user's ID. The identity information is verified accordingly. The present invention is not limited thereto.

进一步的,前端服务器根据用户的身份信息对用户进行身份认证的具体方法可以是,在前端服务器中预先存储有合法用户的身份信息,这样前端服务器在获取到用户的身份信息后,可以将获取的身份信息与预先存储的合法用户的身份信息进行比对,若预先存储的合法用户的身份信息中有与获取的身份信息相匹配的信息,则前端服务器可以将获取的身份信息为合法的身份信息。若预先存储的合法用户的身份信息中没有与获取的身份信息相匹配的信息,则前端服务器可以将获取的身份信息为不合法的身份信息。Further, the specific method for the front-end server to authenticate the user according to the user's identity information may be to pre-store the identity information of the legal user in the front-end server, so that after the front-end server obtains the user's identity information, it can use the acquired The identity information is compared with the pre-stored identity information of the legitimate user. If the pre-stored identity information of the legitimate user matches the acquired identity information, the front-end server can regard the acquired identity information as legitimate identity information . If there is no information matching the acquired identity information among the pre-stored legal user identity information, the front-end server may regard the acquired identity information as illegal identity information.

需要说明的是,前端服务器根据用户的身份信息对用户进行身份认证的具体方法还可是其他方法,例如,在前端服务器利用U盾来进行验证,还可以使用现有的U盾验证的方法,本发明对此不作限制。It should be noted that the specific method for the front-end server to authenticate the user according to the user's identity information can also be other methods, for example, the front-end server uses a USB-shield for verification, and the existing USB-shield verification method can also be used. The invention is not limited thereto.

这样一来,前端服务器可以对需登录前端服务器的用户进行身份认证,从而防止没有权限的用户利用前端服务器发送非法广告数据。In this way, the front-end server can authenticate users who need to log in to the front-end server, thereby preventing unauthorized users from using the front-end server to send illegal advertisement data.

或者,前端服务器获取认证后的广告数据包括:前端服务器接收用户发送的广告数据,确定广告数据中的地址信息是否为预设地址信息,若广告数据中的地址信息为预设地址信息,则将广告数据确定为认证后的广告数据。Alternatively, obtaining the authenticated advertisement data by the front-end server includes: the front-end server receives the advertisement data sent by the user, determines whether the address information in the advertisement data is preset address information, and if the address information in the advertisement data is preset address information, then the The advertisement data is determined as authenticated advertisement data.

具体的,前端服务器可以不限定向其发送广告数据的用户,而是严格限制访问地址。此时,前端服务器接收用户发送的广告数据,在接收到此广告数据后,可以解析广告数据,进而获知广告数据中的地址信息,将广告数据中的地址信息与预设地址信息进行比对,确定广告数据是否为合法的广告数据。若广告数据中的地址信息为预设地址信息,则可以认为用户发送的广告数据为合法的广告数据,此时可以将广告数据确定为认证后的广告数据。若广告数据中的地址信息不是预设地址信息,则可以认为用户发送的广告数据为不合法的广告数据,此时前端服务器可以将广告数据丢弃。Specifically, the front-end server may not limit the users who send advertisement data to it, but strictly restrict access addresses. At this time, the front-end server receives the advertisement data sent by the user. After receiving the advertisement data, it can analyze the advertisement data, and then obtain the address information in the advertisement data, and compare the address information in the advertisement data with the preset address information. It is determined whether the advertisement data is legitimate advertisement data. If the address information in the advertisement data is preset address information, the advertisement data sent by the user can be considered as legal advertisement data, and at this time, the advertisement data can be determined as authenticated advertisement data. If the address information in the advertisement data is not the preset address information, the advertisement data sent by the user may be considered as illegal advertisement data, and the front-end server may discard the advertisement data at this time.

进一步的,广告数据的地址信息包括:IP(InternetProtocol,互联网协议)地址信息及MAC(MediaAccessControl,媒体访问控制)地址信息。Further, the address information of the advertisement data includes: IP (Internet Protocol, Internet Protocol) address information and MAC (Media Access Control, Media Access Control) address information.

需要说明的是,在本发明实施例中,广告数据的地址信息还可仅是IP地址信息或是MAC地址信息,或是其他地址信息,本发明对此不作限制。It should be noted that, in the embodiment of the present invention, the address information of the advertisement data may only be IP address information or MAC address information, or other address information, which is not limited in the present invention.

