[go: up one dir, main page]

CN101373504B - Management method and system for downloading digital content - Google Patents

Management method and system for downloading digital content Download PDF

Info

Publication number
CN101373504B
CN101373504B CN2008101177234A CN200810117723A CN101373504B CN 101373504 B CN101373504 B CN 101373504B CN 2008101177234 A CN2008101177234 A CN 2008101177234A CN 200810117723 A CN200810117723 A CN 200810117723A CN 101373504 B CN101373504 B CN 101373504B
Authority
CN
China
Prior art keywords
download
digital content
user
client
information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN2008101177234A
Other languages
Chinese (zh)
Other versions
CN101373504A (en
Inventor
汤帜
夏松江
王海涛
吴毛利
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
New Founder Holdings Development Co ltd
Peking University
Founder Apabi Technology Ltd
Original Assignee
Peking University
Peking University Founder Group Co Ltd
Beijing Founder Apabi Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Peking University, Peking University Founder Group Co Ltd, Beijing Founder Apabi Technology Co Ltd filed Critical Peking University
Priority to CN2008101177234A priority Critical patent/CN101373504B/en
Publication of CN101373504A publication Critical patent/CN101373504A/en
Application granted granted Critical
Publication of CN101373504B publication Critical patent/CN101373504B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Storage Device Security (AREA)

Abstract

本发明涉及一种控制数字内容下载设备个数的方法和系统,属于数字版权保护领域。现有数字版权保护的数字内容文件阅读往往只限于在一个设备上进行阅读,当要在其它设备上下载应用时需要重新下载而占用资源的下载次数或复本数。本发明包括客户端子系统和服务器端子系统,而服务器端子系统主要由五个核心模块组成:下载请求处理模块、用户管理模块、下载设备管理模块、用户下载控制模块和下载内容许可发放模块组成。采用本发明所述的方法,进行一次数字内容交易时,允许用户可以在同一台设备上进行多次下载,也允许在一定数量的不同设备上下载。

Figure 200810117723

The invention relates to a method and system for controlling the number of digital content downloading devices, belonging to the field of digital copyright protection. Reading of digital content files protected by existing digital copyrights is often limited to reading on one device. When applications are to be downloaded on other devices, they need to be re-downloaded and occupy resources for the number of downloads or the number of copies. The invention includes a client subsystem and a server subsystem, and the server subsystem is mainly composed of five core modules: a download request processing module, a user management module, a download device management module, a user download control module and a download content license issuing module. By adopting the method of the present invention, when conducting a digital content transaction, the user is allowed to download multiple times on the same device, and also allows downloading on a certain number of different devices.

Figure 200810117723

Description

一种数字内容下载管理方法与系统A digital content download management method and system

技术领域 technical field

本发明属于数字内容版权保护领域,具体涉及一种数字内容下载管理方法与系统。  The invention belongs to the field of digital content copyright protection, and in particular relates to a digital content download management method and system. the

背景技术 Background technique

数字版权管理(DRM)是用来保护数字内容交易和传播的一种关键技术,用于实现对数字内容的知识产权进行保护,使数字内容的使用和传播过程可控,因此内容提供商和运营商青睐通过DRM技术来保护其数字内容,并有效控制用户的下载和传播,有效地防止盗版,保护了数字内容提供商和运营商的合法权益。随着当今网络技术的飞速发展,数字资源的应用也得到了飞速发展,由此产生的经济效益也突飞猛进,因此DRM技术更加受到重视和发展,对其应用需求也越来越多样化,主要表现在两种需求:其一是电子设备的多样化,由单纯的在PC阅读和使用数字资源,发展到笔记本电脑、手机、电子阅读器、PDA等多种移动设备下载、阅读和应用数字资源,并且现在同时拥有多种设备的用户阅读需求也越来越强烈,因此,用户更希望获得一个数字资源使用许可后,更希望能合理的在其拥有的多种电子设备上进行合理合法使用。其二是对数字资源的应用进行精确地控制,如电子图书类型资源采用复本数来控制使用次数,通过对数字资源应用的精确控制,以为数字资源创造更多的商业利润。  Digital Rights Management (DRM) is a key technology used to protect the transaction and dissemination of digital content. It is used to protect the intellectual property rights of digital content and make the use and dissemination of digital content controllable. Therefore, content providers and operators Businesses prefer to use DRM technology to protect their digital content, effectively control users' download and dissemination, effectively prevent piracy, and protect the legitimate rights and interests of digital content providers and operators. With the rapid development of today's network technology, the application of digital resources has also been rapidly developed, and the resulting economic benefits have also advanced by leaps and bounds. Therefore, DRM technology has received more attention and development, and its application requirements have become more and more diverse. The main performance There are two needs: one is the diversification of electronic devices, from simply reading and using digital resources on PCs to downloading, reading and using digital resources on various mobile devices such as laptops, mobile phones, e-readers, and PDAs, And now users who have multiple devices at the same time have more and more reading needs. Therefore, users hope that after obtaining a license to use digital resources, they hope that they can use them reasonably and legally on various electronic devices they own. The second is to precisely control the application of digital resources. For example, e-book resources use the number of copies to control the number of uses. Through precise control of the application of digital resources, more commercial profits can be created for digital resources. the

