CN1310497C - CA system for using multiple cipher key broadcasting DTV to different service supply merchants and service areas - Google Patents
CA system for using multiple cipher key broadcasting DTV to different service supply merchants and service areas Download PDFInfo
- Publication number
- CN1310497C CN1310497C CNB018236618A CN01823661A CN1310497C CN 1310497 C CN1310497 C CN 1310497C CN B018236618 A CNB018236618 A CN B018236618A CN 01823661 A CN01823661 A CN 01823661A CN 1310497 C CN1310497 C CN 1310497C
- Authority
- CN
- China
- Prior art keywords
- key
- smart card
- transmission events
- service
- scrambling
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 230000005540 biological transmission Effects 0.000 claims abstract description 55
- 238000000034 method Methods 0.000 claims abstract description 23
- 238000013475 authorization Methods 0.000 description 7
- 230000001143 conditioned effect Effects 0.000 description 5
- 238000004891 communication Methods 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 4
- 230000006978 adaptation Effects 0.000 description 3
- 230000000694 effects Effects 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 230000008676 import Effects 0.000 description 3
- 230000007246 mechanism Effects 0.000 description 3
- 238000012545 processing Methods 0.000 description 3
- 239000013589 supplement Substances 0.000 description 3
- 238000012795 verification Methods 0.000 description 3
- 101000741965 Homo sapiens Inactive tyrosine-protein kinase PRAG1 Proteins 0.000 description 2
- 102100038659 Inactive tyrosine-protein kinase PRAG1 Human genes 0.000 description 2
- 230000008859 change Effects 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- HCBIBCJNVBAKAB-UHFFFAOYSA-N Procaine hydrochloride Chemical compound Cl.CCN(CC)CCOC(=O)C1=CC=C(N)C=C1 HCBIBCJNVBAKAB-UHFFFAOYSA-N 0.000 description 1
- 230000009471 action Effects 0.000 description 1
- 230000008485 antagonism Effects 0.000 description 1
- 230000000903 blocking effect Effects 0.000 description 1
- 239000012141 concentrate Substances 0.000 description 1
- 230000001771 impaired effect Effects 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000004321 preservation Methods 0.000 description 1
- 239000000047 product Substances 0.000 description 1
- 238000011084 recovery Methods 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 230000005236 sound signal Effects 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
- 230000003442 weekly effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/45—Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
- H04N21/462—Content or additional data management, e.g. creating a master electronic program guide from data received from the Internet and a Head-end, controlling the complexity of a video stream by scaling the resolution or bit-rate based on the client capabilities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/41—Structure of client; Structure of client peripherals
- H04N21/418—External card to be used in combination with the client device, e.g. for conditional access
- H04N21/4181—External card to be used in combination with the client device, e.g. for conditional access for conditional access
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04H—BROADCAST COMMUNICATION
- H04H60/00—Arrangements for broadcast applications with a direct linking to broadcast information or broadcast space-time; Broadcast-related systems
- H04H60/09—Arrangements for device control with a direct linkage to broadcast information or to broadcast space-time; Arrangements for control of broadcast-related services
- H04H60/14—Arrangements for conditional access to broadcast information or to broadcast-related services
- H04H60/23—Arrangements for conditional access to broadcast information or to broadcast-related services using cryptography, e.g. encryption, authentication, key distribution
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04H—BROADCAST COMMUNICATION
- H04H60/00—Arrangements for broadcast applications with a direct linking to broadcast information or broadcast space-time; Broadcast-related systems
- H04H60/35—Arrangements for identifying or recognising characteristics with a direct linkage to broadcast information or to broadcast space-time, e.g. for identifying broadcast stations or for identifying users
- H04H60/38—Arrangements for identifying or recognising characteristics with a direct linkage to broadcast information or to broadcast space-time, e.g. for identifying broadcast stations or for identifying users for identifying broadcast time or space
- H04H60/41—Arrangements for identifying or recognising characteristics with a direct linkage to broadcast information or to broadcast space-time, e.g. for identifying broadcast stations or for identifying users for identifying broadcast time or space for identifying broadcast space, i.e. broadcast channels, broadcast stations or broadcast areas
- H04H60/42—Arrangements for identifying or recognising characteristics with a direct linkage to broadcast information or to broadcast space-time, e.g. for identifying broadcast stations or for identifying users for identifying broadcast time or space for identifying broadcast space, i.e. broadcast channels, broadcast stations or broadcast areas for identifying broadcast areas
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/25—Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
- H04N21/266—Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
- H04N21/26606—Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel for generating or managing entitlement messages, e.g. Entitlement Control Message [ECM] or Entitlement Management Message [EMM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/25—Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
