CA2408232C - Method and apparatus for enabling random access to individual pictures in an encrypted video stream - Google Patents
Method and apparatus for enabling random access to individual pictures in an encrypted video stream Download PDFInfo
- Publication number
- CA2408232C CA2408232C CA002408232A CA2408232A CA2408232C CA 2408232 C CA2408232 C CA 2408232C CA 002408232 A CA002408232 A CA 002408232A CA 2408232 A CA2408232 A CA 2408232A CA 2408232 C CA2408232 C CA 2408232C
- Authority
- CA
- Canada
- Prior art keywords
- transport packets
- data
- type
- transport
- packets
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000000034 method Methods 0.000 title claims description 35
- 238000002360 preparation method Methods 0.000 claims description 6
- 230000004044 response Effects 0.000 claims description 2
- 230000006870 function Effects 0.000 description 6
- 238000012545 processing Methods 0.000 description 6
- 238000013459 approach Methods 0.000 description 3
- 230000007246 mechanism Effects 0.000 description 3
- 238000012805 post-processing Methods 0.000 description 3
- 238000007781 pre-processing Methods 0.000 description 3
- 230000006978 adaptation Effects 0.000 description 2
- 230000008901 benefit Effects 0.000 description 2
- 230000015572 biosynthetic process Effects 0.000 description 2
- 238000004891 communication Methods 0.000 description 2
- 238000012937 correction Methods 0.000 description 2
- 238000013475 authorization Methods 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000006835 compression Effects 0.000 description 1
- 238000007906 compression Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 239000000284 extract Substances 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 238000002372 labelling Methods 0.000 description 1
- 230000003278 mimic effect Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 238000011144 upstream manufacturing Methods 0.000 description 1
- 230000035899 viability Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/23—Processing of content or additional data; Elementary server operations; Server middleware
- H04N21/238—Interfacing the downstream path of the transmission network, e.g. adapting the transmission rate of a video stream to network bandwidth; Processing of multiplex streams
- H04N21/2389—Multiplex stream processing, e.g. multiplex stream encrypting
- H04N21/23895—Multiplex stream processing, e.g. multiplex stream encrypting involving multiplex stream encryption
- H04N21/23897—Multiplex stream processing, e.g. multiplex stream encrypting involving multiplex stream encryption by partially encrypting, e.g. encrypting only the ending portion of a movie
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/23—Processing of content or additional data; Elementary server operations; Server middleware
- H04N21/234—Processing of video elementary streams, e.g. splicing of video streams or manipulating encoded video stream scene graphs
- H04N21/2347—Processing of video elementary streams, e.g. splicing of video streams or manipulating encoded video stream scene graphs involving video stream encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/23—Processing of content or additional data; Elementary server operations; Server middleware
- H04N21/238—Interfacing the downstream path of the transmission network, e.g. adapting the transmission rate of a video stream to network bandwidth; Processing of multiplex streams
- H04N21/2387—Stream processing in response to a playback request from an end-user, e.g. for trick-play
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/47—End-user applications
- H04N21/472—End-user interface for requesting content, additional data or services; End-user interface for interacting with content, e.g. for content reservation or setting reminders, for requesting event notification, for manipulating displayed content
- H04N21/47202—End-user interface for requesting content, additional data or services; End-user interface for interacting with content, e.g. for content reservation or setting reminders, for requesting event notification, for manipulating displayed content for requesting content on demand, e.g. video on demand
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N7/00—Television systems
- H04N7/16—Analogue secrecy systems; Analogue subscription systems
- H04N7/167—Systems rendering the television signal unintelligible and subsequently intelligible
- H04N7/1675—Providing digital key or authorisation information for generation or regeneration of the scrambling sequence
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N7/00—Television systems
- H04N7/16—Analogue secrecy systems; Analogue subscription systems
- H04N7/173—Analogue secrecy systems; Analogue subscription systems with two-way working, e.g. subscriber sending a programme selection signal
- H04N7/17309—Transmission or handling of upstream communications
- H04N7/17318—Direct or substantially direct transmission and handling of requests
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N7/00—Television systems
- H04N7/16—Analogue secrecy systems; Analogue subscription systems
- H04N7/173—Analogue secrecy systems; Analogue subscription systems with two-way working, e.g. subscriber sending a programme selection signal
- H04N7/17309—Transmission or handling of upstream communications
- H04N7/17336—Handling of requests in head-ends
Landscapes
- Engineering & Computer Science (AREA)
- Multimedia (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Databases & Information Systems (AREA)
- Human Computer Interaction (AREA)
- Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
Abstract
A system for providing conditional access to packetized picture (video), audio or other data. The system selectively encrypts packetized data (105) such that transport packets (130, 150) that include header data (131, 151) are unencrypted, while all other transport packets (140, 141) that do not include header data are encrypted. This allows the transport packets with the header data (130, 150) to be randomly accessed from a memory (230, 310), which is particularly advantageous for performing "trick modes", such as fast forward and fast reverse, e.g., in a video-on-demand service. After the transport packets are selectively encrypted and stored, transport scrambling and control bits (132, 142, 152) for each packet (130, 140, 150) can be accessed to determine whether the packet is encrypted, and consequently, whether the packet includes header data. If a packet includes header data, it is suitable for use in a trick mode since it provides data from the start of a video, audio or other data packet.
Description
METHOD AND APPARATUS FOR ENABLING RANDOM ACCESS TO
INDIVIDUAL PICTURES IN AN ENCRYPTED VIDEO STREAM
BACKGROUND OF THE INVENTION
The present invention relates to an encrypted paclcetized data processing system. The invention is particularly suited for use in a video-on-demand (VOD) system wherein motion control ("trick modes"), such as fast forward and fast reverse modes, are required.
Video-on-demand (VOD) is an interactive video service typically provided over a point-to-multipoint distribution system, such as a cable television system.
With VOD, a subscriber can order video (such as a movie, sport event or the lilce) or other types of content at any time, without adhering to a pre-defined showing schedule. A full-function VOD system provides the subscriber with Video Cassette Recorder (VCR)-like motion control functions, such as pause (freeze frame), fast forward, fast reverse, and slow reverse. These functions, variously known as tricl~ play, trick mode, or motion control, enhance the subscriber's viewing experience and mimic (or exceed) the level of control subscribers expect from conventional video tapes, such as those which can be commonly purchased or rented.
In a VOD system, content is stored in video servers, which are specialized high-capacity file servers. The content is played from stored files upon purchase by a subscriber. To facilitate remultiplexing and error correction, digital video content is typically packetized into fixed-size units. Such is that case in the popular MPEG-2 standard (ITU-T Rec. H.222.0 ISO/IEC 13818) used in digital television.
To perform motion control, a video server controller responds to motion control commands from set-s top boxes and Changes the way content is played back.
In fast forward and fast reverse, the video server will skip selected pictures to create a sped-up version of the video. Depending on the method employed, it may be necessary to have fast, random access to the individual pictures in a video file. To reduce storage requirements and to allow flexible control of the speed-up factor, pictures in fast forward and fast reverse sequences are often extracted in real time from the normal video file, which contains all pictures in the movie or other program.