在现有的DRM技术中,通常采用数字内容与设备特征信息绑定的方法,将数字内容的解密信息与设备硬件配置信息进行绑定,使得数字资源只能在被绑定的设备上使用。只要脱离了设备的环境,数字内容就不能正常使用,这种方法有效对数字内容的下载和传播进行了有效地控制,所以这种方法也常常被应用到各种DRM系统中。在下面应用场景中,DRM系统需要考虑和解决的:  In the existing DRM technology, the method of binding digital content and device characteristic information is usually adopted, and the decryption information of the digital content is bound with the device hardware configuration information, so that the digital resource can only be used on the bound device. As long as the digital content is out of the environment of the device, the digital content cannot be used normally. This method effectively controls the download and dissemination of the digital content, so this method is often applied to various DRM systems. In the following application scenarios, the DRM system needs to consider and solve:

当用户进行一次数字内容交易后,是否可以在同一台设备中进行多次下载,是否可以在不同的设备中进行下载。因为用户会经常遇到更换操作系统、更换设备的情况,因此DRM系统中需要支持用户这种合理的使用。  After a user conducts a digital content transaction, whether it can be downloaded multiple times on the same device, or whether it can be downloaded on different devices. Because the user will often encounter the situation of changing the operating system and changing the device, the DRM system needs to support the reasonable use of the user. the

发明内容 Contents of the invention

本发明的目的在DRM技术基础上,通过对数字内容下载设备个数的控制,解决在有效的数字内容版权保护的前提下,允许用户在一次交易后获取到合法许可数字内容可以在同一个设备中进行多次下载,也允许在多个不同设备上下载的问题。  The object of the present invention is based on DRM technology, through the control of the number of digital content downloading devices, to solve the problem of allowing users to obtain legally licensed digital content after one transaction under the premise of effective digital content copyright protection. Issues with multiple downloads in , also allowing downloads on multiple different devices. the

为了解决上述问题,本发明提供一种允许用户消费同一个数字内容许可的情况下,同时在多台设备下载和使用数字内容的控制的方法,本发明的原理示意图参照图1,具体实现方法参照图2。  In order to solve the above problems, the present invention provides a method for controlling the download and use of digital content on multiple devices at the same time when the user is allowed to consume the same digital content license. Refer to Figure 1 for the schematic diagram of the principle of the present invention, and refer to Figure 1 for the specific implementation method figure 2. the

该方法主要包括以下步骤:  The method mainly includes the following steps:

A:客户端向服务器端发出下载请求;  A: The client sends a download request to the server;

B:服务器端判断是否允许客户端下载,如允许,转到步骤C,否则,拒绝下载;  B: The server judges whether to allow the client to download, if it is allowed, go to step C, otherwise, refuse to download;

C:向客户端发放数字内容的访问许可。  C: Issue an access license to the digital content to the client. the

步骤B进一步包括:  Step B further includes:

B1:服务器端判断客户端设备是否为新设备,如是,转到步骤B2;否则获取设备编号,进入步骤B3;  B1: The server side judges whether the client device is a new device, if so, go to step B2; otherwise get the device number, go to step B3;

B2:在设备信息表中插入设备信息,判断当前设备信息表中的设备个数是否大于预先设定的允许下载的最多设备个数,如是,拒绝下载,否则转到步骤B3;  B2: Insert device information into the device information table, and judge whether the number of devices in the current device information table is greater than the preset maximum number of devices allowed to download, if yes, refuse to download, otherwise go to step B3; 

B3:登记用户下载记录,转到步骤C。  B3: Register user download record, go to step C. the

进一步,客户端向服务器端发出下载请求具体包括:  Further, the download request sent by the client to the server specifically includes:

A1:用户登录数字内容管理系统,选择要下载数字内容的资源信息;  A1: The user logs into the digital content management system and selects the resource information of the digital content to be downloaded;

A2:获取用户电子设备硬件信息,并进行加密摘要形成电子设备的唯一标识;  A2: Obtain the hardware information of the user's electronic device, and encrypt the summary to form the unique identification of the electronic device;

A3:形成下载请求地址,向服务器端发出下载请求。  A3: Form a download request address and send a download request to the server. the

进一步,所述下载请求地址是按着客户端与服务端之间的通信协议,组织硬件信息、用户信息和资源信息形成的下载请求URL地址。  Further, the download request address is a download request URL address formed by organizing hardware information, user information and resource information according to the communication protocol between the client and the server. the

进一步,登记用户下载记录具体包括:登记用户下载记录,并对下载记录进行安全校验运算保存。  Further, the registered user download record specifically includes: the registered user download record, and the download record is saved through security verification calculation. the

进一步,所述下载记录包括:用户编号、数字内容资源编号、设备编号信息。  Further, the download record includes: user number, digital content resource number, and device number information. the

进一步,向客户端发放数字内容的访问许可之前还包括:判断用户下载记录列校验数据是否正确,并在正确时插入下载记录信息,计算当前下载记录的行校验值,并计算下载记录表列校验值并保存。  Further, before issuing the access permission of the digital content to the client, it also includes: judging whether the user download record column verification data is correct, inserting the download record information if correct, calculating the row verification value of the current download record, and calculating the download record table Check the value and save it. the

进一步,向客户端发放数字内容的访问许可具体包括:向客户端发放数字内容许可证书,以设备唯一标识符为特征信息对数字内容密钥进行加密,得到加密后的密钥内容,并组织其它许可信息形成许可证书发送给客户端阅读器,阅读器得到许可后,分配给用户对所述资源的使用权限。  Further, issuing the digital content access permission to the client specifically includes: issuing a digital content license certificate to the client, encrypting the digital content key with the unique device identifier as characteristic information, obtaining the encrypted key content, and organizing other The license information is sent to the client reader in the form of a license certificate, and after the reader obtains the license, it assigns the user the right to use the resource. the