- H04N21/266—Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
- H04N21/26613—Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel for generating or managing keys in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/41—Structure of client; Structure of client peripherals
- H04N21/418—External card to be used in combination with the client device, e.g. for conditional access
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/43—Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
- H04N21/436—Interfacing a local distribution network, e.g. communicating with another STB or one or more peripheral devices inside the home
- H04N21/43607—Interfacing a plurality of external cards, e.g. through a DVB Common Interface [DVB-CI]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/43—Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
- H04N21/44—Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs
- H04N21/4405—Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs involving video stream decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/45—Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
- H04N21/4508—Management of client data or end-user data
- H04N21/4516—Management of client data or end-user data involving client characteristics, e.g. Set-Top-Box type, software version or amount of memory available
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/45—Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
- H04N21/454—Content or additional data filtering, e.g. blocking advertisements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N7/00—Television systems
- H04N7/16—Analogue secrecy systems; Analogue subscription systems
- H04N7/162—Authorising the user terminal, e.g. by paying; Registering the use of a subscription channel, e.g. billing
- H04N7/163—Authorising the user terminal, e.g. by paying; Registering the use of a subscription channel, e.g. billing by receiver means only
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N7/00—Television systems
- H04N7/16—Analogue secrecy systems; Analogue subscription systems
- H04N7/167—Systems rendering the television signal unintelligible and subsequently intelligible
- H04N7/1675—Providing digital key or authorisation information for generation or regeneration of the scrambling sequence
Landscapes
- Engineering & Computer Science (AREA)
- Signal Processing (AREA)
- Multimedia (AREA)
- Databases & Information Systems (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
Abstract
The present invention relates to a method for managing access to scrambled broadcast or transmitted events received from various service providers (broadcast television networks, cable television networks and digital satellite systems). In a preferred embodiment, each service provider uses different public keys to encipher access information messages, and each smart card comprises a private key corresponding to the public keys. Therefore, users are allowed to access the transmission events from the service providers without changing the smart cards.
Description
Invention field
The present invention relates to a kind of system and method, can be used for making such as the single consumer-elcetronics devices of set-top box or the Digital Television multiple broadcast service of access conditionally.Each equipment can both receive from the broadcasting of various broadcast signal source or transmission of digital stream.
Background of invention
The foreseeable future, the broadcast digital TV service can comprise several local channels, can broadcast multiple programs simultaneously in each channel, and some programs in these programs are pay-per-view (DPV) programs.The user may want the blended service from several different service suppliers, therefore, and essential service condition connecting system or similar scheme.For example, the user may want to buy all Basketball Match of the Indiana University of local channel 4, and buys all football matches of the Notre Dame of channel 13, and buys all matches of the Indianapolis little coltfoal team of channel 8.If each service in these services is all by scrambling uniquely, the user buys a plurality of conditions for need and inserts smart cards and user and will change card when the channel browsing and can feel inconvenient so.
As mentioned above, conventional system comprises wired, satellite and terrestrial broadcast system.Each of these systems can have multiple descramble key associated therewith.In these systems certain some in addition to each different authorization control message (ECM) multiple descramble key can be arranged.Carry among the ECM descramble key (being sometimes referred to as " control word ") and program concise and to the point description (such as, program number, date, time, price etc.).For example, in wired system, the scrambling in China of some content, other contents can scrambling in local scope, and every kind of scrambling has different ECM and descramble key.Yet, the system of all ubi supras has a common ground, they all are designed to from one and known transmitter program receiving (for example, can from the locational satellite of front end, certain tracks (satellite system) or the single TV station (terrestrial broadcast system) of cable line (wired system)) only.Because all programs of these systems are from a transmitter, system knows to use which group descramble key in advance on any time.
Therefore, a kind of conditional access system of current needs, its uses the multiple key that is associated with different broadcaster or different geographic area.
