CN102088443B - Method and system for subscribing digital periodical with copyright protection - Google Patents

Abstract

The present invention provides a digital periodical subscription method and system with copyright protection, wherein, the server uses the registered hardware information of each client as an encryption key to encrypt the protection key used to encrypt the content of the digital periodical, and then encrypts it Generate a license with the corresponding prompt information, and then combine multiple licenses to generate a license file. On each issue date, the license file and encrypted digital periodical content are pushed to the client. The client receiving the license file decrypts the encrypted digital periodical content according to the license file, hardware information and corresponding prompt information. The license file generated by the present invention is restricted to obtain the encrypted digital periodical content only on the specified hardware device, and one license file can be used on multiple hardware devices registered by the subscriber user, and when the hardware device is partially changed , the license file can still be used normally, which greatly facilitates users.

Description

A digital periodical subscription method and system with copyright protection

technical field

The invention relates to the field of digital periodicals, in particular to a digital periodical subscription method and system with copyright protection.

Background technique

At present, the main way of subscribing to digital periodicals is to make the periodical content into an unencrypted file (such as pdf), and then distribute it as an attachment to the computers of subscribers via email, which cannot realize the copyright protection of digital content. However, the existing digital copyright protection technology mainly involves the protection of e-books and other booklets, and all of them are downloaded through websites, which is inconvenient to use for serial publications such as digital periodicals.

In the Chinese patent "Method and System for Subscription Digital Rights Management" with application number 02815591.2, a management method that can be used for digital periodical subscription is proposed. In this method, a subscription list including a public key related to a subscriber is stored, and the license server submits a license by checking whether the public key of the subscriber is on the subscription list, and a plurality of protected contents are defined in the license Relevant usage rights and their usage conditions and state variables, etc. After obtaining the license from the license server, the distribution point (e.g., merchant) prepackages it with multiple protected contents and sends it to the subscriber, so that the subscriber can use it according to the usage rights and its usage conditions defined in the license. to access multiple protected content without having to independently activate each license associated with each protected content. However, since this method achieves the control of the subscription content by generating a license based on the public key of each subscriber, that is, generating a license for each subscriber, it is impossible to control the subscription content only on multiple specified hardware used on the device. That is to say, this method is mainly based on the information related to the subscriber (for example, domain account information), rather than the information of its multiple hardware devices. Therefore, as long as you log in with a domain account on any hardware device, access is allowed. Instead of controlling access only on specified hardware devices. In short, this method can only realize the control of people, but not the control of hardware devices, especially the control of multiple devices of a subscriber.

Contents of the invention

In order to solve the above problems, the present invention provides a digital periodical subscription method and system with copyright protection, so as to avoid the problem of being randomly forwarded in the process of issuing digital periodicals, and the encrypted periodicals can only be obtained on multiple hardware devices designated by subscribers Digital Journal Content.

In order to achieve the above purpose, the digital periodical subscription method with copyright protection provided by the present invention includes the following steps: Step 1, the subscriber registers with the server on its client and subscribes to the digital periodical, and the server receives the subscription information of multiple clients registered by the subscriber. Registration information and subscription information, the registration information includes hardware information of the client device and corresponding prompt information, the subscription information includes subscription user information, subscribed periodical titles and subscription start and end periods; step 2, the server utilizes the protection secret key to encrypt the subscribed digital periodical content, and for subscribers whose issue date is within the start and end period of their subscription, a license is generated according to the protection key, the hardware information in the registration information received from the client, and the corresponding prompt information license file, and then push the license file and encrypted digital periodical content to the client of the subscriber; and step 3, the client that receives the license file and encrypted digital periodical content uses the The hardware information and corresponding prompt information to decrypt the encrypted digital periodical content.

Step 1 can be performed in the following two ways: Subscribers register and subscribe to digital periodicals on their multiple clients, and these clients collect hardware information and corresponding prompt information of their respective devices, and store the hardware information and The corresponding reminder information is sent to the server together with the subscription information; or, the subscriber registers and subscribes to digital periodicals on one of its clients, and the client collects the hardware information of its own device and the information of other client devices registered by the subscriber. The hardware information and the prompt information corresponding to the hardware information are sent to the server together with the subscription information.

The step of the server generating the license file in step 2 includes: using the hardware information of each registered client to generate an encryption key to encrypt the protection key to form an encrypted message; the encrypted message and its corresponding prompt information together to generate a Licensing; combine multiple generated licenses to generate a license file. Wherein, the server may use a message digest algorithm to transform the hardware information of the client device, and use the transformed information to generate an encryption key.

Step 3 includes: finding the corresponding authorization license in the license file according to the prompt information used during registration; using the hardware information of the client to generate a decryption key to decrypt the encrypted information in the authorization license to obtain a protection key; key to decrypt encrypted digital journal content. Wherein, the client can use the message digest algorithm to transform the hardware information of the client device, and use the transformed information to generate a decryption key for decryption.

Preferably, the present invention can also delete redundant devices through the following method: the subscribing user sends a request for deleting a device to the server from any one of the multiple clients it has registered, and the deletion request includes the device ID of the device that sent the deletion request Hardware information and its corresponding prompt information, as well as the prompt information of the device to be deleted. After receiving the deletion request, the server deletes the hardware information of the device to be deleted and the corresponding prompt information from the original registration information, thereby obtaining updated registration information, and generates a license using the updated registration information and the protection key certification documents.