There are two ways to search for pictures to be displayed in a scan forward/backward sequence. The first is to scan the main video file sequentially looking for starts of pictures. The other method is to build an auxiliary index file to the start points of pictures in the main video file.
However, another concern is controlling access to the VOD programming, e.g., to maintain the financial viability of the system. Specifically, a conditional access scheme is implemented to deny access to services or content by unauthorized parties. Conditional access requires a trustworthy mechanism for classifying users into different groups, and an enforcement mechanism for denying access to groups of unauthorized users.
Encryption is often used to control access to the content carried by carrier signals. The conventional approach to encrypting content for VOD distribution is to have real-time encrypting devices on the delivery path between the video server and the subscribers. This approach works well when the number of subscribers is relatively small. However, as the number of subscribers increases, the number of encrypting devices and their physical space requirements become burdensome. This space problem does not exist with traditional broadcast type services because the same content stream is shared by all subscribers and the number of encrypting devices does not increase with the number of subscribers.
An alternative to real-time encryption of VOD
content is off-line, pre-encryption. In this approach, video content is processed and encrypted before it is loaded into video servers. The advantage of pre-encryption is that it removes the need for encrypting devices on the video delivery path, thus making VOD
service substantially less expensive and more~scalable.
The pre-encryption can be done centrally at a content preparation site, which is separate from the locations (headends) at which the VOD service is deployed. Once video is pre-encrypted at the central site, the same encrypted copies can be distributed to multiple headends where VOD is deployed.
However, pre-encrypting VOD content creates a problem: it interferes with the detection of the location of the starting point of individual pictures in a video file. In general, video servers do not have the capability or authorization to decrypt pre-encrypted video content. As a result, they cannot locate individual pictures in an encrypted video file just by scanning the file. A similar problem is confronted when the encrypted content is stored at a decoder prior to display, where it is time consuming and computationally intensive to have to decrypt all of the pictures to locate specific pictures.
Accordingly, it would be desirable to provide a system that addresses the above problems.
The system should enable random access to individual pictures in an encrypted video file for use in modes such as fast forward, fast reverse, pause, resume, slow motion (forward or reverse), frame-by-frame or other incremental frame advance or scan (e. g., advancing N frames at a time, where N>1), and the like.
The system should allow a secure video-on-demand system to be deployed at a reduced cost.
The system should be compatible with packeti~ed data communication schemes, such as MPG-2.
The invention should be compatible with a user device that stores an encrypted video file, such as a personal video recorder (PVR), personal computer hard disk or the like.
The present invention provides a system having the above and other advantages.
SUNl~2ARY OF THE INVENTION
The present invention relates to an encrypted packetized data processing system.
In accordance with one aspect of the invention, a 5 particular method for providing at least partially encrypted packetized data includes the step of receiving input digital data from a data source, such as a video server. The input digital data includes a plurality of encoded data segments with respective data headers, such as found in an MPEG-compatible Packetized Elementary Stream (PES) packet. The input digital data is subdivided for transport in successive transport packets such that at least two types of transport packets are provided, including a first type that includes at least a portion of an associated data header, and a second type that includes at least a portion of an associated encoded data segment but does not include any portion of the data headers.
The second type of transport packets are encrypted, while leaving the first type of transport packets unencrypted. Identifiers are provided for the respective transport packets to indicate whether the respective transport paclcet is encrypted or unencrypted.
This allows the transport packets with the header data to be randomly accessed from a memory, which is particularly advantageous for performing "trick modes", such as fast forward and fast reverse, e.g., in a video-on-demand service. If a packet includes header data, it is suitable for use in a trick mode since it provides data from the start of a video, audio or other data packet.
INDIVIDUAL PICTURES IN AN ENCRYPTED VIDEO STREAM
BACKGROUND OF THE INVENTION
The present invention relates to an encrypted paclcetized data processing system. The invention is particularly suited for use in a video-on-demand (VOD) system wherein motion control ("trick modes"), such as fast forward and fast reverse modes, are required.
Video-on-demand (VOD) is an interactive video service typically provided over a point-to-multipoint distribution system, such as a cable television system.
With VOD, a subscriber can order video (such as a movie, sport event or the lilce) or other types of content at any time, without adhering to a pre-defined showing schedule. A full-function VOD system provides the subscriber with Video Cassette Recorder (VCR)-like motion control functions, such as pause (freeze frame), fast forward, fast reverse, and slow reverse. These functions, variously known as tricl~ play, trick mode, or motion control, enhance the subscriber's viewing experience and mimic (or exceed) the level of control subscribers expect from conventional video tapes, such as those which can be commonly purchased or rented.
In a VOD system, content is stored in video servers, which are specialized high-capacity file servers. The content is played from stored files upon purchase by a subscriber. To facilitate remultiplexing and error correction, digital video content is typically packetized into fixed-size units. Such is that case in the popular MPEG-2 standard (ITU-T Rec. H.222.0 ISO/IEC 13818) used in digital television.
To perform motion control, a video server controller responds to motion control commands from set-s top boxes and Changes the way content is played back.
In fast forward and fast reverse, the video server will skip selected pictures to create a sped-up version of the video. Depending on the method employed, it may be necessary to have fast, random access to the individual pictures in a video file. To reduce storage requirements and to allow flexible control of the speed-up factor, pictures in fast forward and fast reverse sequences are often extracted in real time from the normal video file, which contains all pictures in the movie or other program.
There are two ways to search for pictures to be displayed in a scan forward/backward sequence. The first is to scan the main video file sequentially looking for starts of pictures. The other method is to build an auxiliary index file to the start points of pictures in the main video file.
However, another concern is controlling access to the VOD programming, e.g., to maintain the financial viability of the system. Specifically, a conditional access scheme is implemented to deny access to services or content by unauthorized parties. Conditional access requires a trustworthy mechanism for classifying users into different groups, and an enforcement mechanism for denying access to groups of unauthorized users.
Encryption is often used to control access to the content carried by carrier signals. The conventional approach to encrypting content for VOD distribution is to have real-time encrypting devices on the delivery path between the video server and the subscribers. This approach works well when the number of subscribers is relatively small. However, as the number of subscribers increases, the number of encrypting devices and their physical space requirements become burdensome. This space problem does not exist with traditional broadcast type services because the same content stream is shared by all subscribers and the number of encrypting devices does not increase with the number of subscribers.
An alternative to real-time encryption of VOD
content is off-line, pre-encryption. In this approach, video content is processed and encrypted before it is loaded into video servers. The advantage of pre-encryption is that it removes the need for encrypting devices on the video delivery path, thus making VOD
service substantially less expensive and more~scalable.
The pre-encryption can be done centrally at a content preparation site, which is separate from the locations (headends) at which the VOD service is deployed. Once video is pre-encrypted at the central site, the same encrypted copies can be distributed to multiple headends where VOD is deployed.
