Disclosure of Invention
In view of the above, the present invention provides a method and a system for performing anti-hotlinking processing on live video to solve the above problems.
The invention provides a system for performing anti-stealing-link processing on live video, which comprises: a player for extracting user information, the player including a decryption module; the player interface comprises an encryption module coupled with the decryption module and is used for receiving the user information and encrypting the user information to obtain encrypted information; and a server including a verification module. The player interface transmits the encrypted information back to the decryption module, the decryption module decrypts the encrypted information to obtain a decryption token and transmits the decryption token to the verification module, and the verification module verifies the decryption token to judge whether decryption is successful or not.
And the verification module judges whether the decryption is successful or not by judging whether the user IP in the decryption token is the same as the user IP in the user information or not, wherein when the user IP in the decryption token is the same as the user IP in the user information, the decryption is judged to be successful. When the user IP in the decryption token is different from the user IP in the user information, the authentication module further determines whether the decryption is successful by determining whether a user cookie in the decryption token is the same as the user cookie in the user information, wherein when the user cookie in the decryption token is the same as the user cookie in the user information, the decryption is successful.
And when the verification module judges that the decryption is successful, the server responds to a playing instruction sent by the player and sends a video stream to the player.
The user information includes a user cookie, a user usage time, and/or a user ID.
The invention provides a method for performing anti-stealing link processing on live video, which comprises the following steps: extracting user information through a player; receiving the user information through a player interface; encrypting the user information through an encryption module of the player interface to obtain encrypted information; returning the encrypted information to the player; decrypting the encrypted information through a decryption module of the player to obtain a decryption token; sending the decryption token to a verification module of a server through the player interface; and verifying the decryption token through the verification module to judge whether decryption is successful.
The step of verifying the decryption token by the verification module to determine whether the decryption is successful further comprises: judging whether the user IP in the decryption token is the same as the user IP in the user information; and when the user IP in the decryption token is the same as the user IP in the user information, judging that the decryption is successful. When the user IP in the decryption token is judged to be different from the user IP in the user information, the method further includes: judging whether the user cookie in the decryption token is the same as the user cookie in the user information; and when the user cookie in the decryption token is the same as the user cookie in the user information, judging that the decryption is successful.
And when the decryption is judged to be successful, the server sends the video stream to the player by responding to a playing instruction.
The user information includes a user cookie, a user usage time, and/or a user ID.
Compared with the prior art, the method and the system for performing anti-stealing link processing on live video provided by the invention achieve the following effects:
(1) the method and the system for performing anti-stealing link processing on live video can effectively encrypt and decrypt the live video, and effectively prevent the problems of interception by a third party, direct illegal broadcasting and the like.
(2) The method and the system for performing anti-theft chain processing on live video can continue to form encryption and decryption on live video according to the position change of the user, and effectively prevent the problems of interception by a third party, direct illegal broadcasting and the like.
Of course, it is not necessary for any one product to achieve all of the above-described technical effects simultaneously.
Detailed Description
As used in the specification and in the claims, certain terms are used to refer to particular components. As one skilled in the art will appreciate, manufacturers may refer to a component by different names. This specification and claims do not intend to distinguish between components that differ in name but not function. In the following description and in the claims, the terms "include" and "comprise" are used in an open-ended fashion, and thus should be interpreted to mean "include, but not limited to. "substantially" means within an acceptable error range, and a person skilled in the art can solve the technical problem within a certain error range to substantially achieve the technical effect. Furthermore, the term "coupled" is intended to encompass any direct or indirect electrical coupling. Thus, if a first device couples to a second device, that connection may be through a direct electrical coupling or through an indirect electrical coupling via other devices and couplings. The description which follows is a preferred embodiment of the present application, but is made for the purpose of illustrating the general principles of the application and not for the purpose of limiting the scope of the application. The protection scope of the present application shall be subject to the definitions of the appended claims.
Fig. 1 illustrates a prior art system 100 for providing live video. As shown in fig. 1, the system 100 includes: a player 101, a player interface 102 and a server 103.
The server 103 is configured to store a video file to be played, where the video file may be in an Audio Video Interleave (AVI) format, an Advanced Streaming (ASF) format, a Windows Multimedia Video (WMV) format, a 3G streaming video coding (3 GP) format, or the like. The server 103 may be both a far-end server and a near-end server.
The player interface 102 is coupled to the server 103 and the player 101, and is used for transmitting a playing instruction of the player 101 to retrieve (or obtain, etc.) a video stream corresponding to the playing instruction from the server 103 to the player 101.
The player 101 may be a player downloaded to a local terminal (e.g., desktop, tablet, smartphone, personal digital assistant, etc.). The player 101 may also be a flash player provided for a web page, and a user can directly use the player provided for the web page to view a video by only opening the web page without downloading the player to a local terminal in advance.