Preferably, the registered device can be added by the following method: the subscribing user sends a request for adding a device to the server from any one of the multiple clients it has already registered, and the request includes the hardware information of the device sending the request and its The corresponding prompt information and the hardware information of the device to be added and its corresponding prompt information, the hardware information of the device to be added and its corresponding prompt information are collected by the device sending the request for adding. After receiving the increase request, the server adds the hardware information of the device to be added and the corresponding prompt information to the original registration information, thereby obtaining updated registration information, and uses the updated registration information and the protection key to generate a license certification documents. More preferably, the present invention can use a key sharing mechanism, combined with the hardware configuration of the user equipment, to adopt a hardware-adaptive digital periodical and hardware binding method to ensure that when some hardware configurations in the hardware device are changed, they can still Use the license file normally.

Correspondingly, a digital periodical subscription system with copyright protection provided by the present invention includes: a plurality of clients, for subscribers to register with the server and subscribe to the digital periodicals, and then send the registration information and subscription information to the server, When receiving the license file and encrypted digital periodical content from the server, decrypt the encrypted digital periodical content according to the license file and the hardware information used at the time of registration and the corresponding prompt information; and the server, for utilizing the protection The key encrypts the subscribed digital periodical content, and for subscribers whose issue date is within the start and end period of their subscription, it is generated according to the protection key, the hardware information in the registration information received from the client, and the corresponding prompt information license file, and then push the license file and encrypted digital journal content to the subscriber's client.

In the present invention, the server uses the hardware information registered by the subscribing user as the encryption key to encrypt the protection key used to encrypt the content of the digital periodical, and generates the corresponding authorization key together with the encrypted protection key and its corresponding prompt information. License, so that the subscription content can only be obtained on multiple clients specified by the subscription user whose issue date is within the subscription start and end period, so as to realize the control of the hardware device. In addition, the server combines multiple licenses to generate a license file, so that this license file can be shared on multiple hardware devices registered by the subscriber user, and can still be used when some hardware configurations in the hardware device change. The normal use of the license file greatly facilitates the user. In addition, the present invention can also delete or add devices on the registered client, which improves the flexibility of digital periodical subscription.

Description of drawings

Fig. 1 is a schematic structural diagram of a digital periodical subscription system with copyright protection according to a first embodiment of the present invention;

Fig. 2 is a schematic flow chart of a digital periodical subscription method with copyright protection according to the first embodiment of the present invention;

FIG. 3 is a schematic structural diagram of a server in the system shown in FIG. 1;

Fig. 4 is a schematic structural diagram of a client in the system shown in Fig. 1;

Fig. 5 is a schematic structural diagram of a digital periodical subscription system with copyright protection according to a second embodiment of the present invention;

Fig. 6 is a schematic diagram of a license file according to a specific embodiment of the present invention.

Detailed ways

The invention provides a digital periodical subscription method and system with copyright protection, which is used to protect and control the content of digital periodicals in the process of subscription and distribution, to avoid the problem of random forwarding in the process of digital periodical distribution, and to support a The license file is used across multiple hardware devices registered by the subscriber.

The present invention will be described in detail below with reference to the drawings and embodiments.

(first embodiment)

Fig. 1 is a schematic structural diagram of a digital periodical subscription system with copyright protection according to the first embodiment of the present invention. As shown in Figure 1, the system includes: a server 11, a plurality of clients 12A, a plurality of clients 12B (and more clients 12C, 12D..., not shown in the figure), wherein a plurality of clients 12A belong to the same subscriber A, and multiple clients 12B belong to the same subscriber B. Hereinafter, the interaction between the client 12A and the server 11 will be described as an example.

Fig. 2 is a flow chart of a digital periodical subscription method with copyright protection according to the first embodiment of the present invention. As shown in Figure 2, the method includes the following steps:

Step S201, subscriber registration and subscription steps

In this step, the subscribing user registers with the server on its client and subscribes to the digital periodical, and the client sends the registration information and subscription information to the server, the hardware information of the client device and the corresponding prompt information of the registration information, all The above subscription information includes subscriber information, the title of the periodical subscribed to and the start and end period of the subscription. The server receives registration information and subscription information of multiple clients registered by the subscribing user.

Specifically, in the first embodiment of the present invention, subscriber A registers and subscribes to digital periodicals on multiple clients 12A, including registered user information, selected periodical titles, subscription start and end dates, and so on. Then, the client 12A extracts the device name (for example, computer name) of the client 12A as its corresponding prompt information, and sends its hardware information and corresponding prompt information as registration information and subscription information to the server 11, as above As mentioned above, the subscription information includes the subscriber information, the title of the journal to subscribe to and the start and end period of the subscription. Alternatively, the user may be allowed to input a name as prompt information corresponding to the hardware information of each client 12A. In order to make the prompt information correspond to the hardware information of each client 12A one by one, if the registered prompt information is repeated, for example, the device name is repeated, the subscriber A is allowed to modify the prompt information, that is, re-enter a non-repetitive name.

Step S203, server encryption and authorization steps

In this step, the server uses the protection key to encrypt the subscribed digital periodical content, and for subscribers whose issue date is within the start and end period of their subscription, according to the protection key and the hardware in the registration information received from the client information and corresponding prompt information to generate a license file, and then push the license file and encrypted digital periodical content to the client of the subscriber.