However, pre-encrypting VOD content creates a problem: it interferes with the detection of the location of the starting point of individual pictures in a video file. In general, video servers do not have the capability or authorization to decrypt pre-encrypted video content. As a result, they cannot locate individual pictures in an encrypted video file just by scanning the file. A similar problem is confronted when the encrypted content is stored at a decoder prior to display, where it is time consuming and computationally intensive to have to decrypt all of the pictures to locate specific pictures.
Accordingly, it would be desirable to provide a system that addresses the above problems.
The system should enable random access to individual pictures in an encrypted video file for use in modes such as fast forward, fast reverse, pause, resume, slow motion (forward or reverse), frame-by-frame or other incremental frame advance or scan (e. g., advancing N frames at a time, where N>1), and the like.
The system should allow a secure video-on-demand system to be deployed at a reduced cost.
The system should be compatible with packeti~ed data communication schemes, such as MPG-2.
The invention should be compatible with a user device that stores an encrypted video file, such as a personal video recorder (PVR), personal computer hard disk or the like.
The present invention provides a system having the above and other advantages.
SUNl~2ARY OF THE INVENTION
The present invention relates to an encrypted packetized data processing system.
In accordance with one aspect of the invention, a 5 particular method for providing at least partially encrypted packetized data includes the step of receiving input digital data from a data source, such as a video server. The input digital data includes a plurality of encoded data segments with respective data headers, such as found in an MPEG-compatible Packetized Elementary Stream (PES) packet. The input digital data is subdivided for transport in successive transport packets such that at least two types of transport packets are provided, including a first type that includes at least a portion of an associated data header, and a second type that includes at least a portion of an associated encoded data segment but does not include any portion of the data headers.
The second type of transport packets are encrypted, while leaving the first type of transport packets unencrypted. Identifiers are provided for the respective transport packets to indicate whether the respective transport paclcet is encrypted or unencrypted.
This allows the transport packets with the header data to be randomly accessed from a memory, which is particularly advantageous for performing "trick modes", such as fast forward and fast reverse, e.g., in a video-on-demand service. If a packet includes header data, it is suitable for use in a trick mode since it provides data from the start of a video, audio or other data packet.
In a further aspect of the invention, a method for decoding at least partially encrypted paclcetized data includes the step of receiving successive transport packets from a transport stream. The transport packets are formed by subdividing digital data that includes a plurality of encoded data segments with respective data headers into a first, encrypted type that includes at least a portion of an associated data header, and a second, unencrypted type that includes at least a portion of an associated encoded data segment but does not include any portion of the data headers.
Identifiers are provided for the respective transport packets to indicate whether the respective transport packet is encrypted or unencrypted.
The transport packets are stored in a-storage device, and the identifiers are used to randomly access the first type of transport pacltets from the storage device without performing decryption. For example, a personal video recorder or other user device that stores the partially encrypted transport packets may be used.
The packets are subsequently decrypted when the user desires to view the data.
Corresponding apparatuses are also presented.
Identifiers are provided for the respective transport packets to indicate whether the respective transport packet is encrypted or unencrypted.
The transport packets are stored in a-storage device, and the identifiers are used to randomly access the first type of transport pacltets from the storage device without performing decryption. For example, a personal video recorder or other user device that stores the partially encrypted transport packets may be used.
The packets are subsequently decrypted when the user desires to view the data.
Corresponding apparatuses are also presented.
BRIEF DESCRIPTION OF THE DRAWINGS
FIG. 1 illustrates the formation of transport packets in accordance with~the present invention.
FIG. 2 illustrates an encoder in accordance with the present invention.
FIG. 3 illustrates a user device/decoder in accordance with the present invention.
FIG. 1 illustrates the formation of transport packets in accordance with~the present invention.
FIG. 2 illustrates an encoder in accordance with the present invention.
FIG. 3 illustrates a user device/decoder in accordance with the present invention.
DETATLED DESCRTPTTON OF THE INVENTION
The present invention relates to an encrypted packetized data processing system.
FIG. 1 illustrates the formation of transport packets in accordance with the present invention.
To facilitate discussion, an implementation of the invention in a typical packetized digital video format, such as MPEG-2, is discussed. However, the present invention is applicable to other digital formats sharing similar features.
In the MPEG-2 format, video information is digitized and compressed before being encoded. The compression can be considered part of the encoding.
Compressed video from a program 100 is divided into variable-length units called Packetized Elementary Stream (PES) packets, such as PES packets 105 and 110, each of which contains a variable number of encoded pictures. For example, the PES packet 105 includes encoded pictures 119, 121, . . . , 124.
The example PES packet 105 has a header 116 and a payload portion 117. Moreover, each picture in the PES
packet 105 is prefixed by a header containing information about the picture. For example, the picture 119 has a header 118, the picture 121 has a header 120, and the picture 124 has a header 123.
For transmission and storage purposes, PES packets are further broken down into fixed-length units called transport packets, such as transport packets 130, 140 and 150. With the MPEG-2 standard, each transport packets comprises 188 bytes. Generally, the PES packet length is much larger than the size of a transport stream packet. Each transport paclcet has a header and a payload portion. The header of a transport packet contains, among other information, two transport scrambling control bits, which indicates the encryption ( scrambling) status of the paclcet .
In the MPEG-2 standard, the scrambling control bits are designated by the field "transport-scrambling-control". A scrambling control value of "00" indicate the transport packet is not scrambled, while the values "01", "10", and "11" can be user-defined. The value "11" is used herein as an example to designate a scrambled or encrypted transport packet. Any type of analogous scheme may be used to indicate the encryption status of a transport packet.
The transport packet 130 includes a header 131, scrambling control bits 132 (which indicate an unencrypted transport packet), and a payload 133. The transport packet 140 includes a header 141, scrambling control bits 142 (which indicate an encrypted transport packet), and a payload 143. The transport packet 150 includes a header 151, scrambling control bits 152 (which indicate an unencrypted transport packet), and a payload 153.
Each transport packet is formed by subdividing the contents of successive portions of a PES packet. For example, the payload 133 of the transport packet 130 comprises the PES header 116, picture header 118, and a portion of the picture data 119 of the PES payload 117.
The payload 143 of the transport packet 140 comprises a successive portion of the picture data 119 of the PES
payload 117. The payload 153 of the transport packet 150 comprises the picture header 120, and a portion of the picture data 121 of the PES payload 117, and so on.
Note that FIG. 1 is shown in simplified form since, in practice, the data from one picture is usually carried in the payloads of several transport packets.
5 Moreover, the amount of picture data (e. g., fields 119, 121, 124) is often much larger than the amount of the corresponding picture header data (e. g., fields 118, 120, 123, respectively). As a result, the majority of the transport packets will carry only picture data but 10 no picture header data, thereby resulting in most transport packets being encrypted, with relatively few transport packets being unencrypted. Thus, an unauthorized user who tunes to the mostly-encrypted program will not be able to watch the program with appreciable understanding.
The transport packets are assembled into a transport stream and transmitted to a user terminal (e.g., set-top box) typically via a satellite, cable or hybrid fiber/cable network, although communication via essentially any network, such as a computer network is also possible. If prepared at a central content preparation site, the transport stream may be provided to one or more headends before being provided to the user terminal.