Brief summary of the invention
Generally, the present invention defines a kind of method, provides condition to insert to conditional broadcasting or transmission events.This method comprises step: receive one first transmission events at least from first service supplier, described transmission events is scrambling; At least receive one second transmission events from second service supplier, described transmission events is scrambling; Receive the encryption access information that is associated with described transmission events; Comprise first and second descramble keys in the described access information; Described first descramble key is corresponding to described first service supplier, and described second descramble key is corresponding to described second service supplier; Described access information is decrypted; And described transmission events carried out descrambling.
Brief Description Of Drawings
A kind of structure of the block diagram of Fig. 1 is connected to a plurality of terrestrial broadcasting sides with a shared Digital Television; And
The block diagram of Fig. 2 is the example embodiment of equipment being carried out the system of access management according to the present invention.
DETAILED DESCRIPTION OF THE PREFERRED
The invention provides a kind of conditional access system, can utilize it from one of a plurality of signal sources, to obtain service.When implementing this conditional access system in Digital Television (DTV), digital video cassette recorder (DVCR), set-top box devices such as (STB), it allows that the user receives the scrambling incident there from more than one service supplier under the situation of not changing conditioned access module or smart card.Alternatively, the function of smart card can be embedded in the DTV.This kind conditional access system can play toll bridge for service access, thereby DTV making side is allowed a kind of mechanism, so that charge according to the use to its DTV.Similarly, the present invention can implement in set-top box (STB) or digital video cassette recorder (DVCR).For the sake of simplicity, following description of this invention will concentrate in the enforcement of the smart card that uses Digital Television and be attached thereto.
A kind of method with descramble key zone " Balkan (ba1kanization) " is proposed, with antagonism such as illegally stealing in the conditional access system in the above-mentioned broadcast system.This method relates to uses different keys, and each key only covers a little geographic area.Therefore, reach out for a descramble key if illegally steal, the geographic area that this key can give application will be very limited.
Incident described herein or program comprise following one of every: (1) audio/visual data, as film, weekly " TV " program or documentary film; (2) text data is as e-magazine, newspaper or weather forecast; (3) computer software; (4) binary data is as image; Perhaps (5) html data (as webpage).The service supplier comprises: provide any supplier of broadcast event, as traditional television network broadcast, cable network, DSN; Supplier such as electronic program guides supplier's electron event table; And Internet Service Provider in some cases.
A kind of conditional access system that resembles one of top institute descriptive system can be based on the Public key technology.At least one Public key (number) can use for all service suppliers.This can be the Public key that is used for each smart card in the condition service system, perhaps also can use a plurality of Public keys.Each smart card has at least been stored the private key of a secret therein, and it can decipher the message by this at least one public-key encryption.
When work, condition access provider sends CA authorization messages (for example ECM) in by the transport stream of public-key encryption, the information that it comprises have such as the title of service supplier's title, program, time and price and with the relevant information of the used key of scrambled program.This message is used the private key deciphering by smart card, and the incident of each purchase is stored up suitable information at smart card memory.
The a certain amount of deposit in order to the purchase program that invests by bank is arranged in the smart card.Short of in excess of the quota, spectators just can buy program.On time, smart card impels phone to call out to the CA center at certain suitable scheduled program.By using another group key, the CA center of cooperating with the bank receives from the charge information of smart card and remaining credit is provided.Bank sends this information and the suitable service supplier of credit.
In Fig. 1, the general structure of managing access Digital Television (DTV) 40a, 40b has been described to be used for by system 30.For for simplicity, following description will be defined in single DTV40a.Similar element number number definition identical functions element.Smart card (SC) 42a (or any other equivalent conditioned access module) inserts or is connected to the intelligent card reader (not shown) of DTV 40a; Bus 45 is communicated with DTV40a and SC42a transmits data with permission between them.This smart card includes according in national renewable safety standard (NRSS) part A, and the ISO7816 card of a plurality of terminals is arranged to have or according to the pcmcia card of NRSS part B in the card surface.This kind smart card also comprises other known patent designs of skilled person in the card of ISO7816 card, pcmcia card, NRSS part A and part B, open cable dispatching point (POD) module, digital video broadcasting (DVB) general-purpose interface (CI) module and the present technique field.
DTV40a can receive the service of a plurality of service suppliers (SP), such as TV and Radio Service 50 and 52, and cable television operators (not shown) and satellite system (not shown).The present invention is particularly conducive to terrestrial broadcasting.Certificate management authority (certificate authority) (CA) 75 directly is not connected with service supplier or DTV40a, but issue digital certificate and public and private key is right, their use is being described subsequently.Within the scope of the invention, the task of certificate management authority 75 can be carried out by the service supplier who cooperates with the DTV40a producer.Charging center 70 is used for the leading subscriber account; Arrange to buy Additional Services and updated information is provided when consuming or use these services the user.