Specifically, on the issue day of the digital periodical, the server 11 uses a key generation algorithm, such as a random key algorithm, to generate a protection key, and uses the protection key to encrypt the content of the digital periodical, and then checks each subscriber, if If the current issue date is within the start and end period of the subscription, the license file will be generated according to the protection key and the hardware information in the registration information received from multiple clients of the subscriber and the corresponding prompt information, and then the license file will be and encrypted digital journal content is pushed to multiple clients of the subscriber. Wherein, the step for the server to generate the license file further includes:

Use the registered hardware information of each client 12A to generate an encryption key to encrypt the protection key to form an encrypted message, in which the message digest algorithm can be used to transform the client hardware information, and use the transformed information to generate encryption key;

Generate an authorization license together with the encrypted information and the corresponding prompt information;

Combine the generated licenses into one license file.

Step S205, client decryption step

In this step, the client 12A that has received the license file and the encrypted digital periodical content decrypts the encrypted digital periodical content according to the license file, the hardware information used during registration and the corresponding prompt information. Specifically, this step includes the following steps:

Find the corresponding authorization license in the license file according to the prompt information used during registration;

Use the hardware information of the client 12A to generate a decryption key to decrypt the encrypted information in the found authorization license to obtain a protection key, wherein the server 11 converts the hardware information of multiple clients 12A using a message digest algorithm to obtain encryption In the case of a secret key, the client 12A correspondingly uses the message digest algorithm to transform its hardware information, and uses the transformed information to generate a decryption key;

The encrypted digital periodical content is decrypted by using the protection key obtained through decryption.

Through this subscription method, subscribers can regularly receive license files and digital periodical content with copyright protection on their designated multiple client devices, which not only protects the interests of periodicals, but also realizes the hardware equipment. control. Every time a subscribing user needs to access digital periodical content, its client uses the device name used during registration or other name information entered as prompt information to find the corresponding authorization license from the license file, and uses the hardware of the client device to The information generates a decryption key, and decrypts the encrypted information in the license to obtain a protection key, and then uses the protection key to decrypt the content of the digital periodical. After decryption, subscribers can use it offline immediately, which greatly improves the convenience of subscribers.

Compared with the solution that needs to resend the application every time the subscription content is obtained, the present invention adopts the subscription scheme, and does not need to wait for the client to initiate a request every time a digital periodical is issued, but the server directly actively generates the license file, and The license file is pushed to multiple clients defined by the subscriber, thus avoiding the problem of replay attacks.

In addition, the license file generated according to the present invention is not only limited to use on several client devices specified by the subscribing user, but also can share this license file on these multiple client devices without separately Generate multiple license files. Therefore, subscription users can obtain digital journals very simply and conveniently.

FIG. 3 and FIG. 4 are specific structural diagrams of a server and a client implementing the method shown in FIG. 2 respectively.

As shown in Figure 3, the server 11 specifically includes: a subscription processing unit 31, which is used to receive registration information and subscription information from the client, and send the registration information and subscription information to the periodical encryption and authorization unit 32; the periodical encryption and authorization unit 32 , which is used to encrypt the digital periodical content with the protection key, and for subscribers whose issue date is within the start and end period of their subscription, according to the protection key and the hardware information in the registration information received from the client and its corresponding The prompt information generates a license file; and a push unit 33, configured to push the license file and encrypted digital periodical content to the client.

Wherein, the periodical encryption and authorization unit 32 further includes: a periodical content unit 321, which is used to encrypt the digital periodical content with a protection key, and sends the protection key to the encryption key unit 322, and sends the encrypted digital periodical content to Push unit 33; encryption key unit 322, for utilizing the hardware information that receives from subscription processing unit 31 to generate encryption key to encrypt the protection key received from periodical content unit 321, form an encrypted message, and send the encrypted message Send to the license file generating unit 324, and send the encryption key to the subscription client information unit 323; The corresponding relationship of the encryption key; the license file generation unit 324 is used to generate the corresponding relationship using the corresponding relationship received from the subscription client information unit 323, the prompt information received from the subscription processing unit 31, and the encryption information received from the encryption key unit 322 One authorization license, and combine the generated multiple authorization licenses to generate a license file, and then send the license file to the pushing unit 33. Then, the push unit 33 pushes the license file and the encrypted digital periodical content to the multiple clients 12A of the subscribing user A.

As shown in Figure 4, the client 12A specifically includes: a collection unit 40, which collects the hardware information of the client 12A itself and the corresponding prompt information, and sends the hardware information and the prompt information as a piece of registration information to the registration unit 41; A registration unit 41, through which subscribers register and subscribe to digital periodicals, and send the subscription information and registration information to the server 11; receiving unit 42, used to receive the license file and encrypted digital periodical content pushed from the server 11, And the license file is sent to the protection key unit 43, and the encrypted digital periodical content is sent to the decryption digital periodical unit 44; the protection key unit 43 is used to find the corresponding authorization in the license file according to the prompt information used when registering. license, and utilize the hardware information of the client 12A to generate a decryption key to decrypt the encrypted information in the license to obtain a protection key, and send the protection key to the decryption digital periodical unit 44; and the decryption digital periodical unit 44. Using the protection key received from the protection key unit 43, decrypt the encrypted digital periodical content received from the receiving unit 42.