Generally, the data can be prepared at a central preparation site, such as by a national supplier, at a headend, or each content vendor can arrange for its own content preparation, e.g., according to any special needs of its equipment.
As is known, a transport stream is a multiplex formed by interleaving transport packets belonging to one or more programs. Transport packets belonging to different programs in a transport stream are differentiated by a Packet Identifier (PID) in their headers. A single Program Transport Stream includes of transport packets of one program only.
FIG. 2 illustrates an encoder in accordance with the present invention. The encoder 200 comprises equipment for performing selective packet encryption.
The depicted equipment may be located at a central content preparation site or at a headend, for example.
The present invention overcomes the problem of locating picture start points caused by the use of pre-encryption. This is achieved, as discussed, by leaving selected (transport stream) packets unencrypted in a video file. The equipment set-up 200 to achieve this includes one or more digital video sources 210, a pre-processing workstation 215 for generating auxiliary data files and for labeling selected packets for encryption, an encryption device 220, an encryption device controller 205, an optional post-processing workstation 225 for processing encrypted video (e. g., to adjust timing information that may be perturbed by the encryption process), and a storage device 230 for storing the processed data prior to providing it to a headend or end user.
In the encoder set-up 200, the digital video source 210 supplies the digital video stream to be encrypted.
The video source may be a digital video encoder, or a file server playing back pre-encoded video files. The digital video stream is fed into the pre-processing workstation 215, whose main function is to identify and label transport packets for encryption. A packet is selected for encryption if it contains no picture header or portion thereof, and therefore need not be examined by the video server during motion control (trick modes).
Transport packets selected for encryption are labeled by having the transport scrambling control bits set to some special value (e.g., "11").
Packets to be left unencrypted are similarly labeled, using a different special value (e.g. "00").
The pre-processing step may optionally generate auxiliary data files used in the delivery of VOD
services.
Encryption of the pre-processed video stream is performed by the encryption device 220 under the control of the device controller 205, which is, in turn, responsive to encryption control parameters. Any suitable encryption scheme may be used. The encryption control parameters may include, e.g., information related to the program being encrypted, or the particular encryption session, or both. When encryption is performed, the encryption device 220 examines the transport scrambling control bits of each transport packet. Packets with those two bits set to, e.g., "00"
are left unencrypted, while packets with the bits set to, e.g., "11" are encrypted.
The output of the encryption device 220, which comprises a selectively-encrypted video stream, is optionally put through a post-processing stage (e. g., workstation 225) before being stored in the storage device 230. Post-processing may or may not be needed depending on the design and implementation of the VOD
service equipment.
To search for the starting point of pictures in a pre-encrypted video file during trick mode play, a video server scans the transport paclcets in a video file sequentially. The transport scrambling control bits in each transport packet headers indicate whether the packet is encrypted. If a packet is encrypted, it can be inferred that it contains no picture header. If a packet is unencrypted, the payload can be examined to locate the picture header.
A video server can still read other kinds of information embedded in a pre-encrypted video file, such as private data in an adaptation field of a transport packet header.
FIG. 3 illustrates a user device/decoder in accordance with the present invention.
Optionally, the program content can be temporarily stored at a user device/decoder prior to playing. The device may be a personal video recorder or other terminal or appliance in a user's home, or even a portable unit carried by the user or used in an automobile.
For example, rather than playing at a specified time under the control of a headend, a storage device containing the programming may be purchased or rented for subsequent re-play by the user. Under a purchase, scenario, the user may enjoy unlimited replays, while under a rental scenario, a fixed number of replays or an expiration date may be enforced.
Or, the user may be given the option of storing the transport stream prior to playing.
Thus, the user device/decoder 300 can be provided with the capability for providing motion control (e. g., trick modes).
The decoder 300 may include a demultiplexer (demux) 302 that receives a transport stream with the encrypted and unencrypted transport packets, such as those previously stored at the storage device 230 in FIG. 2, and optionally other programming services. Other necessary components, e.g., for demodulation, error correction, synchronization and the like are not shown, but should be apparent to those skilled in the art.
The demux 302 extracts the encrypted and unencrypted packets that belong to a particular program.
The extracted stream of packets either is stored in the memory 310, or is provided to a second demux 305, which separates the encrypted transport packets from the unencrypted transport packets. For example, an entire movie or the like may be stored in the memory 310 for subsequent retrieval and motion control. The memory 310 is analogous to the storage device 230 of FIG. 2.
The demux 305 includes a scrambling control bit identifier/detector 306 that identifies the scrambling control bits of each transport packet to determine if the packet is encrypted or unencrypted.
A control 335, such as a central processing unit (CPU), provide oversight of the various functions in the decoder 300.
A user interface 340 receives commands from a user, e.g., via a hand-held remote control, to view the content in a regular play mode or in a trick mode. In response to this request, the interface 340 provides a corresponding signal to the control 335, which commands the memory 310 to output the packets to the demux 305.
A video/audio/data processing function 320 receives unencrypted packets from the decryptor 315 and demux 305.
The data from the function 320 is provided to an output device 325, such as a television, personal computer, speakers, and so forth. The output device 325 may provide a graphical user interface (GUI) or other 5 mechanism to assist the user in playing the programming content in a normal or trick mode. The user may also place an order for the content via such an interface.
An optional upstream transmitter 330 transmits a user request, such ~as an order for VOD programming, to a 10 headend or other networlc control facility. The user request may travel over the same or different channel from which the transport stream was received.
It should now be appreciated that the present invention provides a system for providing conditional 15 access to packetized picture, audio or other data. The system selectively encrypts packetized data such that transport packets that include header data are unencrypted, while all other transport packets that do not include header data are encrypted. This allows the transport packets with the header data to be randomly accessed from a memory, which is particularly advantageous for performing triclt modes, such as fast forward and fast reverse, e.g., in a video on demand service.
In particular, after the transport packets are selectively encrypted and stored, transport scrambling and control bits for each packet can be accessed to determine whether the packet is encrypted, and consequently, whether the packet includes header data.
If a packet includes header data, it is suitable for use in a trick mode since it provides data from the start of a video, audio or other data packet.
The present invention relates to an encrypted packetized data processing system.
FIG. 1 illustrates the formation of transport packets in accordance with the present invention.
To facilitate discussion, an implementation of the invention in a typical packetized digital video format, such as MPEG-2, is discussed. However, the present invention is applicable to other digital formats sharing similar features.
In the MPEG-2 format, video information is digitized and compressed before being encoded. The compression can be considered part of the encoding.
Compressed video from a program 100 is divided into variable-length units called Packetized Elementary Stream (PES) packets, such as PES packets 105 and 110, each of which contains a variable number of encoded pictures. For example, the PES packet 105 includes encoded pictures 119, 121, . . . , 124.
The example PES packet 105 has a header 116 and a payload portion 117. Moreover, each picture in the PES
packet 105 is prefixed by a header containing information about the picture. For example, the picture 119 has a header 118, the picture 121 has a header 120, and the picture 124 has a header 123.
