阅读说明：本技术 一种家庭智能终端的节目授权控制方法 (Program authorization control method of household intelligent terminal ) 是由 陆嘉程 朱泽智 冯燕强 刘巧艳 潘攀 孟文献 于浩 罗日贵 卢立冬 冯智明 王斌 于 2019-11-30 设计创作，主要内容包括：本发明涉及一种家庭智能终端的节目授权控制方法,由数据库服务器、应用服务器、负载均衡服务器构成前端系统,前端系统的服务器间通过以太网交换机实现互联,家庭智能终端和前端系统的负载均衡服务器通过数据传输网络实现互联。数据接口服务器用于同步BOSS系统中的用户订购信息,应用服务器调用数据库服务器的数据信息,同时完成整个系统中校验、加密的业务流程处理,并将加密过的用户授权的相关信息发送至负载均衡服务器,由负载均衡服务器接收和返回家庭智能终端的信令,在家庭智能终端上基于接收到加密授权信息完成对于节目的授权控制。本发明可广泛适用于运营商级别的基于全IP化双向网络中智能家庭终端的节目授权控制,保障运营商权益。(The invention relates to a program authorization control method of a household intelligent terminal, which comprises the steps that a front-end system is formed by a database server, an application server and a load balancing server, the servers of the front-end system are interconnected through an Ethernet switch, and the household intelligent terminal and the load balancing server of the front-end system are interconnected through a data transmission network. The data interface server is used for synchronizing user ordering information in the BOSS system, the application server calls data information of the database server, meanwhile, verification and encryption business process processing in the whole system is completed, encrypted user authorization related information is sent to the load balancing server, the load balancing server receives and returns signaling of the home intelligent terminal, and authorization control of programs is completed on the home intelligent terminal based on the received encrypted authorization information. The invention can be widely applied to program authorization control of intelligent home terminals in full-IP bidirectional networks at the operator level, and guarantees the rights and interests of operators.)

1. A program authorization control method of a home intelligent terminal is characterized by comprising the following steps:

step (1), a front-end authorization control system is constructed, an Ethernet switch is utilized to physically interconnect a data interface server, a database server, an application server and a load balancing server, and all servers adopt an HTTP protocol to complete signaling interaction;

step (2), the data interface server is responsible for synchronizing the user ordering information in the BOSS system;

step (3), when the home intelligent terminal is started, a hash table is created in the memory, the locally stored authorization record file is decrypted, the authorization list and the authorization ending time which are recorded in the file and received before the home intelligent terminal is shut down are restored to the hash table of the memory, and then a request for obtaining authorization information is sent to the front-end authorization control system; the home intelligent terminal interacts with the load balancing server based on the HTTP protocol, and then the load balancing server forwards the request to the application server through a load balancing algorithm;

step (4), after receiving the HTTP request from the home intelligent terminal, the application server verifies the legal ID information of the terminal in the database server, reads the authorization information, encrypts the order information of the user in the database server by adopting an encryption algorithm, and sends the order information back to the load balancing server, and if the user is an illegal ID user, the application server does not return any information;

step (5), the encrypted authorization information is sent to a load balancing server and then written into an HTTP response packet and returned to the home intelligent terminal;

step (6), after decrypting the HTTP response packet data returned by the front-end authorization control system, the home intelligent terminal writes authorization information into a memory hash table, then calculates an MD5 value of the hash table, if the MD5 value is inconsistent with an MD5 value of a local authorization record file, the fact that a program ordered by a user recorded at the front end is inconsistent with the acquired authorization information stored by the current set-top box is indicated, the content of the memory hash table is updated into the local authorization record file, and if the MD5 value is consistent with the acquired authorization information stored by the current set-top box, the fact that the program ordered by the user recorded at the front end is consistent with the acquired authorization information stored by the current set-top box is indicated, and the local authorization file is not updated; if the front end does not return the HTTP response packet, the memory hash table is kept unchanged;

and (7) before the live program is played, the home intelligent terminal queries the serviceID of the played program in a memory hash table, if the serviceID exists in the hash table and the current date is within the authorized validity period, the program can be played, and otherwise, the program is not played.

2. The program authorization control method of the home intelligent terminal according to claim 1, wherein the user subscription information in step (2) includes: hardware serial number of the user home intelligent terminal, user ID number assigned to the software APK by the front end, ordered program package content and ordered duration.