这样一来,在前端服务器可以满足联网需求,通过严格限制访问的地址信息来保证广告数据的安全。In this way, the front-end server can meet the networking requirements, and ensure the safety of advertising data by strictly restricting the address information for access.

或者,前端服务器获取认证后的广告数据包括:前端服务器将从移动设备中获取的广告数据确定为认证后的广告数据。Alternatively, obtaining the authenticated advertisement data by the front-end server includes: determining, by the front-end server, the advertisement data obtained from the mobile device as authenticated advertisement data.

具体的,为了保证广告数据的安全,用户并不是通过其他终端设备向前端服务器发送广告数据,这样,前端服务器无需与其他终端设备连接,从而可以防止前端服务器被攻击。用户可以将广告数据存储至移动设备中,前端服务器从移动设备获取广告数据,并可以直接将从移动设备中获取的广告数据确定为认证后的广告数据。Specifically, in order to ensure the safety of the advertisement data, the user does not send the advertisement data to the front-end server through other terminal devices. In this way, the front-end server does not need to be connected with other terminal devices, thereby preventing the front-end server from being attacked. The user can store the advertisement data in the mobile device, and the front-end server obtains the advertisement data from the mobile device, and can directly determine the advertisement data obtained from the mobile device as the authenticated advertisement data.

需要说明的是,前端服务器获取认证后的广告数据的方法还可以是其他方法,例如将前端服务器限制在局域网中,将其与外网断开,使前端服务器将从局域网中的设备获取广告数据确定为认证后的广告数据。当然,还可以是其他方法,本发明对此不做限制。It should be noted that the method for the front-end server to obtain the authenticated advertisement data can also be other methods, such as restricting the front-end server to the local area network and disconnecting it from the external network, so that the front-end server will obtain advertisement data from devices in the local area network Determined as authenticated advertisement data. Of course, other methods are also possible, and the present invention does not limit this.

上述前端服务器获取认证后的广告数据仅是针对一种认证方式的。为了增强前端服务器获取广告数据的安全,可以将多个认证方式向结合。具体如下:The above-mentioned front-end server obtains the authenticated advertisement data only for one authentication method. In order to enhance the security of the front-end server in obtaining advertisement data, multiple authentication methods can be combined. details as follows:

前端服务器获取认证后的广告数据包括:前端服务器对发送广告数据的用户进行身份认证;若发送广告数据的用户通过身份认证,则接收用户发送的广告数据,并确定广告数据中的地址信息是否为预设地址信息,若广告数据中的地址信息为预设地址信息,则将广告数据确定为认证后的广告数据。The front-end server obtains the authenticated advertisement data including: the front-end server authenticates the user who sends the advertisement data; if the user who sends the advertisement data passes the identity authentication, then receives the advertisement data sent by the user, and determines whether the address information in the advertisement data is The preset address information, if the address information in the advertisement data is the preset address information, then determine the advertisement data as authenticated advertisement data.

具体的,前端服务器首先对登录的用户进行身份认证,在身份认证通过后,可以接收此用户发送的广告数据,并对此广告数据进行解析获取广告数据中的地址信息,将广告数据中的地址信息与预设地址信息进行比对,确定广告数据是否为合法的广告数据。若广告数据中的地址信息为预设地址信息,则可以认为用户发送的广告数据为合法的广告数据,此时可以将广告数据确定为认证后的广告数据。Specifically, the front-end server first authenticates the logged-in user. After the identity authentication is passed, it can receive the advertisement data sent by the user, and analyze the advertisement data to obtain the address information in the advertisement data, and convert the address information in the advertisement data to The information is compared with the preset address information to determine whether the advertisement data is legal advertisement data. If the address information in the advertisement data is preset address information, the advertisement data sent by the user can be considered as legal advertisement data, and at this time, the advertisement data can be determined as authenticated advertisement data.

或者,前端服务器获取认证后的广告数据包括:前端服务器对发送广告数据的用户进行身份认证;若发送广告数据的用户通过身份认证,则将移动设备中获取的广告数据确定为认证后的广告数据。Alternatively, obtaining the authenticated advertisement data by the front-end server includes: the front-end server authenticates the user who sends the advertisement data; if the user who sends the advertisement data passes the identity authentication, then determine the advertisement data acquired in the mobile device as the authenticated advertisement data .