Wherein, the protection key unit 43 further includes: a license extracting unit 431, which is used to find the corresponding authorization license from the license file received by the receiving unit 42 according to the prompt information used during registration, and obtain the corresponding encrypted license from the authorization license. information, and send the encrypted information to the decryption protection key unit 432; the decryption protection key unit 432 uses the hardware information of the client 12A to generate a decryption key to decrypt the encrypted information received from the license extraction unit 431, and obtain Protect the key.

The above describes the subscription method and system according to the first embodiment of the present invention with reference to FIG. 1 to FIG. 4 , but it should be understood that the method of the present invention is not limited to the steps and units disclosed in this embodiment, and may also include other optimization solutions.

For example, in order to increase security, when the client 12A sends the registration information and subscription information to the server 11, it can encrypt and transmit the registration information and subscription information. After receiving the registration information and subscription information, the server 11 first uses the corresponding decryption method to decrypt it. Moreover, the subscribing user A can also only subscribe and register on one client 12A, and only register on other clients 12A without subscribing again.

For another example, when subscriber A subscribes to digital periodicals, he can obtain different usage rights according to different subscription conditions, such as different charging standards, including the right to forward, download, copy, print, etc. the decrypted digital periodical content , and the number of registered clients 12A can also be limited according to different charging standards. Correspondingly, in addition to the encryption information disclosed in the first embodiment and its corresponding prompt information, each license in the license file should also include these subscription conditions and use rights.

For another example, in addition to the push method adopted in the first embodiment, the server 11 can also push the license file to multiple clients 12A registered by the subscriber user A only on the issue date. In this case, the client 12A that receives the license file first downloads the encrypted digital periodical content from the server 11 according to the license file, and decrypts the downloaded encrypted digital periodical content according to the license file and registration information . Since the digital periodical content has been encrypted, it can be downloaded by users through any channel, for example, the encrypted digital periodical content is released publicly or with a specific password. In addition, the server 11 can also prepare a random protection key and a license file according to the received registration information and subscription information in advance, and after each period of digital periodical content is produced, use the random protection key to encrypt it, and then periodically Push license files, etc. to registered clients 12A (eg, on release date or other proximate date). Alternatively, the server can combine the license file and the encrypted digital journal content into one file, which is then periodically pushed to the subscriber's client.

(second embodiment)

In the second embodiment, the difference from the first embodiment is that instead of registering on each client 12A of the subscribing user A separately, the registration and subscription are performed on only one client 12A thereof, through which The client 12A collects hardware information of all client devices registered by the subscribing user A and prompt information corresponding to the hardware information. The specific collection method can be connected through the network, other interface connections, or the information collected on this machine can be encrypted and then sent or copied to the client device that is being registered.

Fig. 5 is a schematic diagram of a system implementing the above method. As shown in FIG. 5 , when subscriber A registers and subscribes to digital periodicals through the registration unit 41, the collection unit 40 collects the hardware information of its own device and the hardware information of other client devices registered by subscriber A, as well as these hardware information corresponding prompt information, and send these hardware information and prompt information to the registration unit 41 as a piece of registration information.

Through this implementation, subscriber A only needs to register and subscribe on one of his clients (such as a computer), and he can directly receive and watch digital periodicals on other clients of the user (such as a mobile phone), and No need to re-register on other clients.

(specific example)

The present invention will be further described through a specific embodiment below.

In this embodiment, it is assumed that a periodical issuer needs to subscribe to a monthly periodical issued on the 1st of each month with copyright protection, and a subscriber Zhang San has subscribed to the periodical, and the subscription period is from January 2009 to December 2009, and need to receive and read this journal on N computers (or mobile phones, handheld devices).

First, Zhang San registers the user with the server on one of his clients and makes payment, and registers the hardware information HINFOi (i=1...N) with the server on N computers (or mobile phones, handheld devices) respectively (such as PC’s Motherboard number, CPU number, hard disk number; the unique number of the device obtained by the Windows Mobile handheld device through GetDeviceUniqueID()), and respectively extract the corresponding computer name CNAMEi (i=1...N) as the prompt information, for example, can be in windows The platform uses the GetComputerName() function to obtain the computer name, the Linux platform uses the sys_gethostname() function to obtain the computer name, and the Windows Mobile platform (Pocket PC and SmartPhone) uses the System.Net.Dns.GetHostName() attribute to obtain the relevant name. On the mobile reading device, the name of the device can be obtained through the device driver when it is connected to the computer. Then, the acquired hardware information HINFOi (i=1...N) and computer name CNAMEi (i=1...N) are sent to Service-Terminal. When sending registration information and subscription information, the hardware information and computer name are transmitted through encryption. For example, use the server public key K to encrypt HINFOi and CNAMEi respectively, and concatenate K(HINFOi)+K(CNAMEi) as parameters to send (The concatenation method can be performed by adding separators such as "||space||").

Then, the server decrypts with the private key P corresponding to the public key K; on the 1st of each month, first prepare the monthly digital periodical content file CF, and then use a random key generator to generate a random key as the protection key KC , perform symmetric encryption on the content file CF to obtain the encrypted content file KC(CF). The server checks that Zhang San has subscribed to this journal, so he uses the message digest algorithm Hash() to transform the hardware information of Zhang San's N devices and obtains Hash(HINFOi) (i=1...N) as the encryption key, which is used for Encrypt the protection key KC to obtain encrypted information KHi (i=1...N). The server adds encrypted information (that is, the encrypted protection key) KHi (i=1...N) and prompt information for decrypting the encrypted information to the license corresponding to the device, that is, the corresponding encrypted information and prompt information corresponding relationship.