进一步,向客户端发放数字内容的访问许可包括:服务器端判断当前允许下载的次数是否大于预先设定的允许下载的最高次数,并在不大于预先设定的允许下载的最高次数时,向客户端发放数字内容的访问许可。  Further, issuing the access permission of the digital content to the client includes: the server judges whether the current number of allowed downloads is greater than the preset maximum number of downloads, and when it is not greater than the preset maximum number of downloads, sends the client end-issued access licenses for digital content. the

本发明还提供一种数字内容下载管理系统,提供一种允许用户消费同一个数字内容许可的情况下,同时在多台设备下载和使用数字内容的控制的系统,具体包括客户端子系统以及服务器端子系统,所述客户端子系统包括:  The present invention also provides a digital content download management system, which provides a control system for downloading and using digital content on multiple devices at the same time when a user is allowed to consume the same digital content license, specifically including a client subsystem and a server terminal system, the client subsystem includes:

数字内容阅读器,  用于对数字内容进行阅读,所述阅读器负责向服务器下载请求处理模块发出下载请求信息;  A digital content reader, for reading digital content, the reader is responsible for sending download request information to the server download request processing module;

所述服务器端子系统包括:  The server terminal system includes:

下载请求处理模块,负责对客户端请求进行解析,保证请求的合法性;  The download request processing module is responsible for parsing the client request to ensure the legitimacy of the request;

用户管理模块,用于用户信息存储管理、安全登录认证管理;  User management module, used for user information storage management, security login authentication management;

下载设备管理模块,用于下载设备信息的存储、设备注册管理;  Download device management module, used for storage of download device information, device registration management;

用户下载控制模块,用于数字内容下载记录存储管理和下载设备有效性判断,并对下载设备个数进行管理;  The user download control module is used for digital content download record storage management and download device validity judgment, and manages the number of download devices;

下载内容许可发放模块,用于发放证书文件到客户端;  Download the content license issuance module, which is used to issue certificate files to the client;

所述客户端子系统与服务器端子系统之间通过通信协议来完成通信。  The communication between the client subsystem and the server subsystem is accomplished through a communication protocol. the

进一步,还包括配置文件管理模块,用于对配置文件的读写操作,配置文件中存储系统的一些配置信息,对于敏感的数据进行加密,主要负责对配置文件同时对整个文件进行安全摘要,以验证配置文件是否被篡改。  Further, it also includes a configuration file management module, which is used to read and write configuration files, store some configuration information of the system in the configuration file, and encrypt sensitive data. Verify that configuration files have not been tampered with. the

进一步,所述用户下载控制模块负责用户的数字内容下载记录存储管理、下载设备有效性判断,对于用户每下载一个资源,则该模块负责将用户信息、资源信息以及下载设备信息作为一个下载记录存储管理起来,当接到用户下载请求后,就对用户的下载记录进行统计,判断下载资源有效性和设备的有效性,当同一个用户超过系统允许的下载设备数时,则不允许用户再进行下载,并且对用户下载记录信息进行一定的数据校验,并把校验数据存储在数据库中或者配置文件中,防止用户下载记录被非法删除或者篡改。  Further, the user download control module is responsible for the storage management of the user's digital content download record and the validity judgment of the download device. For each resource downloaded by the user, the module is responsible for storing the user information, resource information and download device information as a download record. In terms of management, when a user download request is received, the user's download record is counted to determine the validity of the download resource and the validity of the device. When the same user exceeds the number of download devices allowed by the system, the user is not allowed to continue. Download, and perform certain data verification on user download record information, and store the verification data in the database or configuration file to prevent user download records from being illegally deleted or tampered with. the

实施本发明,具有如下有益效果:  Implement the present invention, have following beneficial effect:

在有效进行数字内容版权保护的前提下,对数字内容下载设备数进行了有效的控制,在同一交易中,允许同一个设备进行多次下载数字内容,也同样允许在一定数量的不同设备中进行数字内容下载。  On the premise of effective digital content copyright protection, the number of digital content download devices is effectively controlled. In the same transaction, the same device is allowed to download digital content multiple times, and it is also allowed to download digital content in a certain number of different devices. Digital Content Downloads. the

通过本发明,在不影响内容提供商权益下,大大提高了数字内容的应用范围,大大提高了用户使用数字内容的方便性。  Through the present invention, without affecting the rights and interests of content providers, the application range of digital content is greatly improved, and the convenience for users to use digital content is greatly improved. the

附图说明Description of drawings

图1是本发明的系统结构图;  Fig. 1 is a system structure diagram of the present invention;

图2是本发明的数据库表设计图;  Fig. 2 is a database table design diagram of the present invention;

图3是本发明的实现方法流程图;  Fig. 3 is the realization method flowchart of the present invention;

图4是本发明的服务端接收并处理客户端请求流程图。  Fig. 4 is a flowchart of receiving and processing client requests by the server of the present invention. the

具体实施方式 Detailed ways

以下详细说明只是给出了优选的典型实施案例,并不是对本发明的范围、应用情况或配置的限制。  The following detailed description is only a preferred typical implementation case, and does not limit the scope, application or configuration of the present invention. the