具体的,前端服务器首先对登录的用户进行身份认证,在身份认证通过后,用户可以将广告数据存储至移动设备中,前端服务器从移动设备获取广告数据,并可以直接将从移动设备中获取的广告数据确定为认证后的广告数据。Specifically, the front-end server first authenticates the logged-in user. After the identity authentication is passed, the user can store the advertisement data in the mobile device, and the front-end server obtains the advertisement data from the mobile device, and can directly store the advertisement data obtained from the mobile device. The advertisement data is determined as authenticated advertisement data.

或者,前端服务器获取认证后的广告数据包括:前端服务器从移动设备中获取的广告数据,并确定广告数据中的地址信息是否为预设地址信息,若广告数据中的地址信息为预设地址信息,则将广告数据确定为认证后的广告数据。Alternatively, the authenticated advertisement data obtained by the front-end server includes: the advertisement data obtained by the front-end server from the mobile device, and determines whether the address information in the advertisement data is preset address information, if the address information in the advertisement data is preset address information , the advertisement data is determined as authenticated advertisement data.

具体的,用户可以将广告数据存储至移动设备中,前端服务器从移动设备获取广告数据,前端服务器对此广告数据进行解析获取广告数据中的地址信息,将广告数据中的地址信息与预设地址信息进行比对,确定广告数据是否为合法的广告数据。若广告数据中的地址信息为预设地址信息,则可以认为用户发送的广告数据为合法的广告数据,此时可以将广告数据确定为认证后的广告数据。Specifically, the user can store the advertisement data in the mobile device, the front-end server obtains the advertisement data from the mobile device, the front-end server analyzes the advertisement data to obtain the address information in the advertisement data, and compares the address information in the advertisement data with the preset address Information is compared to determine whether the advertisement data is legitimate advertisement data. If the address information in the advertisement data is preset address information, the advertisement data sent by the user can be considered as legal advertisement data, and at this time, the advertisement data can be determined as authenticated advertisement data.

或者,前端服务器获取认证后的广告数据包括:前端服务器对发送广告数据的用户进行身份认证;若发送广告数据的用户通过身份认证,则从移动设备中获取的广告数据,并确定广告数据中的地址信息是否为预设地址信息,若广告数据中的地址信息为预设地址信息,则将广告数据确定为认证后的广告数据。Alternatively, obtaining the authenticated advertisement data by the front-end server includes: the front-end server authenticates the user who sends the advertisement data; if the user who sends the advertisement data passes the identity authentication, obtains the advertisement data from the mobile device and determines the Whether the address information is preset address information, if the address information in the advertisement data is preset address information, then determine the advertisement data as authenticated advertisement data.

具体的,前端服务器首先对登录的用户进行身份认证,在身份认证通过后,用户可以将广告数据存储至移动设备中,前端服务器从移动设备获取广告数据,前端服务器对此广告数据进行解析获取广告数据中的地址信息,将广告数据中的地址信息与预设地址信息进行比对,确定广告数据是否为合法的广告数据。若广告数据中的地址信息为预设地址信息,则可以认为用户发送的广告数据为合法的广告数据,此时可以将广告数据确定为认证后的广告数据。Specifically, the front-end server first authenticates the logged-in user. After passing the identity authentication, the user can store the advertisement data in the mobile device, the front-end server obtains the advertisement data from the mobile device, and the front-end server parses the advertisement data to obtain the advertisement. The address information in the data is compared with the address information in the advertisement data and the preset address information to determine whether the advertisement data is legal advertisement data. If the address information in the advertisement data is preset address information, the advertisement data sent by the user can be considered as legal advertisement data, and at this time, the advertisement data can be determined as authenticated advertisement data.

这样一来,前端服务器利用多个认证方式对广告数据进行相应的认证,进而可以获取到认证后的广告数据。通过上述方式,前端服务器可以在一定程度上防止来自外网黑客入侵,也可以在一定程度上防止内部不法工作人员蓄意的向前端服务器发送不合法广告数据。从而是前端服务器获取的认证后的广告数据是更为安全的。In this way, the front-end server uses multiple authentication methods to perform corresponding authentication on the advertisement data, and then can obtain the authenticated advertisement data. Through the above method, the front-end server can prevent hackers from the external network to a certain extent, and can also prevent illegal internal staff from sending illegal advertisement data to the front-end server to a certain extent. Therefore, the authenticated advertisement data obtained by the front-end server is more secure.