It is a kind of based on system for transmitting inserting (CA) system for this condition of DTV broadcast technology design.The CA information that this means specific broadcaster is only transmitted in its oneself RF channel.Each broadcaster is responsible for its oneself information, thereby does not need to be pre-created guidance code so that the information reconciliation between several broadcaster and/or synchronously.In addition, the CA system supplements with money with " electronic cash " card and is the basis.The user is contained in a certain amount of cash in his/her card (by debit or credit account) in advance, uses Ka Goumaishijianbao then, pays every month subscription fee, or buys the specific program of PPV pattern.The incident bag can comprise that the spy who likes such as you demonstrate,proves all matches of specialty motion or all late show on Sunday film on one or more pseudo channels.
Broadcast channel only is used to the information of the service of transmitting and these services of access.All all the other affairs use Return Channel (being that modulator-demodulator is connected with phone) to carry out.The broadcasting of addressable message is unwanted.Broadcast service uses public scrambling algorithm to be protected.Key and the total public-key encryption of using in the reason of incident purchase information utilization herein, and send to the user by MPEG-2 stream.For the incident bag, incident bag certificate sends to the user from CA server 60a through Return Channel.As described in detail later, certificate is signed usually to guarantee the integrality of certificate.Just, guarantee to receive certificate proper, that do not have modification from transmitter.By security module (for example smart card) again but access service.
Symmetric key cryptography is exactly that identical algorithm and key are used in encryption and decryption.The cryptological basis of Public key is to use two relevant keys, and one public, a special use.Private key is the key of a secret, is difficult to by calculating from deriving private key by shared Public key.Any people with Public key can encrypting messages, but the people or the equipment that just have a relevant and predetermined private key could be deciphered it.Similarly, message also can and anyly can use the people of Public key all can decipher this message by private key encryption.Use private key encryption message can be known as " signature ", this is can verify that because of any people who holds Public key this message is to be sent by the side with private key.This can regard the signature that is similar on the authenticating documents as.
The message of digital signature is a kind of information that has signature that sends with clear-text way (promptly not cipher mode).Attached signature produces by encrypting messages itself or eap-message digest; Eap-message digest is handled by hash and is obtained.(hash is handled and was made message stand one-way Hash algorithm before encrypting messages exactly, such as the SHA-1 of the MD5 that is developed by Ron Rivest or national standard and technology meeting (NIST) and national security agency (NSA) exploitation.) thereby, the recipient of signature information can verify the integrality (promptly being information source or former state) of this message.(Comparatively speaking, public key certificates or digital certificate are a kind of message, and it includes Public key that send with clear-text way, the band signature.) signature verification checks signature by deciphering exactly.
As top defined, five essential parts of CA system are broadcaster, the CA seller, charging center (as bank), terminal use and certificate management authority.Fig. 1 shows total system configuration, and shows this five parts with their communication link and data flow.The terminal use and the CA seller communicate to be used for downloadable authentication by the point-to-point link such as telephone wire.Telephone wire is used for automated transaction and is connected with in case of necessity speech.For automated transaction, the agreement that can move is a PPP(Point-to-Point Protocol).Fail safe utilizes specialized protocol to implement in application layer.
Communication between the CA seller and the broadcaster can be set up by Local Area Network or wide area network (WAN).As mentioned above, fail safe is to use the agreement of the secret definition that moves and is embedded into application layer on existing internetworking protocol.The required broadcasting equipment of protection broadcasting stream can be the non-customized product that obtains from a plurality of CA sellers.
Broadcaster is responsible for transmission: (1) service and (2) authorization messages.This authorization messages comprises that below (perhaps additionally be authorization control (ECM) and entitlement management message (EMM), its permission Any user is bought those services to the access information message (AIM) that will describe in detail.Thereby the point-to-multipoint pattern of broadcast technology is followed in the communication between broadcaster and the user.Broadcasting does not comprise each user that satellite or wired system have usually or subscriber's unique address among the AIM.