参照图1,实现本发明提供的方法优选系统结构Client/Server结构,由客户端子系统101(以下简称客户端)、服务器端子系统100(以下简称服务端)组成,客户端与服务端的通信通过通信协议实现,本实施例采用的是HTTP通信协议;客户端包括阅读器102,用于对数字内容进行阅读,并负责向服务器下载请求处理模块发出下载请求信息,具体可采用流行的网页浏览器(如IE/FireFox等)以及支持数字内容文件格式的阅读器(如方正Apabi Reader)组成。而服务端则主要负责用户管理、数字内容下载管理以及下载设备管理等,具体包括:  With reference to Fig. 1, realize the preferred system structure Client/Server structure of the method provided by the present invention, be made up of client subsystem 101 (hereinafter referred to as client), server subsystem 100 (hereinafter referred to as server), the communication of client and server is through communication Protocol implementation, what the present embodiment adopted is HTTP communication protocol; Client comprises reader 102, is used for reading digital content, and is responsible for sending download request information to server download request processing module, specifically can adopt popular web browser ( Such as IE/FireFox, etc.) and a reader that supports digital content file formats (such as Founder Apabi Reader). The server is mainly responsible for user management, digital content download management and download device management, including:

下载请求处理模块104,负责对客户端请求进行解析,保证请求的合法性;  The download request processing module 104 is responsible for parsing the client request to ensure the legitimacy of the request;

用户管理模块103,用于用户信息存储管理、安全登录认证管理;  User management module 103, used for user information storage management, security login authentication management;

下载设备管理模块105,用于下载设备信息的存储、设备注册管理;  Download device management module 105, used for storage of download device information, device registration management;

用户下载控制模块106,用于数字内容下载记录存储管理和下载设备有效性判断,并对下载设备个数进行管理;  The user download control module 106 is used for digital content download record storage management and download device validity judgment, and manages the number of download devices;

下载内容许可发放模块107,用于发放证书文件到客户端。  The download content license issuing module 107 is used to issue the certificate file to the client. the

以下做具体说明:  The following is a detailed description:

用户管理模块103负责用户信息存储管理、安全登录认证管理,该模块保证下载数字内容的用户的合法性,因此在设计上也要考虑用户信息不能被非法删除和篡改,用户登录密码也用一种加密算法进行加密存储。  The user management module 103 is responsible for user information storage management and security login authentication management. This module ensures the legitimacy of users who download digital content. Therefore, the design also considers that user information cannot be illegally deleted or tampered with. User login passwords also use a Encryption algorithm for encrypted storage. the

下载请求处理模块104负责对客户端请求进行解析,完成对通信协议的格式解析,保证请求的合法性和请求数据的合法性,同时该模块也需要完成对其它模块的调用和组织。  The download request processing module 104 is responsible for parsing the client request, completing the format parsing of the communication protocol, ensuring the legitimacy of the request and the legitimacy of the request data, and this module also needs to call and organize other modules. the

下载内容许可发放模块107负责发放证书文件,当用户的下载请求得到合法认证后,由该模块创建证书文件并发送到客户端。  The download content license issuance module 107 is responsible for issuing the certificate file. When the user's download request is legally authenticated, the module creates the certificate file and sends it to the client. the

下载设备管理模块105负责下载设备信息的存储、设备注册管理,登记所有合法的客户端设备信息,客户端设备信息中一个重要的数据即是设备的唯一性标识符。  The download device management module 105 is responsible for the storage of download device information, device registration management, and registration of all legal client device information. An important data in the client device information is the unique identifier of the device. the

用户下载控制模块106负责用户的数字内容下载记录存储管理、下载设备有效性判断等,用户每下载一个资源,则该模块负责将用户信息、资源信息以及下载设备等信息作为一个下载记录存储管理起来,当接到用户下载请求后,就对用户的下载记录进行统计,判断下载资源有效性和设备的有效性,当同一个用户超过系统允许的下载设备数时,则不允许用户再进行下载。在该模块中需要防止用户下载记录被非法删除或者篡改等,因此对用户下载记录信息进行一定的数据校验,并把校验数据存储在数据库中或者配置文件中。  The user download control module 106 is responsible for the user's digital content download record storage management, download device validity judgment, etc., and each time the user downloads a resource, this module is responsible for storing and managing the user information, resource information, and download device information as a download record , when a download request from the user is received, the user's download records are counted to determine the validity of the download resource and the validity of the device. When the same user exceeds the number of download devices allowed by the system, the user is not allowed to download again. In this module, it is necessary to prevent user download records from being illegally deleted or tampered with, so certain data verification is performed on user download record information, and the verification data is stored in the database or configuration file. the

所述数据的存储管理可通过关系型数据库完成,主要的数据库表设计参照图2。用户信息表601用来存储用户的信息,包括用户编号UserID、登录帐号LoginID和登录密码Password等信息;设备信息表603用来存储客户端下载设备信息,主要包括设备编号DeviceID和设备特征标识符信息HWInfo;资源下载记录表602记录用户下载资源的信息,包括订单编号OrderID、资源编号DocID、下载用户编号UserID、下载设备编号DeviceID、记录插入时间InsertTime以及行数据校验字段CRC,字段CRC用于存放记录校验信息,用一定的算法对当前记录的OrderID、DocID、UserID、DeviceID、InsertTime等按着一定的算法生成一个哈希字符串,存储在CRC字段中,以用于验证该行记录的数据是否被篡改。  The storage and management of the data can be completed through a relational database, and the main database table design refers to Figure 2. User information table 601 is used to store user information, including information such as user number UserID, login account LoginID, and login password Password; device information table 603 is used to store client download device information, mainly including device number DeviceID and device feature identifier information HWInfo; resource download record table 602 records the information of resources downloaded by users, including order number OrderID, resource number DocID, download user number UserID, download device number DeviceID, record insertion time InsertTime and row data verification field CRC, which is used for storage Record verification information, use a certain algorithm to generate a hash string for the OrderID, DocID, UserID, DeviceID, InsertTime, etc. of the current record according to a certain algorithm, and store it in the CRC field to verify the data recorded in this line whether it has been tampered with. the