For transmission and storage purposes, PES packets are further broken down into fixed-length units called transport packets, such as transport packets 130, 140 and 150. With the MPEG-2 standard, each transport packets comprises 188 bytes. Generally, the PES packet length is much larger than the size of a transport stream packet. Each transport paclcet has a header and a payload portion. The header of a transport packet contains, among other information, two transport scrambling control bits, which indicates the encryption ( scrambling) status of the paclcet .
In the MPEG-2 standard, the scrambling control bits are designated by the field "transport-scrambling-control". A scrambling control value of "00" indicate the transport packet is not scrambled, while the values "01", "10", and "11" can be user-defined. The value "11" is used herein as an example to designate a scrambled or encrypted transport packet. Any type of analogous scheme may be used to indicate the encryption status of a transport packet.
The transport packet 130 includes a header 131, scrambling control bits 132 (which indicate an unencrypted transport packet), and a payload 133. The transport packet 140 includes a header 141, scrambling control bits 142 (which indicate an encrypted transport packet), and a payload 143. The transport packet 150 includes a header 151, scrambling control bits 152 (which indicate an unencrypted transport packet), and a payload 153.
Each transport packet is formed by subdividing the contents of successive portions of a PES packet. For example, the payload 133 of the transport packet 130 comprises the PES header 116, picture header 118, and a portion of the picture data 119 of the PES payload 117.
The payload 143 of the transport packet 140 comprises a successive portion of the picture data 119 of the PES
payload 117. The payload 153 of the transport packet 150 comprises the picture header 120, and a portion of the picture data 121 of the PES payload 117, and so on.
Note that FIG. 1 is shown in simplified form since, in practice, the data from one picture is usually carried in the payloads of several transport packets.
5 Moreover, the amount of picture data (e. g., fields 119, 121, 124) is often much larger than the amount of the corresponding picture header data (e. g., fields 118, 120, 123, respectively). As a result, the majority of the transport packets will carry only picture data but 10 no picture header data, thereby resulting in most transport packets being encrypted, with relatively few transport packets being unencrypted. Thus, an unauthorized user who tunes to the mostly-encrypted program will not be able to watch the program with appreciable understanding.
The transport packets are assembled into a transport stream and transmitted to a user terminal (e.g., set-top box) typically via a satellite, cable or hybrid fiber/cable network, although communication via essentially any network, such as a computer network is also possible. If prepared at a central content preparation site, the transport stream may be provided to one or more headends before being provided to the user terminal.
Generally, the data can be prepared at a central preparation site, such as by a national supplier, at a headend, or each content vendor can arrange for its own content preparation, e.g., according to any special needs of its equipment.
As is known, a transport stream is a multiplex formed by interleaving transport packets belonging to one or more programs. Transport packets belonging to different programs in a transport stream are differentiated by a Packet Identifier (PID) in their headers. A single Program Transport Stream includes of transport packets of one program only.
FIG. 2 illustrates an encoder in accordance with the present invention. The encoder 200 comprises equipment for performing selective packet encryption.
The depicted equipment may be located at a central content preparation site or at a headend, for example.
The present invention overcomes the problem of locating picture start points caused by the use of pre-encryption. This is achieved, as discussed, by leaving selected (transport stream) packets unencrypted in a video file. The equipment set-up 200 to achieve this includes one or more digital video sources 210, a pre-processing workstation 215 for generating auxiliary data files and for labeling selected packets for encryption, an encryption device 220, an encryption device controller 205, an optional post-processing workstation 225 for processing encrypted video (e. g., to adjust timing information that may be perturbed by the encryption process), and a storage device 230 for storing the processed data prior to providing it to a headend or end user.
In the encoder set-up 200, the digital video source 210 supplies the digital video stream to be encrypted.
The video source may be a digital video encoder, or a file server playing back pre-encoded video files. The digital video stream is fed into the pre-processing workstation 215, whose main function is to identify and label transport packets for encryption. A packet is selected for encryption if it contains no picture header or portion thereof, and therefore need not be examined by the video server during motion control (trick modes).
Transport packets selected for encryption are labeled by having the transport scrambling control bits set to some special value (e.g., "11").
Packets to be left unencrypted are similarly labeled, using a different special value (e.g. "00").
The pre-processing step may optionally generate auxiliary data files used in the delivery of VOD
services.
Encryption of the pre-processed video stream is performed by the encryption device 220 under the control of the device controller 205, which is, in turn, responsive to encryption control parameters. Any suitable encryption scheme may be used. The encryption control parameters may include, e.g., information related to the program being encrypted, or the particular encryption session, or both. When encryption is performed, the encryption device 220 examines the transport scrambling control bits of each transport packet. Packets with those two bits set to, e.g., "00"
are left unencrypted, while packets with the bits set to, e.g., "11" are encrypted.
The output of the encryption device 220, which comprises a selectively-encrypted video stream, is optionally put through a post-processing stage (e. g., workstation 225) before being stored in the storage device 230. Post-processing may or may not be needed depending on the design and implementation of the VOD
service equipment.
To search for the starting point of pictures in a pre-encrypted video file during trick mode play, a video server scans the transport paclcets in a video file sequentially. The transport scrambling control bits in each transport packet headers indicate whether the packet is encrypted. If a packet is encrypted, it can be inferred that it contains no picture header. If a packet is unencrypted, the payload can be examined to locate the picture header.
A video server can still read other kinds of information embedded in a pre-encrypted video file, such as private data in an adaptation field of a transport packet header.
FIG. 3 illustrates a user device/decoder in accordance with the present invention.
Optionally, the program content can be temporarily stored at a user device/decoder prior to playing. The device may be a personal video recorder or other terminal or appliance in a user's home, or even a portable unit carried by the user or used in an automobile.
For example, rather than playing at a specified time under the control of a headend, a storage device containing the programming may be purchased or rented for subsequent re-play by the user. Under a purchase, scenario, the user may enjoy unlimited replays, while under a rental scenario, a fixed number of replays or an expiration date may be enforced.
Or, the user may be given the option of storing the transport stream prior to playing.
Thus, the user device/decoder 300 can be provided with the capability for providing motion control (e. g., trick modes).
The decoder 300 may include a demultiplexer (demux) 302 that receives a transport stream with the encrypted and unencrypted transport packets, such as those previously stored at the storage device 230 in FIG. 2, and optionally other programming services. Other necessary components, e.g., for demodulation, error correction, synchronization and the like are not shown, but should be apparent to those skilled in the art.
The demux 302 extracts the encrypted and unencrypted packets that belong to a particular program.
The extracted stream of packets either is stored in the memory 310, or is provided to a second demux 305, which separates the encrypted transport packets from the unencrypted transport packets. For example, an entire movie or the like may be stored in the memory 310 for subsequent retrieval and motion control. The memory 310 is analogous to the storage device 230 of FIG. 2.
The demux 305 includes a scrambling control bit identifier/detector 306 that identifies the scrambling control bits of each transport packet to determine if the packet is encrypted or unencrypted.