Is not connected if DTV40a communicates required backward channel with the CA server, then needs the user to insert the DTV unit that backward channel supports or (bank, ATM, CA seller place office) supplements cash with money in blocking to specific place if will in card, supplement cash with money so.CA operator's effect just likes holder or user's bank, and the effect of charging center just likes businessman's bank.Card association can be the broker between CA operator and the broadcaster bank, and it provides the settlement of transactions service.Quantitative " cash " of charging smart card or conditioned access module can be used for paying the service that is provided by broadcaster now.
No matter adopt which type of cash account transfer mechanism, the user will ask the concrete amount of money is changed over to the CA card from credit or debit account.After the validity of object identity and user resources was suitably verified, transaction was authorized to, and the specified amount of money is deposited in the CA card.
In case the amount of money charges in the card, the user just can buy the service of any amount that broadcaster provides.Can make the amount of the avail minimizing service price in the card after each the purchase.The service that broadcaster provides can be divided into two classes: PPV incident and incident bag.Incident is the TV programme that has the period of distribution in program guide, and the incident bag only is the set of incident.The example of incident bag is NBA match all in (1) given racing season, (2) late show on Sunday film in one or more pseudo channels, and (3) are to the reservation such as the specific virtual channel of HBO.
All incidents one or more audiovisual streams that can have them, that use public symmetric key algorithm scrambling.The authorization messages (for example, ECM, AIM) that comprises purchase information and descramble key can use shared public key algorithm or symmetric key algorithm to encrypt.
After buying an incident, just record can be stored in the smart card, can send it to the CA seller subsequently.In case the purchase information of storage sends to the CA database, CA is provided by the services pay that can provide broadcaster.In addition, there is nonvolatile memory to preserve the information of narrating below in each smart card.
One 32 bit field is represented the card sequence number in the smart card memory.User's (credit or debit) card number is represented with the BCD field of 128 bits.The telephone number of CA server is represented with 10 byte field.The telephone number of alternative CA server is also represented with 10 byte field.The BCD field of 40 bits is used to store user's avail.Signature on the nearest electronic cash certificate is represented with a field.One 8 bit field is used to store a threshold value, notify the user can with electronic cash be less than predetermined threshold, perhaps start the CA server added money from automatic call back.When electronic cash is less than this threshold value, do not need user intervention just 40 bit BCD fields of the expression amount of money can be downloaded on the smart card.This amount of money is determined by the user and is sent to the CA server between the starting period at smart card.If this value is zero, then do not allow the autoelectrinic cash to download.The field of two 768 bits is in order to private key and the Public key in order to sign on the storage authentication certificate of store decrypted AIM.The field of one 21 byte is used for storing the TDES key of descrambling broadcast service.The field of two 96 bytes is used for storing the key that replaces current private key and is used for storing the key that replaces current authentication secret.Also provide the field of one 8 byte to be used for storing the symmetric key that is used for carrying out secure communication with the CA server.Within the scope of the invention, can adopt the scrambling algorithm of non-DES password.
Smart card must be stored the PPV incident of user's purchase and the information of incident bag.If smart card memory is full, then do not allow the user to buy other incident.
Exchanges data between smart card and the main frame (for example, CA supplier) can be based on univocal general-purpose interface, promptly national renewable safety standard (NRSS).EIA-679 part A or part B.Because telephone wire is widely used physical link, so selected agreement is a PPP(Point-to-Point Protocol) between CA server and the main frame, RFC1548 is used as the standard 51 that fail safe is provided in the PPP information newspaper.Technological innovation described herein is not precluded within use other agreement different with PPP on the Return Channel.
PPP is an agreement based on the ISOHDLC standard that is adopted for system X.25 by ITU-T.It is by the datagram of IETF exploitation with a plurality of agreements of transmission on point-to-point link.Frame format is the protocol fields (being defined as " designation number " in RFC1700) of one 16 bit, and the back then is the filling field that comprises optional byte that is used to regulate frame length (if receiving protocol requirement) of adding with the variable length information field.
For swap data between smart card and CA server, define a new agreement, its protocol field value is 0x00FF.For this New Deal, the value of filling field always is zero.New Deal is inserted in the information field affirmation on first byte (ACK) and does not confirm that (NACK) message provides reliable transmission by use, and these two message are all used the UIMSBF form of 8 bits.
Can be as the information (affirmation of carrying in passing) of replying transmission after the ACK.If receiving terminal detects an impaired message, then it responds with NACK, and the request transmitter is retransmitted.