102、机顶盒接收前端服务器发送的加密的广告数据,根据解密算法,对加密的广告数据进行解密;若机顶盒解密出广告数据,则存储所述广告数据;并且,机顶盒在接收前端服务器发送的加密的广告数据时,监听在预设时间内是否再次接收到加密的广告数据;若在预设时间内没有再次接收到所述加密的广告数据,则删除存储的广告数据。102. The set-top box receives the encrypted advertisement data sent by the front-end server, and decrypts the encrypted advertisement data according to the decryption algorithm; if the set-top box decrypts the advertisement data, it stores the advertisement data; and, the set-top box receives the encrypted advertisement data sent by the front-end server. When advertising data, monitor whether the encrypted advertisement data is received again within the preset time; if the encrypted advertisement data is not received again within the preset time, then delete the stored advertisement data.

具体的,在前端服务器通过传输介质将加密的广告数据发送至机顶盒时,机顶盒可以接收到前端服务器发送的加密的广告数据。此时,机顶盒可以根据解密算法对解密的广告数据进行解密处理。在机顶盒可以解密出广告数据时,说明广告数据在通过传输介质传输时,没有被不法分子替换,此时机顶盒可以将解密后的广告数据进行存储,以便在需要播放广告数据时,进行相应的播放。而在机顶盒没有出广告数据时,说明广告数据在通过传输介质传输时,被不法分子替换此时机顶盒可以将接收的广告数据丢弃。Specifically, when the front-end server sends the encrypted advertisement data to the set-top box through the transmission medium, the set-top box can receive the encrypted advertisement data sent by the front-end server. At this time, the set-top box can decrypt the decrypted advertisement data according to the decryption algorithm. When the set-top box can decrypt the advertisement data, it means that the advertisement data has not been replaced by criminals when it is transmitted through the transmission medium. At this time, the set-top box can store the decrypted advertisement data so that when the advertisement data needs to be played, it can be played accordingly. . And when the set-top box does not output the advertisement data, it means that the advertisement data is replaced by criminals during transmission through the transmission medium. At this time, the set-top box can discard the received advertisement data.

并且,机顶盒在接收所述前端服务器发送的加密的广告数据时,机顶盒还需实时的监听前端服务器是否一直向其发送加密的广告数据。即为,机顶盒需要监听前端服务器在预设时间内是否再次向机顶盒发送了加密的广告数据。也就是说,机顶盒需要监听在预设时间内是否再次接收到前端服务器发送的加密的广告数据。若机顶盒在预设时间内没有接收到加密的广告数据,则说明前端服务器已关闭,此时机顶盒可以确定出已与前端服务器无连接,可以确定机顶盒中存储的广告数据可能存在不合法的广告数据,此时机顶盒可以将存储的所有广告数据删除。Moreover, when the set-top box receives the encrypted advertisement data sent by the front-end server, the set-top box needs to monitor in real time whether the front-end server has been sending encrypted advertisement data to it. That is, the set-top box needs to monitor whether the front-end server sends encrypted advertisement data to the set-top box again within a preset time. That is to say, the set-top box needs to monitor whether the encrypted advertisement data sent by the front-end server is received again within a preset time. If the set-top box does not receive encrypted advertisement data within the preset time, it means that the front-end server is closed. At this time, the set-top box can determine that there is no connection with the front-end server, and it can be determined that the advertisement data stored in the set-top box may contain illegal advertisement data. , at this time the set-top box can delete all the stored advertisement data.

需要说明的是,由于存在前端服务器的工作人员将不合法的广告数据发送至前端服务器。由于前端服务器的工作人员可以通过前端服务器的所有认证,因此,此工作人员发送的不合法的广告数据,对于前端服务器来说,由于是通过认证获取的广告数据,所以,前端服务器其获取的广告数据合法的广告数据,即为认证后的广告数据。此时,前端服务器会将此不合法的广告数据利用加密算法将其加密后,将加密的不合法的广告数据发送至机顶盒。此时,机顶盒接收到加密的不合法的广告数据后,通过解密算法可以解密出不合法的广告数据,这样一来,在需要播放广告时,机顶盒会将不合法的广告数据通过智能电视显示出来。It should be noted that, due to the presence of staff of the front-end server sending illegal advertisement data to the front-end server. Since the staff of the front-end server can pass all the authentications of the front-end server, the illegal advertisement data sent by this staff, for the front-end server, because the advertisement data obtained through authentication, the advertisement data obtained by the front-end server The advertising data with legal data is the certified advertising data. At this time, the front-end server encrypts the illegal advertisement data with an encryption algorithm, and then sends the encrypted illegal advertisement data to the set-top box. At this time, after the set-top box receives the encrypted illegal advertisement data, it can decrypt the illegal advertisement data through the decryption algorithm, so that when the advertisement needs to be played, the set-top box will display the illegal advertisement data through the smart TV .