However, the player 101, the player interface 102 and the server 103 are not provided with a measure for performing anti-stealing link processing on live video when transmitting video streams, so that the video stream addresses are easy to be stolen by lawbreakers in the transmission process.
The invention provides a system for performing anti-stealing-link processing on live video to solve the problems. Fig. 2 is a system 200 for performing hotlink protection processing on a live video according to an embodiment of the present invention. As shown in fig. 2, a system 200 for anti-hotlinking processing of live video includes: a player 201, a player interface 202 and a server 203. The difference from fig. 1 is that the player 201 has a decryption module 204, the player interface 202 has an encryption module 205, and the server 203 has an authentication module 206.
When the player 201 is used by a user (when a user input is detected, e.g. an action of the user to open the player), user information is extracted and sent to the player interface 202, wherein the user information comprises a user cookie, a user usage time and/or a user ID, etc. In an embodiment of the present invention, the user time indicates the timeliness of the live video and/or the timeliness of the encryption information requested to be obtained by the one-time player interface. When a predetermined time, for example, 3 to 5 hours, is exceeded, the encrypted information is invalidated.
The player interface 202 receives the user information and encrypts the user information by using the encryption module 205 to obtain encrypted information, wherein the encryption process can be implemented by an encryption algorithm such as DES, 3DES, RC2, RC4, etc., but the invention is not limited thereto, and transmits the encrypted information back to the player 201.
The decryption module 204 of the player 201 decrypts the returned encrypted information to obtain a decryption token (e.g. security identifier SID and/or label token), wherein the decryption process may be implemented by a decryption algorithm corresponding to the encryption algorithm, for example, when performing encryption using DES symmetric algorithm, decryption may be performed using symmetric decryption algorithm. The invention is not limited to a specific form of decryption algorithm. The player 201 sends the decryption token to the authentication module 206 of the server 203 through the player interface 202, and the authentication module authenticates the decryption token to determine whether the decryption is successful.
In an embodiment of the present invention, the encryption module 205 combines the user cookie, the user usage time and/or the user ID with an encryption algorithm to generate an encryption string with a feature code (e.g., a random number) for encryption, and the decryption module 204 decrypts the encryption string to obtain the decryption token. And after the player interface 202 receives the user information, the user information is also sent to the verification module 206 of the server 203, and the verification module 206 verifies the decryption token according to the user information. For example, the verification module 206 determines whether the user IP in the decryption token is the same as the user IP in the user information, and if so, may determine that the user IP is the same legal user, that is, the decryption is successful, that is, the video stream is sent to the player 201 in response to the play instruction sent by the player 201 to be played. If not, it is determined that the users are not the same legal users, i.e., the decryption fails, and if the HTTP404 is returned as an error, the video stream is not sent to the player 201.
In some usage scenarios, the user may use the same local terminal, but may change the location of use of the local terminal, such as changing from home to restaurant or from beijing to shanghai to watch video using the same tablet. At this time, the IP address of the local terminal changes with the change of the network, and if the user IP is only used, an erroneous determination is caused, so that a legitimate user cannot normally watch the video. However, in the above usage scenario, the user cookie of the user is the same regardless of whether the user changes the usage location, and therefore, whether the user is the same legitimate user can be determined by the user cookie. In other usage scenarios, the user may change local terminals and usage locations at the same time, for example, watching video with a tablet computer in Beijing and watching video with a desktop computer in Shanghai. At this time, the IP address of the local terminal changes with the change of the network, and if the user IP is only used, an erroneous determination is caused, so that a legitimate user cannot normally watch the video. However, in the above usage scenario, if the user is a login user (using the same account for login), the user identifiers of the user cookies of the login user are the same, so that whether the user cookies are the same legal user can be determined by the user identifiers.
Therefore, in an embodiment of the present invention, when it is determined that the user IP in the decryption token is different from the user IP in the user information, the verification module 206 further determines whether the user cookie in the decryption token is the same as the user cookie in the user information, and if so, it may be determined that the user cookie is the same legal user, that is, the decryption is successful, that is, the video stream is sent for the player 201 to play. If not, it is determined that the users are not the same legal users, i.e., the decryption fails, and the video stream is not sent to the player 201. The user cookie comprises cookie information of a login user and a non-login user.
Fig. 3 is a method for performing hotlink protection processing on a live video according to an embodiment of the present invention. As shown in fig. 3:
in step 301, user information is extracted by the player and sent to the player interface. In an embodiment of the present invention, the user information includes a user cookie (i.e., a user cookie), a user usage time and/or a user ID. The user cookie comprises cookie information of a login user and a non-login user.