A control 335, such as a central processing unit (CPU), provide oversight of the various functions in the decoder 300.
A user interface 340 receives commands from a user, e.g., via a hand-held remote control, to view the content in a regular play mode or in a trick mode. In response to this request, the interface 340 provides a corresponding signal to the control 335, which commands the memory 310 to output the packets to the demux 305.
A video/audio/data processing function 320 receives unencrypted packets from the decryptor 315 and demux 305.
The data from the function 320 is provided to an output device 325, such as a television, personal computer, speakers, and so forth. The output device 325 may provide a graphical user interface (GUI) or other 5 mechanism to assist the user in playing the programming content in a normal or trick mode. The user may also place an order for the content via such an interface.
An optional upstream transmitter 330 transmits a user request, such ~as an order for VOD programming, to a 10 headend or other networlc control facility. The user request may travel over the same or different channel from which the transport stream was received.
It should now be appreciated that the present invention provides a system for providing conditional 15 access to packetized picture, audio or other data. The system selectively encrypts packetized data such that transport packets that include header data are unencrypted, while all other transport packets that do not include header data are encrypted. This allows the transport packets with the header data to be randomly accessed from a memory, which is particularly advantageous for performing triclt modes, such as fast forward and fast reverse, e.g., in a video on demand service.
In particular, after the transport packets are selectively encrypted and stored, transport scrambling and control bits for each packet can be accessed to determine whether the packet is encrypted, and consequently, whether the packet includes header data.
If a packet includes header data, it is suitable for use in a trick mode since it provides data from the start of a video, audio or other data packet.
Although the invention has been described in connection with various specific embodiments, those skilled in the art will appreciate that numerous adaptations and modifications may be made thereto without departing from the spirit and scope of the invention as set forth in the claims.
For example, the selectively encrypted transport packets need not be transmitted to a subscriber terminal, but may be provided in a storage device for subsequent retrieval by a user, such as in a personal video recorder (PVR).
For example, the selectively encrypted transport packets need not be transmitted to a subscriber terminal, but may be provided in a storage device for subsequent retrieval by a user, such as in a personal video recorder (PVR).
Claims (31)
1. A method for providing at least partially encrypted packetized data, comprising the steps of:
(a) receiving input digital data from a data source;
wherein the input digital data includes a plurality of encoded data segments with respective data headers;
(b) subdividing the input digital data for transport in successive transport packets such that at least two types of transport packets are provided, including a first type that includes at least a portion of the associated data header, and a second type that includes at least a portion of an associated encoded data segment but does not include any portion of the data headers;
(c) encrypting the second type of transport packets while leaving the first type of transport packets unencrypted; and (d) providing identifiers for the respective transport packets to indicate whether the respective transport packet is encrypted or unencrypted.
(a) receiving input digital data from a data source;
wherein the input digital data includes a plurality of encoded data segments with respective data headers;
(b) subdividing the input digital data for transport in successive transport packets such that at least two types of transport packets are provided, including a first type that includes at least a portion of the associated data header, and a second type that includes at least a portion of an associated encoded data segment but does not include any portion of the data headers;
(c) encrypting the second type of transport packets while leaving the first type of transport packets unencrypted; and (d) providing identifiers for the respective transport packets to indicate whether the respective transport packet is encrypted or unencrypted.
2. The method of claim 1, wherein:
at least one of the second type of transport packets includes data from a plurality of the data segments.
at least one of the second type of transport packets includes data from a plurality of the data segments.
3. The method of claim 1 or 2, wherein:
the input digital data is received in packetized elementary stream packets.
the input digital data is received in packetized elementary stream packets.
4. The method of one of claims 1 to 3, wherein:
the identifiers are provided in respective headers of the respective transport packets.
the identifiers are provided in respective headers of the respective transport packets.
5. The method of one of claims 1 to 4, comprising the further step of:
storing the transport packets in a storage device;
wherein the identifiers enable the first type of transport packets to be randomly accessed from the storage device without performing decryption.
storing the transport packets in a storage device;
wherein the identifiers enable the first type of transport packets to be randomly accessed from the storage device without performing decryption.
6. The method of claim 5, comprising the further step of:
randomly accessing at least one of the first type of transport packets to provide a trick mode for the transport packets.
randomly accessing at least one of the first type of transport packets to provide a trick mode for the transport packets.
7. The method of claim 6, wherein the trick mode comprises at least one of: fast forward, slow forward, fast reverse, slow reverse, pause, resume, and incremental frame motion.
8. The method of claim 5 or 6, wherein:
the storage device comprises a video server.
the storage device comprises a video server.
9. The method of one of claims 1 to 8, comprising the further steps of:
storing the transport packets in a storage device; and in response to a user request, retrieving the transport packets from the storage device and providing the retrieved transport packets to a user device via a network.
storing the transport packets in a storage device; and in response to a user request, retrieving the transport packets from the storage device and providing the retrieved transport packets to a user device via a network.
10. The method of claim 9, wherein:
the retrieved transport packets are provided to the user device in a video-on-demand service.
the retrieved transport packets are provided to the user device in a video-on-demand service.
11. The method of claim 9 or 10, comprising the further steps of:
providing information to the user for decrypting the second type of transport packets; and providing a display from the first type of transport packets, and the decrypted second type of transport packets.
providing information to the user for decrypting the second type of transport packets; and providing a display from the first type of transport packets, and the decrypted second type of transport packets.
12. The method of one of claims 1 to 11, wherein:
the data source comprises a digital video encoder.
the data source comprises a digital video encoder.
13. The method of one of claims 1 to 11, wherein:
the data source comprises a file server playing back pre-encoded video files.
the data source comprises a file server playing back pre-encoded video files.
14. The method of one of claims 1 to 13, wherein:
at least one of the first type of transport packets also includes at least a portion of an associated encoded data segment.
at least one of the first type of transport packets also includes at least a portion of an associated encoded data segment.
15. The method of one of claims 1 to 14, wherein:
the input digital data comprises at least one of video and audio data.
the input digital data comprises at least one of video and audio data.
16. The method of one of claims 1 to 15, wherein:
the transport packets with the respective identifiers are provided at a central content preparation site for subsequent distribution to at least one subscriber network headend.
the transport packets with the respective identifiers are provided at a central content preparation site for subsequent distribution to at least one subscriber network headend.
17. A method for decoding at least partially encrypted packetized data, comprising the steps of:
(a) receiving successive transport packets from a transport stream; wherein:
the transport packets are formed by subdividing digital data that includes a plurality of encoded data segments with respective data headers into at least two types of transport packets, including a first type that includes at least a portion of an associated data header, and a second type that includes at least a portion of an associated encoded data segment but does not include any portion of the data headers;
the second type of transport packets are encrypted while the first type of transport packets are unencrypted;
and identifiers are provided for the respective transport packets to indicate whether the respective transport packet is encrypted or unencrypted; and (b) using the identifiers to randomly access at least one of the first type of transport packets without performing decryption.