为了保证用户资源下载记录表中的记录行不被删除,因此对该表的一些列的值通过一定的算法生成一个哈希字符串,存储在配置文件中,当进行下载时就需要进行列的校验,如果通过则允许下载,否则,禁止用户下载,通过这种 方式可以保证记录的用户下载的次数不会被更改。  In order to ensure that the record rows in the user resource download record table are not deleted, a certain algorithm is used to generate a hash string for the values of some columns in the table, which is stored in the configuration file. When downloading, it is necessary to perform column If the verification is passed, the download is allowed, otherwise, the user is prohibited from downloading. In this way, the recorded number of user downloads will not be changed. the

为了进一步提高系统的性能,还可以包括一个配置文件管理模块,主要负责对配置文件的读写操作,配置文件中存储系统的一些配置信息,如允许下载的设备个数,数据校验信息、数据库连接字符串等信息,对于敏感的数据进行加密,同时对整个文件进行安全摘要,以验证配置文件是否被篡改。  In order to further improve the performance of the system, a configuration file management module can also be included, which is mainly responsible for reading and writing operations on the configuration file. Some configuration information of the system is stored in the configuration file, such as the number of devices allowed to download, data verification information, database Information such as connection strings is encrypted for sensitive data, and a security summary is performed on the entire file to verify whether the configuration file has been tampered with. the

通信协议主要负责完成客户端和服务端的数据安全传输通信,客户端通过HTTP协议URL QueryString的形式向服务端发出请求命令,服务端接收处理请求后向客户端返回处理结果,并以XML格式返回到客户端。下载请求命令HTTP URL需要包含如下数据项:  The communication protocol is mainly responsible for the secure data transmission and communication between the client and the server. The client sends a request command to the server in the form of HTTP protocol URL QueryString. After receiving the processing request, the server returns the processing result to the client and returns it to the client in XML format. client. The download request command HTTP URL needs to contain the following data items:

    UserID UserID     当前用户编号   Current User ID     DocID DocID     请求的资源编号 The requested resource ID     DeviceID DeviceID     请求客户端硬件信息   Request client hardware information     MAC MAC     加密摘要 Encrypted Digest

把UserID、DocID、DeviceID等信息按着一定的算法安全摘要运算,从而可以把这些信息组织成一个数据结构,如DeviceID=XXXXXX&UserID=1&DocID=1&MAC=GAXCBECDD==;然后对这个字符串通过一定的加密算法进行加密,Base64编码,得到请求的数据项V1,从而组织为客户端请求URL地址,格式如http://fangzheng.com/download?RequestData=V1。  The UserID, DocID, DeviceID and other information are calculated according to a certain algorithm security summary, so that these information can be organized into a data structure, such as DeviceID=XXXXXX&UserID=1&DocID=1&MAC=GAXCBECDD==; then pass a certain encryption on this string Algorithm for encryption, Base64 encoding to get the requested data item V1, so as to organize the request URL address for the client, in the format such as http://fangzheng.com/download? RequestData=V1. the

服务器端还可以预先设定允许下载的最高次数,在允许下载之前先判断当前允许下载的次数是否大于预先设定的最高次数,如是拒绝下载,否则,允许下载,再向客户端发放数字内容的访问许可。  The server side can also pre-set the maximum number of times allowed to download, before allowing the download, first judge whether the current allowed number of downloads is greater than the preset maximum number of times, if so, refuse to download, otherwise, allow the download, and then distribute the digital content to the client access permission. the

下面结合附图3和附图4,对本发明实现方法进行阐述,着重描述在服务器端接收和处理客户端请求的过程:  Below in conjunction with accompanying drawing 3 and accompanying drawing 4, the implementation method of the present invention is described, emphatically describing the process of receiving and processing client requests at the server side:

步骤S21:用户登录数字内容管理系统,选择要下载数字内容的资源信息;  Step S21: The user logs into the digital content management system, and selects the resource information of the digital content to be downloaded;

步骤S22:阅读器获取用户电子设备硬件信息,并进行加密摘要形成电子设备的唯一标识,形成下载请求地址,向服务器端发出下载请求;  Step S22: The reader obtains the hardware information of the user's electronic device, and encrypts the summary to form a unique identification of the electronic device, forms a download request address, and sends a download request to the server;

所述下载请求地址是按着客户端与服务端之间的通信协议,组织硬件信息、用户信息和资源信息形成的下载请求URL地址。所述服务器端预先设定允许下载设备的最多个数。  The download request address is a download request URL address formed by organizing hardware information, user information and resource information according to the communication protocol between the client and the server. The server presets the maximum number of devices allowed to download. the

步骤S23:服务器接收并处理客户端请求;  Step S23: the server receives and processes the client request;

步骤S24:向用户发放数字内容许可证书。  Step S24: Issue a digital content license certificate to the user. the

步骤S23,S24具体实现方式如下:  Steps S23 and S24 are implemented in the following ways:

服务端接收到客户端的请求后,根据通信协议解析和验证请求的合法性,如果验证请求为非法的,拒绝请求,返回错误信息给客户端;当是一个合理的请求时,则服务端可以从通信协议中获取到当前请求的用户编号、请求下载资源编号、客户端硬件设备等信息。  After receiving the request from the client, the server analyzes and verifies the legitimacy of the request according to the communication protocol. If the verification request is illegal, it rejects the request and returns an error message to the client; when it is a reasonable request, the server can start from Information such as the user number currently requested, the resource number requested to be downloaded, and the client hardware device are obtained in the communication protocol. the

根据得到的客户端硬件设备信息,查询下载设备信息表判断是否为一个新设备,判断依据是以HWInfo的值作为设备唯一性的依据,如果设备信息不存在,则往下载设备信息表中插入一条新设备,并取得DeviceID,如果表中已经存在该设备信息,则获取到DeviceID,并登记用户下载记录。  According to the obtained client hardware device information, query the downloaded device information table to judge whether it is a new device. The judgment is based on the value of HWInfo as the basis for the uniqueness of the device. If the device information does not exist, insert an entry into the downloaded device information table. Create a new device, and obtain the DeviceID. If the device information already exists in the table, obtain the DeviceID, and register the user download record. the

服务器端进行判断,如果是一次交易的新设备下载,则以UserID、DocID为条件在用户下载记录表中统计记录数(如select count(DeviceID)from用户下载记录表where UserID=m and DocID=n),即在用户编号UserID和资源编号DocID相同条件不变的条件下,得到当前用户下载当前资源的设备个数,然后判断这个数是否在限定的设备数范围之内,如果下载当前资源的设备数已经超过设定范围值,则返回错误信息,不允许下载。如果在允许的范围之内,则继续判断用户下载记录表的列的校验值是否正确。  The server side judges, if it is a new device download for a transaction, count the number of records in the user download record table based on UserID and DocID (such as select count(DeviceID) from user download record table where UserID=m and DocID=n ), that is, under the condition that the user number UserID and the resource number DocID are the same, the number of devices that the current user downloads the current resource is obtained, and then it is judged whether this number is within the limited range of the number of devices. If the device that downloads the current resource If the number has exceeded the set range value, an error message will be returned and the download is not allowed. If it is within the allowable range, continue to judge whether the check value of the column of the user download record table is correct. the

判断用户下载记录表的列的校验值是否正确,列校验值是对下载记录表中的一些字段通过一定的计算公式统计所有行后得到一个结果,然后对此结果进 行消息摘要,再经过Base64编码后得到的一个字符串,这个字符串存储在配置文件信息中。系统通过同样的过程来计算得到列校验值,然后与配置文件中存储的值相比较,如果值不同,则说明下载记录被非法修改,那么系统返回错误信息到客户端。如果是相同的,则继续进行下一步工作。  Determine whether the check value of the column of the user download record table is correct. The column check value is a result obtained after counting all the rows of some fields in the download record table through a certain calculation formula, and then a message summary is performed on the result, and then A character string obtained after Base64 encoding, which is stored in the configuration file information. The system calculates the column verification value through the same process, and then compares it with the value stored in the configuration file. If the value is different, it means that the download record has been illegally modified, and the system returns an error message to the client. If they are the same, proceed to the next step. the

当允许设备下载该资源后,则向用户下载记录表中插入一条新记录,保存UserID、DocID、DeviceID等信息,并计算行校验值存储在CRC字段中,然后计算下载记录表的列校验值存储在配置文件中。由于该过程必须是一个完整的过程,因此需要使用数据库系统的事务来确保该过程的完整性,只要有一个环节发生错误,则回滚事务,取消此次操作,并向客户端返回错误信息。只有所有的步骤执行成功后,在最后提交事务,最后向客户端发放数字内容的访问许可。  When the device is allowed to download the resource, insert a new record into the user download record table, save UserID, DocID, DeviceID and other information, calculate the row check value and store it in the CRC field, and then calculate the column check of the download record table Values are stored in configuration files. Since the process must be a complete process, it is necessary to use the transaction of the database system to ensure the integrity of the process. As long as an error occurs in one link, the transaction will be rolled back, the operation will be canceled, and an error message will be returned to the client. Only after all the steps are successfully executed, the transaction is submitted at the end, and the access permission of the digital content is finally issued to the client. the

向客户端发放数字内容的访问许可,主要是向客户端发放数字内容许可证书,以设备唯一标识符为特征信息对数字内容密钥进行加密,得到加密后的密钥内容,并组织其它许可信息形成许可证书发送给客户端阅读器,阅读器得到许可后,分配给用户对所述资源的使用权限。  Issuing digital content access licenses to clients is mainly to issue digital content license certificates to clients, encrypt digital content keys with device unique identifiers as characteristic information, obtain encrypted key content, and organize other licensing information The license certificate is formed and sent to the client reader. After the reader obtains the license, it assigns the user the right to use the resource. the

服务器端还可以预先设定允许下载的最高次数,在允许下载之前先判断当前允许下载的次数是否大于预先设定的最高次数,如是拒绝下载,否则,允许下载,再向客户端发放数字内容的访问许可。  The server side can also pre-set the maximum number of times allowed to download, before allowing the download, first judge whether the current allowed number of downloads is greater than the preset maximum number of times, if so, refuse to download, otherwise, allow the download, and then distribute the digital content to the client access permission. the