Fig. 6 is a schematic diagram of the license file FLic generated in this embodiment. As shown in Figure 6, the "zhangsanPC" information in the ClientName attribute in the <Permission> tag is the prompt information, and the "akeo832mj294bkjhk" information in the <info> tag is the encrypted information, that is, the encrypted protection key.

Next, the server sends the generated license file FLic together with the encrypted digital periodical content file KC(CF) to Zhang San's mailbox by email.

After Zhang San receives the email, he opens the license file FLic on Zhang San's N client devices. After the client first obtains the local device name information CNAMEi, it finds the Permission node with the same ClientName and CNAMEi in the license file. Get its encrypted information, that is, the information in the <info> node. Then, use the hardware information HINFOi of the device to transform the message digest algorithm Hash (HINFOi) to obtain the decryption key, decrypt the protection key KC of the digital periodical content, and use the protection key KC to decrypt the digital periodical content file KC (CF ), so as to obtain the final content CF of the digital monthly magazine.

(third embodiment)

Compared with the above embodiments, the third embodiment adds the function of allowing redundant devices to be deleted and new devices to be added.

In some cases (such as lost, damaged or repurposed equipment), Subscribers are required to delete redundant equipment that is no longer in use. The following method can be used to delete redundant devices: Subscriber A sends a request to server 11 to delete redundant devices 12A' from any one of the multiple clients 12A it has registered, and the deletion request can include the following related parameters: The hardware information HINFOn of the device 12A and its corresponding prompt information CNAMEn, and the prompt information CNAMEm of the device 12A' to be deleted. This method does not limit the device to be deleted as the device to be deleted, so that even if a certain device is lost, it can still send a deletion request to the server on other registered devices, thereby deleting the lost device.

In addition, in order to enhance the security of the process of deleting the device, the public key K of the server 11 can be used to encrypt the deletion request, and perform concatenation K(HINFOn)+K(CNAMEn)+K(CNAMEm) to send as a parameter (concatenation The method can be carried out by adding separators such as "||space||").

After receiving the deletion request, the server 11 deletes the hardware information of the device 12A' to be deleted and its corresponding prompt information from the original registration information, thereby obtaining updated registration information, and generates a license using the updated registration information and protection key certification documents. Then, the license file and encrypted digital periodical content are pushed to the registered client 12A of subscriber A (this time, the deleted client 12A' is not included).

Regarding the function of adding a device, it can be realized by the following method: Subscriber A can send a request for adding a device Am to the server 11 from any one of the multiple clients 12A it has registered, and the request for adding includes sending the request for adding The hardware information HINFOm of the device 12A and its corresponding prompt information CNAMEn, the hardware information HINFOm of the device Am to be added and its corresponding prompt information CNAMEm, wherein the hardware information HINFOm of the device Am to be added and its corresponding prompt information CNAMEm are added by sending The requesting device 12A collects. As mentioned above, the specific collection method can be sent or copied to the client 12A that is performing additional registration after being encrypted through network connection, other interface connection or the information collected on the local machine Am. Same as the process of deleting a device, in order to enhance the security of the process of adding a device, the public key K of the server 11 is used to encrypt the request for adding, and the connection K(HINFOm)+K(CNAMEm)+K(HINFOn)+K(CNAMEn ) to be sent as a parameter (the concatenation method can be performed by adding separators such as "||space||").

After the server 11 receives the increase request, it adds the hardware information of the device Am to be added and its corresponding prompt information to the original registration information, thereby obtaining updated registration information, and generates a license using the updated registration information and protection key file, and then push the license file and encrypted digital periodical content to subscriber A's registered clients 12A and Am.

(fourth embodiment)

The difference between the fourth embodiment and the above embodiments is that an adaptive function for part of the hardware configuration change in the hardware device is added, that is, when part of the hardware configuration in the hardware device (for example, motherboard, CPU, hard disk, etc.) When changing (including replacement, deletion, addition, etc.), the generated license file can still be used normally to obtain encrypted digital periodical content.

For this function, the present invention adopts a method of binding digital content and hardware with hardware adaptability (refer to Chinese Patent No. 200410004751.7 "Method of Binding Digital Content with Hardware Adaptability and Hardware") to achieve. In this method, the key sharing mechanism is mainly used, combined with the hardware configuration of the subscriber's client to achieve hardware adaptability, so that changes in the hardware configuration of the hardware device within a certain range will not affect the legal use of digital content . Specifically, the protection key of the digital periodical is divided into n shared subkeys, and n encryption keys for respectively encrypting the n shared subkeys are generated according to multiple hardware configurations in the client device. When less than n-t hardware configurations are changed in the client device, that is, when t or more hardware configurations remain valid in the client device, the license file can still be used normally to obtain encrypted digital content, otherwise the digital content will no longer be usable. In this patent, a threshold scheme (t, n) is defined to implement the above method, where t is the threshold value of the number of valid subkeys (corresponding to hardware configurations that remain valid).

In the present invention, when the subscribing user A registers on the client 12A, in the case of the first embodiment, the collecting unit 40 of the registering client 12A collects the n related hardware configuration features of the hardware device itself Information (for example, number), which includes characteristic information of n ₀ related hardware configurations that do not exist on the client device; in the case of adopting the second embodiment, the collection unit 40 of the client 12A being registered collects the subscription user The characteristic information of the relevant hardware configurations of all client devices 12A registered by A, and each client device collects characteristic information of n relevant hardware configurations (including the characteristic information of n ₀ relevant hardware configurations that do not exist on the client device. ). At this time, the hardware information sent by the client 12A to the server 11 includes these feature information collected by the collection unit 40 .