3. A control system suitable for the program authorization control method of the home intelligent terminal as claimed in claim 1, comprising a data interface server, a database server, an application server and a load balancing server, wherein the data interface server, the database server, the application server and the load balancing server are physically interconnected through an ethernet switch; the data interface server is used for synchronizing user ordering information in the BOSS system to the database server; the database server is used for storing data information; the application server is used for calling, verifying and encrypting the data information in the database server and sending the encrypted related information to the load balancing server; the load balancing server is connected with the household intelligent terminal through a data transmission network and used for receiving a signaling sent by the household intelligent terminal to the application server and returning the encrypted authorization information processed by the application server to the household intelligent terminal.

4. The control system of claim 3, wherein a cluster architecture is used among the data interface servers, the database servers, the application servers, and the load balancing servers.

5. The control system according to claim 3 or 4, wherein the database server comprises a master database and a slave database, the master database is used for storing the data information of the BOSS system received by the data interface server; the slave database and the master database are synchronized in storage, and data consistent with the master database can be obtained; the slave database is connected to the application server through an ethernet switch.

6. The control system according to claim 3 or 4, wherein the database server employs an in-memory database Redis.

7. The control system of claim 4, wherein the load balancing server employs a nginx + keepalive architecture.

8. The control system of claim 5, wherein the load balancing server employs a nginx + keepalive architecture.

Technical Field

The invention discloses a program authorization control method of a household intelligent terminal, relates to data interaction and safety control in a wired communication technology, and belongs to the field of information communication, acquisition and transmission of information technologies.

Background

With the introduction of the next generation broadcast television Network (NGB) in china, higher requirements are put forward on the cable television transmission network performance and the functional experience of users, and the radio and television industry is continuously researched, developed, upgraded and modified in the transmission technology around the development requirements of the NGB network.

The national broadcast television bureau successively releases related standards of a plurality of parts, namely technical specification of a cable television network fiber-to-the-home system and an intelligent television operating system, on one hand, in order to adapt to the development trend of new industries and meet the access requirements of high-bandwidth services such as 4K, VR and the like, the broadcasting and television industry needs to develop an optical fiber-to-the-home mode, and the transmission bandwidth accessed by users is accelerated and improved; on the other hand, in order to meet the development of intelligent home services and realize multi-screen interaction of home viewing, full IP transmission of video programs from a head end to a home intelligent terminal is becoming a trend.

Under the background, the receiving scene of the home television is developed towards the trend of multi-screen receiving and multi-screen interaction, the scrambling control is carried out on the program by adopting the CA mode of the traditional cable television, the decryption is carried out by using appointed hardware, and the compatibility of the direct broadcast service of the software and the hardware on various screens is difficult to adapt, so that the traditional mode is not suitable for the service development requirement of the full scene of the broadcasting and television home user.

Disclosure of Invention

The invention aims to provide a program authorization control method of a household intelligent terminal, which can realize the high-efficiency and quick encrypted transmission of the authorization information of live programs ordered by a user to the user terminal, and finally realize the authorization control of the live video programs watched by the user by combining with the processing mechanism of the intelligent terminal on the authorization information.

The invention solves the technical problems by the following technical scheme:

a program authorization control method of a home intelligent terminal comprises the following steps:

step (1), a front-end authorization control system is constructed, an Ethernet switch is utilized to physically interconnect a data interface server, a database server, an application server and a load balancing server, and all servers adopt an HTTP protocol to complete signaling interaction;

step (2), the data interface server is responsible for synchronizing the user ordering information in the BOSS system;

step (3), when the home intelligent terminal is started, a hash table is created in the memory, the locally stored authorization record file is decrypted, the authorization list and the authorization ending time which are recorded in the file and received before the home intelligent terminal is shut down are restored to the hash table of the memory, and then a request for obtaining authorization information is sent to the front-end authorization control system; the home intelligent terminal interacts with the load balancing server based on the HTTP protocol, and then the load balancing server forwards the request to the application server through a load balancing algorithm;

step (4), after receiving the HTTP request from the home intelligent terminal, the application server verifies the legal ID information of the terminal in the database server, reads the authorization information, encrypts the order information of the user in the database server by adopting an encryption algorithm, and sends the order information back to the load balancing server, and if the user is an illegal ID user, the application server does not return any information;

step (5), the encrypted authorization information is sent to a load balancing server and then written into an HTTP response packet and returned to the home intelligent terminal, and the concurrent amount of processing requests and sending in the system by the front-end authorization control system is 50000 QPS;