In step 302, the user information is encrypted by an encryption module in the player interface to obtain encrypted information. In an embodiment of the present invention, the encryption process may be implemented by an encryption algorithm such as DES, 3DES, RC2, RC4, and the like, which is not limited in this respect. In an embodiment of the present invention, the encryption module 205 combines the user cookie, the user usage time, and/or the user ID with an encryption algorithm to generate an encryption string with a feature code to implement encryption.
In step 303, the encrypted information is transmitted back to the player.
In step 304, the decryption module of the player decrypts the returned encrypted information to obtain a decryption token. In one embodiment, the decryption token may be, for example, a security identifier SID and/or a tag token. In an embodiment, the decryption process may be implemented by a decryption algorithm corresponding to the encryption algorithm, and the invention is not limited to the specific form of the decryption algorithm.
In step 305, the decryption token is sent to the authentication module of the server through the player interface.
In step 306, the verification module verifies the decryption token to determine whether the decryption was successful.
In an embodiment of the present invention, the verification module may determine whether the decryption is successful by determining whether the user IP in the decryption token is the same as the user IP in the user information. For example, if it is determined that the user IP is the same as the user IP in the user information, it may be determined that the user IP is the same legal user, that is, the decryption is successful, that is, the video stream is sent to the player in response to the play instruction sent by the player for playing. If the user IP is judged to be different from the user IP in the user information, the user IP is judged not to be the same legal user, namely the decryption is failed, and if the HTTP404 is returned, the video stream cannot be sent to the player. However, in some practical usage scenarios, the user may change the location of use of the local terminal, for example, from home to restaurant or from beijing to shanghai, using the same tablet to watch the video. In other usage scenarios, the user may change local terminals and usage locations at the same time, for example, watching video with a tablet computer in Beijing and watching video with a desktop computer in Shanghai. At this time, the IP address of the tablet computer changes with the change of the network, and if the user IP is only used, an erroneous determination is caused, so that a legitimate user cannot normally watch the video.
Therefore, the present invention provides an enhanced method for performing anti-hotlinking processing on live video to solve the above problems. Fig. 4 is a method for anti-hotlinking processing of a live video according to another embodiment of the present invention. As shown in fig. 4:
in step 401, user information is extracted by the player and sent to the player interface. In one embodiment, the user information includes a user cookie, a user usage time, a user ID, and/or the like.
In step 402, the user information is encrypted by an encryption module in the player interface to obtain encrypted information. In an embodiment of the present invention, the encryption process may be implemented by an encryption algorithm such as DES, 3DES, RC2, RC4, and the like, which is not limited in this respect. In an embodiment of the present invention, the encryption module 205 combines the user cookie, the user usage time, and/or the user ID with an encryption algorithm to generate an encryption string with a feature code to implement encryption.
In step 403, the encrypted information is transmitted back to the player.
In step 404, the decryption module of the player decrypts the returned encrypted information to obtain a decryption token. In one embodiment, the decryption token may be, for example, a security identifier SID and/or a tag token. In an embodiment, the decryption process may be implemented by a decryption algorithm corresponding to the encryption algorithm, and the invention is not limited to the specific form of the decryption algorithm.
In step 405, the decryption token is sent to the authentication module of the server through the player interface.
In step 406, the verification module determines whether the user IP in the decryption token is the same as the user IP in the user information. If the two are the same, go to step 407. If not, go to step 408.
In step 407, it is determined that the user is the same legitimate user, i.e. the decryption is successful.
In step 408, the authentication module determines whether the user cookie in the decryption token is the same as the user cookie in the user information. If the two are the same, go to step 407. If not, go to step 409.
In step 409, it is determined that the users are not the same legitimate users, i.e., the decryption has failed.
Compared with the prior art, the method and the system for performing anti-stealing link processing on live video achieve the following effects:
(1) the method and the system for performing anti-stealing link processing on live video can effectively encrypt and decrypt the live video, and effectively prevent the problems of interception by a third party, direct illegal broadcasting and the like.
(2) The method and the system for performing anti-theft chain processing on live video can continue to form encryption and decryption on live video according to the position change of the user, and effectively prevent the problems of interception by a third party, direct illegal broadcasting and the like.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, apparatus, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The foregoing description shows and describes several preferred embodiments of the present application, but as aforementioned, it is to be understood that the application is not limited to the forms disclosed herein, but is not to be construed as excluding other embodiments and is capable of use in various other combinations, modifications, and environments and is capable of changes within the scope of the inventive concept as expressed herein, commensurate with the above teachings, or the skill or knowledge of the relevant art. And that modifications and variations may be effected by those skilled in the art without departing from the spirit and scope of the application, which is to be protected by the claims appended hereto.