After server 11 receives such hardware information, generate license file according to the following steps:

According to the received hardware information, select the value of the threshold parameter t in the (t, n) threshold scheme: $t\&Element;\left[\right[\frac{\mathrm{no}+{\mathrm{no}}_0}{2}]+1,\mathrm{no});$

Divide the protection key of the digital journal into n shared subkeys;

For each client device, bind the n shared subkeys with the hardware configuration of the device, that is, use the received feature information of the n hardware configurations of the device to generate n encryption keys, which are used to pair n N shared subkeys or the n information strings transformed one by one by the n shared subkeys are encrypted, and the validity verification information of each shared subkey is generated at the same time; the value of the threshold parameter t, the encrypted shared subkey The key and its validity verification information form an encrypted message; the encrypted information and its corresponding prompt information together generate an authorization license;

Combine the generated licenses into one license file.

After the client 12A receives the license file, it performs the following decryption steps:

Find the corresponding authorization license in the license file according to the prompt information used when the client 12A registers;

extracting characteristic information of n related hardware configurations of the client 12A, and using these characteristic information to generate n decryption keys, which are respectively used to decrypt n shared subkeys in the encrypted information in the license;

According to the validity check information of each shared subkey and the (t, n) threshold scheme, the validity of each shared subkey is checked. If there are t or more valid shared subkeys, then according to these valid The subkey restores the protection key of the digital periodical content, and uses the protection key to decrypt the encrypted digital periodical content, otherwise the key recovery fails.

Through this implementation, hardware configuration changes within a certain range of hardware devices will not affect the legal use of digital periodicals, and the generated license files can still be used normally without re-applying, which greatly facilitates users.

In addition, preferably, the encrypted information formed may also include other information, such as encryption algorithm information, that is, the value of the threshold parameter t, the encrypted shared subkey and its validity verification information, and other information ( For example, the encryption algorithm information) forms an encryption information. In addition, other required information may also be included in the license file, such as license file integrity verification information and the like. At this time, after receiving the license file, the client first needs to verify the integrity and validity of the license file.

As can be seen from the above embodiments, according to the subscription method of the present invention, the subscriber can regularly receive the license file on multiple client devices designated by him, and then decrypt the encrypted digital periodical content according to the license file, Therefore, not only the problem of replay attack is avoided, but also the control of the hardware device can be realized. In addition, a license can be used on multiple devices of the subscriber without having to generate and send them separately, and when some hardware configurations in the hardware device change, the license file can still be used normally, which greatly facilitates the user. In addition, subscribers can delete or add devices on the registered client, improving the flexibility of digital journal subscriptions.

The present invention has been described in detail above with reference to the drawings and examples. However, those skilled in the art should understand that the present invention is not limited to the disclosed specific embodiments, and any similar modifications, replacements and deformations that those skilled in the art can think of on this basis should be included in the present invention. within the scope of protection.

Claims (27)