step (6), after decrypting the HTTP response packet data returned by the front-end authorization control system, the home intelligent terminal writes authorization information into a memory hash table, then calculates an MD5 value of the hash table, if the MD5 value is inconsistent with an MD5 value of a local authorization record file, the fact that a program ordered by a user recorded at the front end is inconsistent with the acquired authorization information stored by the current set-top box is indicated, the content of the memory hash table is updated into the local authorization record file, and if the MD5 value is consistent with the acquired authorization information stored by the current set-top box, the fact that the program ordered by the user recorded at the front end is consistent with the acquired authorization information stored by the current set-top box is indicated, and the local authorization file is not updated; if the front end does not return the HTTP response packet, the memory hash table is kept unchanged;

and (7) before the live program is played, the home intelligent terminal inquires the Service ID of the played program in a memory hash table, if the Service ID exists in the hash table and the current date is within the authorization validity period, the program can be played, otherwise, the program is not played, and therefore the authorization control of the live video program is realized on the intelligent terminal side.

The invention also provides a control system suitable for the program authorization control method, the control system comprises a data interface server, a database server, an application server and a load balancing server, and the data interface server, the database server, the application server and the load balancing server are physically interconnected through an Ethernet switch; the data interface server is used for synchronizing user ordering information in the BOSS system to the database server; the database server is used for storing data information; the application server is used for calling, verifying and encrypting the data information in the database server and sending the encrypted related information to the load balancing server; the load balancing server is connected with the household intelligent terminal through a data transmission network and used for receiving a signaling sent by the household intelligent terminal to the application server and returning the encrypted authorization information processed by the application server to the household intelligent terminal. The cluster architecture is used among the data interface server, the database server, the application server and the load balancing server, so that the stability and the reliability of the authorization control method can be ensured. The database server comprises a master database and a slave database, wherein the master database is used for storing data information of the BOSS system received by the data interface server; the slave database and the master database are synchronized in storage, and data consistent with the master database can be obtained; the slave database is connected to the application server through an ethernet switch. The database server adopts a memory database Redis. The load balancing server adopts an nginx + keepalive architecture.

The invention organically integrates the full IP bidirectional network technology and the traditional DVB CA authorization mechanism, solves the problem of the authorization control of the live video program of the household intelligent terminal in the full IP bidirectional network, guarantees the rights and interests of radio and television operators and the service development requirements, and can be widely applied to the control of the live program service based on intelligent soft and hard terminals. Specifically, the program authorization control method provided by the invention has the following beneficial effects:

(1) the method is suitable for hardware intelligent terminals and software APK terminals, can meet the authorization control requirements of various intelligent screen live programs in a home scene, and therefore can solve the problem of live video authorization based on the intelligent terminals in an all-IP network.

(2) Compared with the traditional CA unidirectional broadcast sending authorization, the invention has the advantages that the intelligent terminal obtains the authorization in the HTTP request response mode, the authorization efficiency is higher, and the speed is higher.

(3) The invention has higher concurrent processing capability, the database can adopt a memory database Redis, the read-write operation is completely finished in the memory, the number of events finished per second can reach 50000QPS, and the system can support the real-time response requirement of the high-frequency request of the terminal.

(4) The load balancing server has higher reliability, the load balancing server adopts the nginx + keepalive framework, and when one load balancing server fails, the other load balancing server can be quickly and automatically switched to, so that the service is not influenced.

(5) The invention has good expansibility, and can improve the processing capacity of the system by adding one application server when the load of one application server reaches a threshold value.

Drawings

Fig. 1 is an example of an overall device wiring diagram of a program authorization control system of a home intelligent terminal according to the present invention.

Fig. 2 is a connection line and internal logic diagram of the program authorization control method according to the present invention.

Fig. 3 is an interaction flowchart of the home intelligent terminal and the front-end authorization control system according to the present invention.

Fig. 4 is a processing mechanism flowchart of the program authorization control method of the home intelligent terminal according to the present invention.

Detailed Description

The inventive concepts of the present solution will be described below using terms commonly employed by those skilled in the art to convey the substance of their work to others skilled in the art. These inventive concepts may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. These embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of what is included to those skilled in the art. The particular embodiments shown and described may be substituted for a wide variety of alternate and/or equivalent implementations without departing from the scope of the present solution embodiments. This disclosure is intended to cover any adaptations or variations of the embodiments discussed in this disclosure. It will be apparent to those skilled in the art that alternative embodiments may be practiced using only some of the described aspects. Certain specific server, network interface, etc. arrangements are described in the embodiments for illustrative purposes, however, alternative embodiments may be practiced by those skilled in the art without these specific details. In other instances, well-known features may be omitted or simplified in order not to obscure the embodiments.