为了降低上述情况发生后造成的不良影响,此时,管理员可以将前端服务器关闭,这样一来,机顶盒在预设时间内未接收到加密的广告数据后,可以及时的将存储的广告数据删除。或者,管理员可以通过前端服务器向机顶盒发送新的合法广告数据,使机顶盒通过智能电视显示合法的广告数据。In order to reduce the adverse effects caused by the above situation, at this time, the administrator can shut down the front-end server, so that if the set-top box does not receive the encrypted advertisement data within the preset time, the stored advertisement data can be deleted in time . Alternatively, the administrator can send new legal advertising data to the set-top box through the front-end server, so that the set-top box displays the legal advertising data through the smart TV.

需要说明的是,在本发明实施例中,前端服务器需要实时的向机顶盒发送加密数据。It should be noted that, in the embodiment of the present invention, the front-end server needs to send encrypted data to the set-top box in real time.

需要说明的是,预设时间是用户根据实际需求设置的。It should be noted that the preset time is set by the user according to actual needs.

进一步的,若机顶盒解密出广告数据,则存储广告数据包括:若机顶盒解密出广告数据,则对广告数据进行解析获取所述广告数据的版本号;根据广告数据的版本号,确定广告数据是否已存储;若确定未存储广告数据,则根据广告数据更新已存储的广告数据。Further, if the set-top box decrypts the advertisement data, storing the advertisement data includes: if the set-top box decrypts the advertisement data, then parsing the advertisement data to obtain the version number of the advertisement data; according to the version number of the advertisement data, determining whether the advertisement data has been storing; if it is determined that the advertisement data is not stored, updating the stored advertisement data according to the advertisement data.

具体的,由于前端服务器需一直向机顶盒发送广告数据,而发送的广告数据可能与机顶盒内存储的广告数据相同,因此机顶盒可以在解密出广告数据后,对广告数据进行解析,获取此广告数据的版本号。将获取的广告数据的版本号与自身存储的广告数据的版本号进行对比,若在已存储的广告数据的版本号中没有找到与获取的广告数据的版本号相同的版本号,则说明机顶盒中存储的广告数据已超期,此时,机顶盒可以将自身存储的广告数据删除,并重新存储解密出的广告数据,即为对存储的广告数据进行更新,以便在通过智能电视播放广告数据时,播放的为前端服务器最新发送的广告数据。Specifically, since the front-end server needs to send advertisement data to the set-top box all the time, and the sent advertisement data may be the same as the advertisement data stored in the set-top box, the set-top box can analyze the advertisement data after decrypting the advertisement data, and obtain the information of the advertisement data. version number. Compare the version number of the acquired advertisement data with the version number of the advertisement data stored by itself, if no version number identical to the version number of the acquired advertisement data is found in the version number of the stored advertisement data, it means that the set-top box The stored advertisement data has expired. At this time, the set-top box can delete the advertisement data stored by itself, and re-store the decrypted advertisement data, that is, update the stored advertisement data, so that when the advertisement data is played through the smart TV, the broadcast is the latest advertisement data sent by the front-end server.

进一步的,还包括:若确定存储了所述广告数据,则不处理解密后的广告数据。Further, it also includes: if it is determined that the advertisement data is stored, not processing the decrypted advertisement data.

即为,机顶盒在已存储的广告数据的版本号中找到了与获取的广告数据的版本号相同的版本号时,说明前端服务器并未对广告数据进行更新,此时机顶盒无需更新存储的广告数据,可以将解密出的广告数据丢弃。That is, when the set-top box finds the version number of the stored advertisement data that is the same as the version number of the acquired advertisement data, it means that the front-end server has not updated the advertisement data, and the set-top box does not need to update the stored advertisement data at this time , the decrypted advertisement data can be discarded.

进一步的,为了加强前端服务器的发送的广告数据的安全性,如图2所示,在步骤101前端服务器在将加密的广告数据发送至机顶盒之后,还包括:Further, in order to strengthen the security of the advertisement data sent by the front-end server, as shown in Figure 2, after the front-end server sends the encrypted advertisement data to the set-top box in step 101, it also includes:

103、前端服务器向管理员发送广告数据发送至机顶盒的提示消息。103. The front-end server sends a prompt message that the advertisement data is sent to the set-top box to the administrator.