1. A digital periodical subscription method with copyright protection, the method comprising: Step 1. The subscriber registers with the server on its client and subscribes to digital periodicals. The server receives the registration information and subscription information of multiple clients registered by the subscriber. The registration information includes the hardware information of the client device and the Prompt information corresponding to the hardware information, the prompt information is the device name of the client device or the name input by the user, and the subscription information includes the subscription user information, the title of the periodical to be subscribed and the start and end period of the subscription; Step 2. The server uses the protection key to encrypt the subscribed digital periodical content, and for subscribers whose issue date is within the start and end period of their subscription, according to the protection key and the hardware information in the registration information received from the client, and The prompt information corresponding to the hardware information generates a license file, and then pushes the license file and encrypted digital periodical content to the client of the subscriber; and Step 3. The client receiving the license file and the encrypted digital periodical content decrypts the encrypted digital periodical content according to the license file, the hardware information used during registration and the prompt information corresponding to the hardware information; The step that the server generates the license file in the step 2 includes: Use the hardware information of each registered client device to generate an encryption key to encrypt the protection key to form an encrypted message; Generate an authorization license with the encrypted information and the corresponding prompt information, and the corresponding prompt information refers to the prompt information in the registration information when the client registers; Combining the generated multiple licenses to generate a license file, so that multiple clients can share the license file; Said step 3 includes: Find the corresponding authorization license in the license file according to the prompt information used when the client registers; Using the hardware information of the client device to generate a decryption key to decrypt the encrypted information in the license to obtain the protection key; The encrypted digital periodical content is decrypted using the protection key. 2. The method according to claim 1, wherein said step 1 comprises: Subscribers register and subscribe to digital periodicals on their multiple clients, and these clients respectively collect the hardware information of their respective devices and the prompt information corresponding to the hardware information, and store the hardware information and the corresponding prompt information of the hardware information The prompt information and subscription information are sent to the server together. 3. The method according to claim 1, wherein said step 1 comprises: A subscriber registers and subscribes to digital periodicals on one of its clients, and the client collects the hardware information of its own device and the hardware information of other client devices registered by the subscriber, as well as prompt information corresponding to these hardware information, and sends these The hardware information and the prompt information corresponding to the hardware information are sent to the server together with the subscription information. 4. The method according to claim 1, wherein the step of generating an encryption key by the server using registered hardware information comprises: The hardware information of the client device is transformed using a message digest algorithm, and an encryption key is generated using the transformed information. 5. The method according to claim 4, wherein the client uses a message digest algorithm to transform the hardware information of the client device, and uses the transformed information to generate a decryption key for decryption. 6. The method according to claim 1, wherein the protection key is generated using a random key algorithm. 7. The method according to claim 1, wherein the prompt information is a device name of a corresponding client or a name input by a user. 8. The method according to claim 7, wherein when a subscriber registers and subscribes to a digital journal, if the registered prompt information is repeated, the subscriber is allowed to modify the prompt information. 9. The method according to claim 1, wherein the subscription information also includes usage rights obtained according to different subscription conditions, including rights to forward, download, copy, and print the decrypted digital periodical content And the number of registered clients is limited, and the subscription conditions include charging conditions. 10. The method according to claim 1, wherein the server combines the license file and the encrypted digital periodical content into one file and pushes it to the client of the subscriber. 11. The method of claim 1, further comprising: The subscriber sends a request to the server to delete a device from any one of its registered multiple clients, and the deletion request includes the hardware information of the device sending the deletion request, the prompt information corresponding to the hardware information, and the device to be deleted. device notifications, After receiving the deletion request, the server deletes the hardware information of the device to be deleted and the prompt information corresponding to the hardware information from the original registration information, thereby obtaining updated registration information, and uses the updated registration information and the protection The key generates a license file, and then pushes the license file and encrypted digital journal content to the subscriber's registered client. 12. The method according to claim 11, further comprising: the client encrypts and concatenates the deletion request to send it as a parameter to the server. 13. The method of claim 1, further comprising: Subscribing users send a request for adding devices to the server from any one of the multiple clients they have registered. The request includes the hardware information of the device sending the request, the prompt information corresponding to the hardware information, and the device to be added. The hardware information of the device and the prompt information corresponding to the hardware information, the hardware information of the device to be added and the prompt information corresponding to the hardware information are collected by the client device sending the increase request, After receiving the increase request, the server adds the hardware information of the device to be added and the prompt information corresponding to the hardware information to the original registration information, thereby obtaining updated registration information, and uses the updated registration information and the protection The key generates a license file, and then pushes the license file and encrypted digital journal content to the subscriber's registered client. 14. The method according to claim 13, further comprising: the client encrypts and concatenates the adding request to send it as a parameter to the server. 15. The method according to claim 1, wherein the hardware information of each client device includes characteristic information of n related hardware configurations of the client device, including n ₀ that does not exist on the client device Characteristic information of a relevant hardware configuration. 16. The method according to claim 15, wherein the step of the server generating the license file in the step 2 comprises: According to the received hardware information, select the value of the threshold parameter t in the (t, n) threshold scheme: where t represents the threshold for the number of valid subkeys; dividing the protection key into n shared subkeys; For each client device, bind the n shared subkeys with the hardware configuration of the device, that is, use the received feature information of the n hardware configurations of the device to generate n encryption keys, which are used to n shared subkeys or the n information strings obtained after the n shared subkeys are transformed one by one are encrypted, and the validity verification information of each shared subkey is generated at the same time; the value of the threshold parameter t, the encrypted The shared subkey and its validity verification information form an encrypted message; the encrypted message and the prompt message for decrypting the encrypted message together generate an authorization license; Combine the generated licenses into one license file. 17. The method according to claim 16, wherein said step 3 comprises: Find the corresponding authorization license in the license file according to the prompt information used when the client registers; Extract characteristic information of n related hardware configurations of the client device, and use these characteristic information to generate n decryption keys, which are respectively used for n shared subkeys or n pieces of information in the encrypted information in the license string to decrypt; According to the validity check information of each shared subkey and the (t, n) threshold scheme, the validity of each decrypted shared subkey is checked. If there are t or more valid shared subkeys, then according to These valid subkeys restore the protection key of the digital periodical content, and use the protection key to decrypt the encrypted digital periodical content, otherwise the key recovery fails. 