The invention can be used for a hardware intelligent terminal, runs on an intelligent operating system, is accessed into a bidirectional data transmission network, and receives a set top box of unicast or multicast video. Or the television APK software integrated with the system authorization control function is installed in a whole set of hardware receiving system formed on a mainstream intelligent box or an intelligent television.

As shown in fig. 1, the connection relationship and the function transfer relationship of the program authorization control system of the home intelligent terminal are as follows: the data interface server, the database server, the application server and the load balancing server form a front-end authorization control system, the front-end authorization control system servers are interconnected through an Ethernet switch, the front-end authorization control system servers adopt the same address field, and signaling interaction among the servers is mainly completed through an HTTP protocol. The household intelligent terminal and the load balancing server of the front-end authorization control system are interconnected through a data transmission network. And the data interface server is used for synchronizing the user ordering information in the BOSS system, and comprises the hardware serial number of the home intelligent terminal of the user, the user ID number distributed to the software APK by the front end, the ordered program package content, the ordering duration and other information. The application server is used for calling the data information of the database server, simultaneously completing the business process processing of data verification and encryption in the whole system, and sending the encrypted related information authorized by the user to the load balancing server; and the load balancing server receives the signaling of the home intelligent terminal, completes signaling interaction and authorization processing, returns the signaling to the home intelligent terminal, and completes authorization control on the program on the basis of the received encrypted authorization information on the home intelligent terminal. The household intelligent terminal must communicate with the load balancing server of the front-end authorization control system, and the load balancing server isolates and forwards related information, so that the safety of the front-end authorization control method is ensured.

As shown in fig. 2, when the system constructed by the present invention is used to perform program authorization control, the following logical relationship may be adopted: the data interface server writes the data into the master database after receiving the data sent by the BOSS, configures a synchronization strategy between the master database and the slave database, and the slave database can obtain the data same as the master database. After an HTTP request sent by a user intelligent terminal reaches a load balancing server, the load balancing server forwards a request data packet to a certain application server with an idle rear end through a load balancing algorithm, the application server reads an intelligent terminal ID number from an HTTP header after reading the data packet, then the live program information ordered by the intelligent terminal is inquired from a database by taking the terminal ID number as a keyword, the application server packs and encrypts the information and sends the information to the load balancing server as a response body of an HTTP response packet, then the information is returned to the user intelligent terminal by the load balancing server, and the concurrence quantity of processing requests and sending in a front-end authorization control system is 50000 QPS.

As shown in fig. 3, the interaction process between the home intelligent terminal and the front-end authorization control system is as follows (the sequence number in the figure represents the process sequence):

the BOSS system sends authorization data ordered by a user to an authorization control front-end authorization control system;

2. after the intelligent terminal is started, a hash table used for storing authorization data is established in a memory, then an HTTP request is sent to an authorization control front-end authorization control system to obtain live broadcast authorization data, and after the transmission is finished, the intelligent terminal sets timeout time to wait for response data to return;

3. if the intelligent terminal acquires the response data before the overtime, decrypting the data in the HTTP response packet;

4. and writing the serviceid of the ordered live program into the hash table after the data are decrypted, and simultaneously recording the authorization ending date.

As shown in fig. 4, the processing mechanism for implementing authorization in the home intelligent terminal by using the present invention is:

step (1): the intelligent terminal selects a certain program, and transmits the serviceid and the current date of the program as parameters to a program playing judgment function;

step (2): the program playing judgment function firstly judges whether the program is a free program, if the program is the free program, the playable identifier of the program is returned to the intelligent terminal, and the step (5) is carried out, and if the program is not the free program, the step (3) is carried out;

and (3): the program playing judgment function searches whether the serviceid exists in the memory hash table, if not, the information that the program is not ordered is returned to the intelligent terminal, and the terminal prompts that the program is not ordered; if the serviceid exists in the memory hash table, turning to the step (4);

and (4): comparing the current time with the authorization end time by the program playing judgment function, if the current time does not exceed the authorization end time, turning to the step (5), if the current time exceeds the authorization end time, returning the information that the program is not ordered to the intelligent terminal, and prompting that the program is not ordered by the terminal;

and (5): the terminal obtains the identifier that the program can be played, and sends a UDP signaling message to the gateway to obtain a multicast channel;

and (6): after the gateway responds to the UDP signaling message, the multicast data stream of the program is sent to the intelligent terminal in a UDP unicast mode, and the intelligent terminal can play the program after receiving the unicast data packet of the program.