具体的,前端服务器在向机顶盒发送加密的广告数据后,可以向管理员发送广告数据发送至机顶盒的提示消息,以便告知管理员前端服务器向机顶盒发送了广告数据。此时,在此广告数据不是此管理员发送的情况下,管理员可以查看前端服务器发送的广告数据,进而可以在管理员检测出前端服务器发送的广告数据为不合法的广告数据时,及时的关闭前端服务器。或是及时的向机顶盒重新发送合法的广告数据,以降低不合法广告数据的不良影响。Specifically, after sending the encrypted advertisement data to the set-top box, the front-end server may send a prompt message to the administrator that the advertisement data is sent to the set-top box, so as to inform the administrator that the front-end server has sent the advertisement data to the set-top box. At this time, if the advertisement data is not sent by the administrator, the administrator can view the advertisement data sent by the front-end server, and then when the administrator detects that the advertisement data sent by the front-end server is illegal, timely Shut down the front-end server. Or resend the legal advertising data to the set-top box in time, so as to reduce the bad influence of the illegal advertising data.

这样,管理员可以及时获知通过前端服务器向机顶盒发送的广告数据。从而可以使管理员更好的管理广告数据。In this way, the administrator can know in time the advertisement data sent to the set-top box through the front-end server. Thus, the administrator can better manage the advertisement data.

需要说明的是,本发明对步骤102及步骤103间的顺序不做限制。可以先执行步骤102,在执行步骤103,也可以先执行步骤103,在执行步骤102,还可以同时执行步骤102及步骤103。在图示中仅表示出一种情况。It should be noted that the present invention does not limit the sequence between step 102 and step 103 . Step 102 may be executed first, and then step 103 may be executed, or step 103 may be executed first, and after step 102 is executed, step 102 and step 103 may also be executed simultaneously. Only one case is shown in the diagram.

本发明实施例提供了一种数据安全的处理系统,包括:前端服务器及机顶盒;其中,前端服务器获取认证后的广告数据,并将广告数据利用预设加密算法,对广告数据进行加密,将加密后的广告数据发送至机顶盒;机顶盒接收前端服务器发送的加密的广告数据,根据解密算法,对加密的广告数据进行解密;若机顶盒解密出广告数据,则存储广告数据;并且,机顶盒在接收前端服务器发送的加密的广告数据时,在预设时间内监听是否再次接收到加密后的广告数据;若在预设时间内没有再次接收到加密后的广告数据,则删除存储的广告数据。这样,在数据安全的处理系统中,前端服务器获取认证后的广告数据,由于此认证后的数据是通过前端服务器认证的广告数据,因此,认证后的广告数据为安全的广告数据,此时前端服务器可以将认证后的广告数据发送至机顶盒。为了防止传输过程中,广告数据被替换,此时前端服务器可以利用预设加密算法对此认证后的广告数据进行加密,并将加密后的广告数据发送至机顶盒。机顶盒在接收到加密的广告数据后,可以对此加密的广告数据解密,解密出广告数据后,可以存储此广告数据。机顶盒在接收前端服务器发送的加密的广告数据时,需要在预设时间内继续监听是否再次接收到加密的广告数据,若在预设时间内没有再次接收到加密的广告数据,则机顶盒将存储的广告数据删除。这样可以在前端服务器获取的认证后的广告数据为非法数据时,将此非法数据发送至机顶盒,此时若管理员将前端服务器关闭时,机顶盒则在预设时间内无法接收到加密的广告数据,机顶盒可以将存储的广告数据删除,从而可以将已存储的非法数据删除,停止播放此非法数据。也就是说,在本发明中的数据安全的处理系统可以在前端服务器及机顶盒均实现对广告数据的安全保护,从而可以实现更全面的保护广告数据的安全的目的。An embodiment of the present invention provides a data security processing system, including: a front-end server and a set-top box; wherein, the front-end server obtains the authenticated advertisement data, and encrypts the advertisement data using a preset encryption algorithm, and encrypts the advertisement data. The final advertisement data is sent to the set-top box; the set-top box receives the encrypted advertisement data sent by the front-end server, and decrypts the encrypted advertisement data according to the decryption algorithm; if the advertisement data is decrypted by the set-top box, the advertisement data is stored; When the encrypted advertisement data is sent, it is monitored whether the encrypted advertisement data is received again within the preset time; if the encrypted advertisement data is not received again within the preset time, the stored advertisement data is deleted. In this way, in the data security processing system, the front-end server obtains the authenticated advertisement data. Since the authenticated data is the advertisement data authenticated by the front-end server, the authenticated advertisement data is safe advertisement data. At this time, the front-end The server can send the authenticated advertisement data to the set-top box. In order to prevent the advertisement data from being replaced during transmission, the front-end server may encrypt the authenticated advertisement data by using a preset encryption algorithm, and send the encrypted advertisement data to the set-top box. After the set-top box receives the encrypted advertisement data, it can decrypt the encrypted advertisement data, and after decrypting the advertisement data, it can store the advertisement data. When the set-top box receives the encrypted advertisement data sent by the front-end server, it needs to continue to monitor whether the encrypted advertisement data is received again within the preset time. If the encrypted advertisement data is not received again within the preset time, the set-top box will store the encrypted advertisement data. Advertising data deletion. In this way, when the authenticated advertisement data obtained by the front-end server is illegal data, the illegal data can be sent to the set-top box. At this time, if the administrator closes the front-end server, the set-top box cannot receive the encrypted advertisement data within the preset time , the set-top box can delete the stored advertisement data, so that the stored illegal data can be deleted, and the playing of the illegal data can be stopped. That is to say, the data security processing system in the present invention can realize the security protection of the advertisement data in both the front-end server and the set-top box, so as to realize the purpose of protecting the security of the advertisement data more comprehensively.