18. A digital periodical subscription system with copyright protection, the system comprising: A plurality of clients for subscribing on which users register with the server and subscribe to digital periodicals, and then send the registration information and subscription information to the server, the registration information including hardware information of the client device and corresponding information of the hardware information Prompt information, the prompt information is the device name of the client device or the name input by the user, and the subscription information includes the subscription user information, the subscribed periodical name and the subscription start and end period; when the license file and the encrypted When downloading digital periodical content, decrypt the encrypted digital periodical content according to the license file, the hardware information used during registration, and the prompt information corresponding to the hardware information; and The server is used to use the protection key to encrypt the subscribed digital periodical content, and for subscribers whose issue date is within the start and end period of their subscription, according to the protection key and the hardware information in the registration information received from the client, and The prompt information corresponding to the hardware information generates a license file, and then pushes the license file and encrypted digital periodical content to the client of the subscriber; The servers include: The subscription processing unit is used to receive registration information and subscription information from the client, and send the registration information and subscription information to the periodical encryption and authorization unit; The periodical encryption and authorization unit is used to encrypt the content of digital periodicals with the protection key, and for subscribers whose issue date is within the start and end period of their subscription, according to the protection key and the hardware in the registration information received from the client information and prompt information corresponding to the hardware information to generate a license file; and a push unit, used to push the license file and the encrypted digital periodical content to the client; The periodical encryption and authorization unit includes: The periodical content unit is used to encrypt the digital periodical content by using the protection key, and send the protection key to the encryption key unit, and send the encrypted digital periodical content to the pushing unit; An encryption key unit for generating an encryption key using hardware information received from the subscription processing unit to encrypt the protection key received from the periodical content unit to form an encrypted message, and to send the encrypted message to the license file generating unit , send the encryption key to the subscribing client information unit; A subscription client information unit, configured to generate a corresponding relationship between the prompt information received from the subscription processing unit and the encryption key received from the encryption key unit; A license file generation unit, configured to generate an authorization license by using the corresponding relationship received from the subscription client information unit, the prompt information received from the subscription processing unit and the encrypted information received from the encryption key unit, and generate multiple authorizations License merge to generate a license file, and then send the license file to the push unit; The clients include: The acquisition unit collects the hardware information of the client's own equipment and the prompt information corresponding to the hardware information, and sends the hardware information and the prompt information as a registration information to the registration unit; A registration unit through which subscribers register and subscribe to digital periodicals, and send the subscription information and registration information to the server; The receiving unit is used to receive the license file and encrypted digital periodical content pushed from the server, and send the license file to the protection key unit, and send the encrypted digital periodical content to the decryption digital periodical unit; The protection key unit is used to find the corresponding authorization license in the license file according to the prompt information used during registration, and use the hardware information of the client to generate a decryption key to decrypt the encrypted information in the authorization license to obtain the protection key , and send the protection key to the decryption digital journal unit; and decrypting the digital periodical unit, using the protection key received from the protection key unit to decrypt the encrypted digital periodical content received from the receiving unit; The protection key unit includes: The license extraction unit is used to find the corresponding authorization license in the license file received from the receiving unit according to the prompt information used during registration, obtain the corresponding encrypted information from the authorization license, and send the encrypted information to the decryption protection key unit; The decryption protection key unit uses the hardware information of the client to generate a decryption key to decrypt the encrypted information received from the license extraction unit to obtain the protection key. 19. The system according to claim 18, wherein the collecting unit collects the hardware information of its own device, the hardware information of other client devices registered by the subscribing user, and the prompt information corresponding to these hardware information, and Send the hardware information and prompt information as a piece of registration information to the registration unit. 20. The system according to claim 18, wherein the server combines the license file and the encrypted digital periodical content into one file and pushes it to the client of the subscriber. 21. The system according to claim 18, wherein the subscribing user sends a request to the server to delete the device from any one of the multiple registered clients, and the deletion request includes the ID of the device sending the deletion request Hardware information, prompt information corresponding to the hardware information, and prompt information of the device to be deleted, After receiving the deletion request, the server deletes the hardware information of the device to be deleted and the prompt information corresponding to the hardware information from the original registration information, thereby obtaining updated registration information, and uses the updated registration information and the protection The key generates a license file, and then pushes the license file and encrypted digital journal content to the subscriber's registered client. 22. The system according to claim 21, wherein the client encrypts and concatenates the delete request to send it to the server as a parameter. 23. The system according to claim 18, characterized in that, the subscribing user sends a request for adding a device to the server from any one of a plurality of registered clients, and the request for adding includes the ID of the device sending the request for adding The hardware information and the prompt information corresponding to the hardware information, the hardware information of the device to be added and the prompt information corresponding to the hardware information, the hardware information of the device to be added and the prompt information corresponding to the hardware information are sent by The device collection of the increase request, After receiving the increase request, the server adds the hardware information of the device to be added and the prompt information corresponding to the hardware information to the original registration information, thereby obtaining updated registration information, and uses the updated registration information and the protection The key generates a license file, and then pushes the license file and encrypted digital journal content to the subscriber's registered client. 24. The system according to claim 23, wherein the client encrypts and concatenates the adding request to send it to the server as a parameter. 25. The system according to claim 18, wherein the hardware information of each client device includes characteristic information of n related hardware configurations of the client device, including n ₀ that does not exist on the client device Characteristic information of a relevant hardware configuration. 26. The system according to claim 25, wherein the step of generating the license file by the server comprises: According to the received hardware information, select the value of the threshold parameter t in the (t, n) threshold scheme: where t represents the threshold for the number of valid subkeys; dividing the protection key into n shared subkeys; For each client device, bind the n shared subkeys with the hardware configuration of the device, that is, use the received feature information of the n hardware configurations of the device to generate n encryption keys, which are used to n shared subkeys or the n information strings obtained after the n shared subkeys are transformed one by one are encrypted, and the validity verification information of each shared subkey is generated at the same time; the value of the threshold parameter t, the encrypted The shared subkey and its validity verification information form an encrypted message; the encrypted message and the prompt message for decrypting the encrypted message together generate an authorization license; Combine the generated licenses into one license file. 27. The system according to claim 26, wherein the server performs the following decryption steps: Find the corresponding authorization license in the license file according to the prompt information used when the client registers; Extract characteristic information of n related hardware configurations of the client device, and use these characteristic information to generate n decryption keys, which are respectively used for n shared subkeys or n pieces of information in the encrypted information in the license string to decrypt; According to the validity check information of each shared subkey and the (t, n) threshold scheme, the validity of each decrypted shared subkey is checked. If there are t or more valid shared subkeys, then according to These valid subkeys restore the protection key of the digital periodical content, and use the protection key to decrypt the encrypted digital periodical content, otherwise the key recovery fails.