实施本发明,具有如下有益效果:在有效进行数字内容版权保护的前提下,对数字内容下载设备数进行了有效的控制,在同一交易中,允许同一个设备进行多次下载数字内容,也同样允许在一定数量的不同设备中进行数字内容下载。  The implementation of the present invention has the following beneficial effects: under the premise of effective digital content copyright protection, the number of digital content download devices is effectively controlled, and in the same transaction, the same device is allowed to download digital content multiple times, and the same Allows digital content downloads in a limited number of different devices. the

显然,本领域的技术人员可以对本发明进行各种改动和变型而不脱离本发明的精神和范围。这样,倘若本发明的这些修改和变型属于本发明权利要求及其等同技术的范围之内,则本发明也意图包含这些改动和变型在内。  Obviously, those skilled in the art can make various changes and modifications to the present invention without departing from the spirit and scope of the present invention. Thus, if these modifications and variations of the present invention fall within the scope of the claims of the present invention and their equivalent technologies, the present invention also intends to include these modifications and variations. the

Claims (10)

1. digital content downloading management method may further comprise the steps:
A: the user end to server end sends download request;
B: server end judges whether to allow client downloads, as allowing, forwards step C to, otherwise refusal is downloaded;
C: access permission from digital content to client that provide;
Step B specifically comprises:
B1: server end judges that whether client device is new equipment, in this way, forwards step B2 to; Otherwise obtain device numbering, get into step B3;
B2: in the facility information table, insert facility information, judge that active user in the current device information table downloads the maximum equipment numbers whether the equipment number of current resource is downloaded greater than predefined permission, in this way, refusal is downloaded, otherwise forwards step B3 to;
B3: registered user's Download History forwards step C to.
2. digital content downloading management method as claimed in claim 1 is characterized in that steps A specifically comprises:
A1: the user logins digital content management system, selects to want the resource information of download digital content;
A2: obtain the consumer electronic devices hardware information, and carry out the unique identification that cryptographic digest forms electronic equipment;
A3: form the download request address, send download request to server end.
3. digital content downloading management method as claimed in claim 2 is characterized in that, said download request address is according to the communication protocol between client and the service end, the download request URL address of organizing hardware information, user profile and resource information to form.
4. digital content downloading management method as claimed in claim 3 is characterized in that step B3 further comprises: registered user's Download History, and Download History is carried out the safety check computing preserve.
5. digital content downloading management method as claimed in claim 4 is characterized in that, said Download History comprises: Customs Assigned Number, digital content resource number, device numbering information.
6. digital content downloading management method as claimed in claim 5; It is characterized in that; The access permission that step C provides digital content to client also comprises before: whether judges Download History row checking data is correct; And when correct, insert Download History information, calculate the capable proof test value of current Download History, and calculate Download History tabular proof test value and preservation.
7. like the arbitrary described digital content downloading management method of claim 1-6; It is characterized in that step C specifically comprises: providing the digital content licenses book to client, is that characteristic information is encrypted digital content key with the equipment unique identifier; Key content after obtaining encrypting; And organize other License Info formation license passport to send to client reader, reader is distributed to the rights of using of user to said resource after obtaining permission.
8. digital content downloading management method as claimed in claim 7; It is characterized in that; Step C further comprises: server end is judged the high reps whether number of times that current permission downloads is downloaded greater than predefined permission; And when being not more than the high reps of predefined permission download, provide the access permission of digital content to client.
9. a digital content download management system comprises client-end subsystem and server end subsystem, and said client-end subsystem comprises:
The digital content reader is used for digital content is read, and said reader is responsible for sending download request information to the downloaded request processing module;
Said server end subsystem comprises:
The download request processing module is responsible for client-requested is resolved, and guarantees the legitimacy of request;
User management module is used for user profile storage administration, secure log authentication management;
The download equipment administration module is used for storage, the facility registration management of download equipment information;
The user's download control module is used for storage administration of digital content Download History and download equipment validity and judges;
Download the content permission and provide module, be used to provide certificate file to client;
Accomplish through communication protocol between said client-end subsystem and the server end subsystem and communicate by letter;
Said user's download control module is responsible for user's the storage administration of digital content Download History, download equipment validity and is judged; For resource of the every download of user; Then this module is responsible for user profile, resource information and download equipment information, after receiving the user's download request, just user's Download History being added up as a Download History storage administration; Judge the validity of downloaded resources validity and equipment; When same user counts above the download equipment of system's permission, then do not allow the user to download again, and the user's download recorded information is carried out certain data check; And checking data be stored in the database or configuration file in, prevent that the user's download record is by illegal deletion or distort.
10. digital content download management system as claimed in claim 9; It is characterized in that, also comprise profile management module, be used for read-write operation configuration file; Some configuration informations of storage system in the configuration file; Whether the data for sensitivity are encrypted, and main being responsible for carried out safe summary to whole configuration file, distorted with the checking configuration file.
CN2008101177234A 2008-08-04 2008-08-04 Management method and system for downloading digital content Expired - Fee Related CN101373504B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2008101177234A CN101373504B (en) 2008-08-04 2008-08-04 Management method and system for downloading digital content

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2008101177234A CN101373504B (en) 2008-08-04 2008-08-04 Management method and system for downloading digital content

Publications (2)

Publication Number Publication Date
CN101373504A CN101373504A (en) 2009-02-25
CN101373504B true CN101373504B (en) 2012-02-01