最后应说明的是:以上实施例仅用以说明本发明的技术方案,而非对其限制;尽管参照前述实施例对本发明进行了详细的说明,本领域的普通技术人员应当理解:其依然可以对前述各实施例所记载的技术方案进行修改,或者对其中部分技术特征进行等同替换;而这些修改或者替换,并不使相应技术方案的本质脱离本发明各实施例技术方案的精神和范围。Finally, it should be noted that: the above embodiments are only used to illustrate the technical solutions of the present invention, rather than to limit them; although the present invention has been described in detail with reference to the foregoing embodiments, those of ordinary skill in the art should understand that: it can still be Modifications are made to the technical solutions described in the foregoing embodiments, or equivalent replacements are made to some of the technical features; and these modifications or replacements do not make the essence of the corresponding technical solutions deviate from the spirit and scope of the technical solutions of the various embodiments of the present invention.

Claims (10)

1. A system for data security, comprising: a front-end server and a set-top box; wherein,
the front-end server acquires authenticated advertisement data, encrypts the advertisement data by using a preset encryption algorithm and sends the encrypted advertisement data to the set-top box; the authenticated advertisement data is the advertisement data authenticated by the front-end server;
the set top box receives the encrypted advertisement data sent by the front-end server and decrypts the encrypted advertisement data according to a decryption algorithm; if the set-top box decrypts the advertisement data, storing the advertisement data; when receiving the encrypted advertisement data sent by the front-end server, the set-top box monitors whether the encrypted advertisement data is received again within a preset time; and if the encrypted advertisement data is not received again within the preset time, deleting the stored advertisement data.
2. The system of claim 1,
the front-end server obtaining the authenticated advertisement data comprises:
the front-end server performs identity authentication on the user sending the advertisement data;
if the user sending the advertisement data passes the identity authentication, determining the advertisement data sent by the user as the authenticated advertisement data;
or the front-end server receives advertisement data sent by a user, determines whether address information in the advertisement data is preset address information, and if the address information in the advertisement data is the preset address information, determines the advertisement data as authenticated advertisement data;
or, the front-end server determines the advertisement data acquired from the mobile device as authenticated advertisement data.
3. The system of claim 1,
the front-end server obtaining the authenticated advertisement data comprises:
the front-end server performs identity authentication on the user sending the advertisement data;
if the user sending the advertisement data passes the identity authentication, receiving the advertisement data sent by the user, determining whether address information in the advertisement data is preset address information, and if the address information in the advertisement data is the preset address information, determining the advertisement data as the authenticated advertisement data.
4. The system of claim 1,
the front-end server obtaining the authenticated advertisement data comprises:
the front-end server performs identity authentication on the user sending the advertisement data;
and if the user sending the advertisement data passes the identity authentication, determining the advertisement data acquired in the mobile equipment as the authenticated advertisement data.
5. The system of claim 1,
the front-end server obtaining the authenticated advertisement data comprises:
the front-end server acquires advertisement data from the mobile equipment, determines whether address information in the advertisement data is preset address information, and determines the advertisement data as authenticated advertisement data if the address information in the advertisement data is the preset address information.
6. The system of claim 1,
the front-end server obtaining the authenticated advertisement data comprises:
the front-end server performs identity authentication on the user sending the advertisement data;
and if the user sending the advertisement data passes the identity authentication, the advertisement data is obtained from the mobile equipment, whether the address information in the advertisement data is preset address information or not is determined, and if the address information in the advertisement data is the preset address information, the advertisement data is determined to be the authenticated advertisement data.
7. The system of any of claims 2-4 or 6, wherein the front-end server authenticating the user sending the advertisement data comprises:
the front-end server detects whether a user inserts a U shield;
and if the U shield is inserted, acquiring identity information from the U shield, and verifying the identity information.
8. The system of claim 1, wherein if the set-top box decrypts the advertisement data, storing the advertisement data comprises:
if the set top box decrypts the advertisement data, analyzing the advertisement data to obtain the version number of the advertisement data;
determining whether the advertisement data is stored or not according to the version number of the advertisement data;
and if the advertisement data are not stored, updating the stored advertisement data according to the advertisement data.
9. The system of claim 8, further comprising:
and if the advertisement data are determined to be stored, not processing the decrypted advertisement data.
10. The system according to claim 1, wherein after the front-end server sends the encrypted advertisement data to a set-top box, the system further comprises:
and the front-end server sends a prompt message of sending the advertisement data to the set-top box to the administrator.
CN201610059914.4A 2016-01-28 2016-01-28 Data security processing system Pending CN105516812A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610059914.4A CN105516812A (en) 2016-01-28 2016-01-28 Data security processing system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610059914.4A CN105516812A (en) 2016-01-28 2016-01-28 Data security processing system