(a) receiving successive transport packets from a transport stream; wherein:
the transport packets are formed by subdividing digital data that includes a plurality of encoded data segments with respective data headers into at least two types of transport packets, including a first type that includes at least a portion of an associated data header, and a second type that includes at least a portion of an associated encoded data segment but does not include any portion of the data headers;
the second type of transport packets are encrypted while the first type of transport packets are unencrypted;
and identifiers are provided for the respective transport packets to indicate whether the respective transport packet is encrypted or unencrypted; and (b) using the identifiers to randomly access at least one of the first type of transport packets without performing decryption.
18. The method of claim 17, wherein:
at least some of the second type of transport packets include data from a plurality of the data segments.
at least some of the second type of transport packets include data from a plurality of the data segments.
19. The method of claim 17 or 18, wherein:
the digital data is subdivided from packetized elementary stream packets.
the digital data is subdivided from packetized elementary stream packets.
20. The method of one of claims 17 to 19, wherein said using step comprises the step of:
recovering the identifiers from the respective headers of the respective transport packets.
recovering the identifiers from the respective headers of the respective transport packets.
21. The method of one of claims 17 to 20, wherein:
at least one of the first type of transport packets is randomly accessed to provide a trick mode for the transport packets.
at least one of the first type of transport packets is randomly accessed to provide a trick mode for the transport packets.
22. The method of claim 21, wherein the trick mode comprises at least one of: fast forward, slow forward, fast reverse, slow reverse, pause, resume, and incremental frame motion.
23. The method of one of claims 17 to 22, wherein:
the storage device comprises a decoder memory.
the storage device comprises a decoder memory.
24. The method of one of claims 17 to 23, wherein:
the transport packets are provided to a user device in a video-on-demand service.
the transport packets are provided to a user device in a video-on-demand service.
25. The method of one of claims 17 to 24, comprising the further steps of:
decrypting the second type of transport packets; and providing a display from the first type of transport packets, and the decrypted second type of transport packets.
decrypting the second type of transport packets; and providing a display from the first type of transport packets, and the decrypted second type of transport packets.
26. The method of one of claims 17 to 25, wherein:
at least one of the first type of transport packets also includes at least a portion of an associated encoded data segment.
at least one of the first type of transport packets also includes at least a portion of an associated encoded data segment.
27. The method of one of claims 17 to 26, wherein:
the digital data comprises at least one of video and audio data.
the digital data comprises at least one of video and audio data.
28. An apparatus for providing at least partially encrypted packetized data, comprising:
means for receiving input digital data from a data source;
wherein the input digital data includes a plurality of encoded data segments with respective data headers;
subdividing the input digital data for transport in successive transport packets such that at least two types of transport packets are provided, including a first type that includes at least a portion of the associated data header, and a second type that includes at least a portion of an associated encoded data segment but does not include any portion of the data headers;
means for encrypting the second type of transport packets while leaving the first type of transport packets unencrypted; and means for providing identifiers for the respective transport packets to indicate whether the respective transport packet is encrypted or unencrypted.
means for receiving input digital data from a data source;
wherein the input digital data includes a plurality of encoded data segments with respective data headers;
subdividing the input digital data for transport in successive transport packets such that at least two types of transport packets are provided, including a first type that includes at least a portion of the associated data header, and a second type that includes at least a portion of an associated encoded data segment but does not include any portion of the data headers;
means for encrypting the second type of transport packets while leaving the first type of transport packets unencrypted; and means for providing identifiers for the respective transport packets to indicate whether the respective transport packet is encrypted or unencrypted.
29. An apparatus for decoding at least partially encrypted packetized data, comprising:
(a) means for receiving successive transport packets from a transport stream; wherein:
the transport packets are formed by subdividing digital data that includes a plurality of encoded data segments with respective data headers into at least two types of transport packets, including a first type that includes at least a portion of an associated data header, and a second type that includes at least a portion of an associated encoded data segment but does not include any portion of the data headers;
the second type of transport packets are encrypted while the first type of transport packets are unencrypted;
and identifiers are provided for the respective transport packets to indicate whether the respective transport packet is encrypted or unencrypted; and (b) means for using the identifiers to randomly access at least one of the first type of transport packets without performing decryption.
(a) means for receiving successive transport packets from a transport stream; wherein:
the transport packets are formed by subdividing digital data that includes a plurality of encoded data segments with respective data headers into at least two types of transport packets, including a first type that includes at least a portion of an associated data header, and a second type that includes at least a portion of an associated encoded data segment but does not include any portion of the data headers;
the second type of transport packets are encrypted while the first type of transport packets are unencrypted;
and identifiers are provided for the respective transport packets to indicate whether the respective transport packet is encrypted or unencrypted; and (b) means for using the identifiers to randomly access at least one of the first type of transport packets without performing decryption.
30. The method of claim 17 further comprising:
storing the transport packets in a storage device, wherein said identifiers are used to randomly access at least one of the first type of transport packets from the storage device without performing decryption.
storing the transport packets in a storage device, wherein said identifiers are used to randomly access at least one of the first type of transport packets from the storage device without performing decryption.
31. The apparatus of claim 29, further comprising:
means for storing the transport packets in a storage device, wherein said at least one of the first type of transport packets is randomly accessed from the storage device.
means for storing the transport packets in a storage device, wherein said at least one of the first type of transport packets is randomly accessed from the storage device.