Family

ID=40447661

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2008101177234A Expired - Fee Related CN101373504B (en) 2008-08-04 2008-08-04 Management method and system for downloading digital content

Country Status (1)

Country Link
CN (1) CN101373504B (en)

Families Citing this family (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101699819B (en) * 2009-11-13 2012-07-25 中国电信股份有限公司 Method and system for managing digital rights
CN102446106A (en) * 2010-09-30 2012-05-09 联想(北京)有限公司 Installation management method, server and terminal for application program
CN102457763B (en) * 2010-10-22 2014-08-20 深圳Tcl新技术有限公司 System and method for recycling certificate
CN102592173A (en) * 2011-01-07 2012-07-18 北大方正集团有限公司 Digital content borrowing processing method and system thereof, apparatuses
CN102447699A (en) * 2011-11-29 2012-05-09 中福在线投资有限公司 Safe transaction method for mobile Internet lottery based on hardware information
CN102594557A (en) * 2012-01-10 2012-07-18 深圳市汉普电子技术开发有限公司 Method and device for encrypting uniform resource locator (URL) and method and device for authenticating URL
CN102624913A (en) * 2012-03-20 2012-08-01 深圳世纪华辰科技有限公司 Data pushing method, and terminal device and server employing same
CN103685397B (en) * 2012-09-14 2017-04-05 百度在线网络技术(北京)有限公司 Based on the reminding method of the download/play quality of high in the clouds analysis, system and device
CN103795560A (en) * 2012-11-01 2014-05-14 云永科技股份有限公司 Management method of networked device identifier and networked device
CN104426994A (en) * 2013-09-11 2015-03-18 北京大学 Terminal, server, electronic book synchronization system and electronic book synchronization method
CN104462877B (en) * 2013-09-25 2018-09-04 北大方正集团有限公司 A kind of digital resource acquisition method under copyright protection and system
CN106060112A (en) * 2016-05-09 2016-10-26 乐视控股(北京)有限公司 Method and device of limiting file downloading number of times based on object storage
DE102017201021A1 (en) * 2017-01-23 2018-07-26 Siemens Aktiengesellschaft Method for device-dependent provision of download resources
CN109446205B (en) * 2017-08-28 2021-03-16 中国电信股份有限公司 Apparatus and method for judging data status and apparatus and method for updating data
CN107749895A (en) * 2017-11-12 2018-03-02 高飞 A kind of e-file medium digital display circuit
CN108200055B (en) * 2017-12-29 2020-10-27 深圳市安佳威视信息技术有限公司 Software method for protecting intellectual property of embedded product
CN110430252B (en) * 2019-07-26 2022-06-10 Oppo广东移动通信有限公司 Resource data processing method and device, equipment and readable storage medium

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1989730A (en) * 2004-07-29 2007-06-27 韩国威得淼有限公司 Method for providing multimedia data and playing multimedia data through communication network

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1989730A (en) * 2004-07-29 2007-06-27 韩国威得淼有限公司 Method for providing multimedia data and playing multimedia data through communication network

Also Published As

Publication number Publication date
CN101373504A (en) 2009-02-25

Similar Documents

Publication Publication Date Title
CN101373504B (en) Management method and system for downloading digital content
US12323526B2 (en) Decentralized data authentication
US8938625B2 (en) Systems and methods for securing cryptographic data using timestamps
US9721071B2 (en) Binding of cryptographic content using unique device characteristics with server heuristics
CN101872399B (en) Dynamic digital copyright protection method based on dual identity authentication
US8539233B2 (en) Binding content licenses to portable storage devices
CN101107611B (en) Method, apparatus and system of private and controlled ownership sharing
RU2500075C2 (en) Creating and validating cryptographically secured documents
CN103095847B (en) Cloud storage safety-ensuring method and system thereof
US20130004142A1 (en) Systems and methods for device authentication including timestamp validation
US20230252181A1 (en) Content management systems and methods
US20120303967A1 (en) Digital rights management system and method for protecting digital content
CN105743903A (en) Audio digital rights management method and system, intelligent terminal and authentication server
CN105893792A (en) Digital copyright management method, device and system
CN101189633B (en) Method and equipment for carrying out authorizing rights issuers in content delivering system
US9122878B1 (en) Software license management with drifting component
CN114401117B (en) Blockchain-based account login verification system
KR20240073387A (en) Did-based verification system for strengthening sovereignty of copyright holders and method for the same
US9298892B2 (en) Terminal apparatus and method for playing multimedia content encrypted based on DRM
CN114978677A (en) Asset access control method, apparatus, electronic device and computer readable medium
KR100738917B1 (en) Server, system, and method for providing encrypted content and authorization object to electronic communication device using delegation method of authorization issuing server
EP4277203B1 (en) Method of securely streaming digital content over content delivery network
US20260039463A1 (en) Method for receiving content in user device over cdn
Rui et al. Research of Rights Management Protocol for Mobile Devices

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20220623

Address after: 100871 No. 5, the Summer Palace Road, Beijing, Haidian District

Patentee after: Peking University

Patentee after: New founder holdings development Co.,Ltd.

Patentee after: FOUNDER APABI TECHNOLOGY Ltd.

Address before: 100871 No. 5, the Summer Palace Road, Beijing, Haidian District

Patentee before: Peking University

Patentee before: PEKING UNIVERSITY FOUNDER GROUP Co.,Ltd.

Patentee before: FOUNDER APABI TECHNOLOGY Ltd.

CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20120201