Publications (1)

Publication Number Publication Date
CN105516812A true CN105516812A (en) 2016-04-20

Family

ID=55724397

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610059914.4A Pending CN105516812A (en) 2016-01-28 2016-01-28 Data security processing system

Country Status (1)

Country Link
CN (1) CN105516812A (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100004984A1 (en) * 2008-07-02 2010-01-07 Verizon Data Services Llc Television distribution of product/service coupon codes
CN102769798A (en) * 2012-07-24 2012-11-07 华数传媒网络有限公司 Set top box information pushing system and set top box information pushing method based on dynamic allocation technology
CN104469422A (en) * 2014-12-31 2015-03-25 四川金网通电子科技有限公司 Set top box advertising system with security mechanism and obtaining method thereof

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100004984A1 (en) * 2008-07-02 2010-01-07 Verizon Data Services Llc Television distribution of product/service coupon codes
CN102769798A (en) * 2012-07-24 2012-11-07 华数传媒网络有限公司 Set top box information pushing system and set top box information pushing method based on dynamic allocation technology
CN104469422A (en) * 2014-12-31 2015-03-25 四川金网通电子科技有限公司 Set top box advertising system with security mechanism and obtaining method thereof

Similar Documents

Publication Publication Date Title
US8832727B2 (en) Method and authentication server for verifying access identity of set-top box
KR101366243B1 (en) Method for transmitting data through authenticating and apparatus therefor
US8745388B2 (en) Systems and methods for securely streaming media content
CN109218825B (en) Video encryption system
US9438584B2 (en) Provisioning DRM credentials on a client device using an update server
CN104113934B (en) Method and system for connecting communication equipment to router
CN107707504B (en) Streaming media playing method and system, server and client
EP3324572B1 (en) Information transmission method and mobile device
CN109151508B (en) Video encryption method
CN103997681B (en) Net cast is carried out to method and the system thereof of door chain process
WO2017215514A1 (en) Audio/video encrypted playing method and system thereof
CN106464485A (en) System and method for securing content keys delivered in manifest files
CN108809633B (en) Identity authentication method, device and system
CN113114668A (en) Information transmission method, mobile terminal, storage medium and electronic equipment
CN104980771A (en) Method and system for stream media-on-demand through internet protocol television (IPTV)
US12095910B2 (en) System for thin client devices in hybrid edge cloud systems
WO2011143914A1 (en) Method and system for activating authentication of internet protocol television client terminal
CN103079200A (en) Wireless access authentication method, system and wireless router
CN108111497A (en) Video camera and server inter-authentication method and device
CN111740995A (en) A kind of authorization authentication method and related device
CN106453430A (en) Method and device for verifying encrypted data transmission paths
CN102843335B (en) The processing method of streaming medium content and equipment
US20110179444A1 (en) Apparatus and method for downloading conditional access images
CN117376909A (en) Single-package authorization authentication method and system based on universal guide architecture
CN112688949B (en) Access method, device, equipment and computer readable storage medium

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20160420