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/US2000/011891 WO2002015579A1 (en) | 2000-05-02 | 2000-05-02 | Method and apparatus for enabling random access to individual pictures in an encrypted video stream |
Publications (2)
Publication Number | Publication Date |
---|---|
CA2408232A1 CA2408232A1 (en) | 2002-02-21 |
CA2408232C true CA2408232C (en) | 2008-01-15 |
Family
ID=21741343
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CA002408232A Expired - Fee Related CA2408232C (en) | 2000-05-02 | 2000-05-02 | Method and apparatus for enabling random access to individual pictures in an encrypted video stream |
Country Status (6)
Country | Link |
---|---|
EP (1) | EP1275250A1 (en) |
KR (1) | KR20020091254A (en) |
CN (1) | CN1452840A (en) |
AU (1) | AU2000248144A1 (en) |
CA (1) | CA2408232C (en) |
WO (1) | WO2002015579A1 (en) |
Families Citing this family (31)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7111169B2 (en) | 2001-03-29 | 2006-09-19 | Intel Corporation | Method and apparatus for content protection across a source-to-destination interface |
AU2003208588A1 (en) | 2002-02-22 | 2003-09-09 | Colin Davies | Scrambled packet stream processing |
CA2487319C (en) * | 2002-06-07 | 2009-01-06 | General Instrument Corporation | Seamless switching between multiple pre-encrypted video files |
EP1523822A4 (en) * | 2002-07-09 | 2011-08-31 | Kaleidescape Inc | Secure presentation of encrypted digital content |
CN1260642C (en) * | 2002-11-18 | 2006-06-21 | 深圳市朗科科技有限公司 | Method for transmitting command and data to portable storage device |
FR2848372B1 (en) * | 2002-12-09 | 2005-04-01 | Medialive | SYNCHRONIZATION OF SECURE AUDIOVISUAL FLOWS |
US20060285686A1 (en) * | 2002-12-20 | 2006-12-21 | Koninklijke Philips Electronics N.V. | Apparatus and method for processing streams |
EP1616401A4 (en) * | 2003-04-21 | 2012-01-04 | Rgb Networks Inc | Time-multiplexed multi-program encryption system |
GB2404467A (en) | 2003-07-31 | 2005-02-02 | Sony Uk Ltd | Access control for digital content |
US7343013B2 (en) * | 2003-12-16 | 2008-03-11 | Sony Corporation | Composite session-based encryption of video on demand content |
JP2005149029A (en) * | 2003-11-13 | 2005-06-09 | Matsushita Electric Ind Co Ltd | Content delivery system, content server, content receiving device, content delivery method, program and recording medium |
KR101244308B1 (en) * | 2003-12-08 | 2013-03-18 | 삼성전자주식회사 | Encoding Method for moving picture file and the Digital right management using the same |
CN100364332C (en) * | 2004-09-01 | 2008-01-23 | 华为技术有限公司 | Method for protecting broadband video-audio broadcasting content |
WO2006034464A1 (en) * | 2004-09-23 | 2006-03-30 | Thomson Licensing | Inserting metadata for trick play in video transport stream |
CN100505866C (en) * | 2004-10-28 | 2009-06-24 | 武汉大学 | A video information encrypting-decrypting method |
EP1900209A2 (en) | 2005-06-23 | 2008-03-19 | Panasonic Avionics Corporation | System and method for providing searchable data transport stream encryption |
US7646867B2 (en) * | 2005-09-09 | 2010-01-12 | Netapp, Inc. | System and/or method for encrypting data |
CN101079871B (en) * | 2006-09-29 | 2011-05-11 | 腾讯科技(深圳)有限公司 | Transparent transfer method and system of multimedia information stream |
US7929698B2 (en) | 2007-06-15 | 2011-04-19 | Sony Corporation | Selective encryption to enable trick play with enhanced security |
CN101453653B (en) * | 2007-12-07 | 2011-01-05 | 中兴通讯股份有限公司 | Method for spreading digital audio and video parameter set |
NO2286328T3 (en) | 2008-05-29 | 2015-01-03 | ||
US20100132007A1 (en) | 2008-11-25 | 2010-05-27 | Cisco Technology, Inc. | Accelerating channel change time with external picture property markings |
CN101783789B (en) * | 2009-01-16 | 2013-01-02 | 深圳市维信联合科技有限公司 | Method, device and system for transmitting and processing network packet |
US8630412B2 (en) | 2010-08-25 | 2014-01-14 | Motorola Mobility Llc | Transport of partially encrypted media |
KR101362429B1 (en) * | 2011-07-25 | 2014-02-13 | 주식회사 케이티 | System and method for measuring quality of image contents |
CN102867153B (en) * | 2012-08-30 | 2014-04-09 | 腾讯科技(深圳)有限公司 | Methods and devices for encrypting and decrypting video file and mobile terminal |
CN105308974B (en) | 2013-06-21 | 2019-09-24 | 索尼公司 | Transmitting device, transmission method, transcriber, reproducting method and reception device |
CN103886106B (en) * | 2014-04-14 | 2017-02-22 | 北京工业大学 | Remote sensing image safe-retrieval method based on spectral feature protection |
CN104581201A (en) * | 2014-12-31 | 2015-04-29 | 乐视网信息技术(北京)股份有限公司 | Video encryption method and device |
CN104639943B (en) * | 2015-01-30 | 2018-02-13 | 中国科学院信息工程研究所 | A kind of generic video encryption method and system based on H.264 coding standard |
CN109561345B (en) * | 2018-12-14 | 2021-08-03 | 上海文广科技(集团)有限公司 | Digital movie packaging method based on AVS + coding format |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FI97928C (en) * | 1994-03-21 | 1997-03-10 | Nokia Technology Gmbh | Method of encrypting a television transmission transmitted in digital form |
KR100332743B1 (en) * | 1994-11-26 | 2002-11-07 | 엘지전자주식회사 | Device and method for preventing illegal copy or unauthorized watching of digital image |
US5659539A (en) * | 1995-07-14 | 1997-08-19 | Oracle Corporation | Method and apparatus for frame accurate access of digital audio-visual information |
US6453355B1 (en) * | 1998-01-15 | 2002-09-17 | Apple Computer, Inc. | Method and apparatus for media data transmission |
-
2000
- 2000-05-02 WO PCT/US2000/011891 patent/WO2002015579A1/en not_active Application Discontinuation
- 2000-05-02 KR KR1020027014574A patent/KR20020091254A/en not_active Application Discontinuation
- 2000-05-02 CN CN00819492A patent/CN1452840A/en active Pending
- 2000-05-02 AU AU2000248144A patent/AU2000248144A1/en not_active Abandoned
- 2000-05-02 CA CA002408232A patent/CA2408232C/en not_active Expired - Fee Related
- 2000-05-02 EP EP00930295A patent/EP1275250A1/en not_active Withdrawn
Also Published As
Publication number | Publication date |
---|---|
AU2000248144A1 (en) | 2002-02-25 |
KR20020091254A (en) | 2002-12-05 |
CA2408232A1 (en) | 2002-02-21 |
CN1452840A (en) | 2003-10-29 |
WO2002015579A1 (en) | 2002-02-21 |
EP1275250A1 (en) | 2003-01-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CA2408232C (en) | Method and apparatus for enabling random access to individual pictures in an encrypted video stream | |
US7480381B2 (en) | Super encrypted storage and retrieval of media programs in a hard-paired receiver and storage device | |
JP4782015B2 (en) | Batch-mode session-based encryption of video-on-demand content | |
US7151833B2 (en) | Selective encryption to enable trick play | |
US7333610B2 (en) | System and method for pre-encryption of transmitted content | |
EP1680919B1 (en) | Preparation of content for multiple conditional access methods in video on demand | |
US7804958B2 (en) | Super encrypted storage and retrieval of media programs with smartcard generated keys | |
JP4861258B2 (en) | Method and apparatus for encrypting media programs for later purchase and viewing | |
KR101085989B1 (en) | Composite session-based encryption of video on demand content | |
JP3853180B2 (en) | Video-on-demand pay-per-view service with unmodified conditional access functionality | |
JP4694499B2 (en) | Dynamic composition of pre-encrypted video-on-demand content | |
US8782438B2 (en) | Secure storage and replay of media programs using a hard-paired receiver and storage device | |
WO2000003541A1 (en) | Data multiplexer, program distribution system, program transmission system, toll broadcast system, program transmission method, limited receiving system, and data receiver | |
JP2007510360A (en) | Hybrid storage of video on demand content | |
AU2001282446B2 (en) | System and method for pre-encryption of transmitted content | |
AU2001282446A1 (en) | System and method for pre-encryption of transmitted content |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
EEER | Examination request | ||
MKLA | Lapsed |
Effective date: 20160502 |
|
MKLA | Lapsed |
Effective date: 20160502 |