By using top agreement, start callback under smart card any situation below to the CA server:
1. smart card is inserted among the DTV for the first time.
2. the user imports the request that incident bag is in advance bought by the menu that shows.
3. smart card memory is full.
4. local zone time is in midnight [1 point-6 point] and have new record to send.
5. smart card receives the new private key or the notice of authentication secret.
6. the smart card amount of money is less than the threshold value and the autoelectrinic cash download startup of regulation.
7. the user uses the request that the menu input of demonstration is supplemented with money.
8. the user imports the request that cancellation incident bag is bought.
According to different situations, smart card sends the message of initial alarm information with notice relevant user of CA server and call intent.
When the user inserted DTV with smart card for the first time, the information of smart card special use sent to the CA server and registers.This information uses Kcallback (K recovery) to encrypt.
Smart card → CA server: alarm information (its alert_type=0x01)
Smart card ← CA server: acknowledge message
Smart card → CA server: smart card information message
Smart card ← CA server: acknowledge message
Can purchase in advance by the menu that shows.Response user's request, the CA server sends out the bag certificate that can be kept in the smart card.For example,
Smart card → CA server: alarm information (its alert_type=0x02)
Smart card ← CA server: acknowledge message | the bag certificate message of signature
Smart card → CA server: acknowledge message
The bag certificate format comprises following field: 8 bit fields of indication bag certificate message, and it can have two kinds of values, and one is used for renewable bag reservation, and another is used for nonupdatable bag and subscribes.32 bit fields, its sign assignment is given the enrolment authority of provider_index field.One 16 bit field, it identifies content provider.This unique number is registered in the enrolment authority that format_identifier identified.One 16 bit field, it identifies the transmission stream of the incident of carrying.One 16 bit field, it indicates Packet Identifier.8 bit fields that are used for header field.ASCII character packet header variable length field with Latin 1 expansion.Indicate 40 bit fields of contract price lattice with the BCD form.Indicate 24 bit fields of bag expiration date.
PPV incident purchaser record is stored in the smart card temporarily, after event broadcast till.They send to the CA server when not needing one of user intervention and two kinds of situations below:
(i) smart card memory can not be stored more record, perhaps
(ii) local zone time has new record to send in the time period [for example, midnight 1 point-6 point].
All records all use Kcallback (K callback) to encrypt.
(i) smart card memory is full
Smart card → CA server: alarm information (its alert_type=0x03)
Smart card ← CA server: acknowledge message
Smart card → CA server: the encryption PPV incident purchaser record of variable number
Smart card ← CA server: acknowledge message
(ii) local zone time has new record to send in midnight [1 point-6 point].
Smart card → CA server: alarm information (its alert_type=0x04)
Smart card ← CA server: acknowledge message
Smart card → CA server: the encryption PPV incident purchaser record of variable number
Smart card ← CA server: acknowledge message
When private key or authentication secret need be replaced, utilize broadcast channel to send the notification to smart card.Require each user to start callback then to receive new key.
Smart card → CA server: alarm information (wherein alert_type=0x05)
Smart card ← CA server: acknowledge message | key is replaced message
Smart card → CA server: acknowledge message
Charging intelligent card under the situation below:
1. the smart card amount of money is less than the threshold value of regulation, perhaps
2. the user imports charging request by the menu that shows, perhaps
3. smart card is brought to a remote site (if this locality does not have phone to connect).
In all cases, the information that provides the entity of the amount of money will verify debit or credit card produces electronic cash certificate (ECC) and also sends it to smart card.The form of ECC message is 8 bit fields and BCD value 40 bit fields that add the amount of money on the smart card in order to preservation to of a type of message.
1) starting the autoelectrinic cash downloads:
Smart card → CA server: alarm information (its alert_type=0x06)
Smart card ← CA server: acknowledge message
Smart card → CA server: the signature on the electronic cash
Smart card ← CA server: confirm | the electronic cash certificate message of signature
Smart card → CA server: acknowledge message
2) the electronic cash certificate comprises predetermined electronic constant cash.
The autoelectrinic cash is downloaded and is stopped.The user carries out following processing:
Smart card → CA server: alarm information (its alrte_type=0x07)
Smart card ← CA server: acknowledge message
Smart card → CA server: the signature on the electronic cash | electronic cash amount message
Smart card ← CA server: acknowledge message | the electronic cash certificate message of signature
Smart card → CA server: acknowledge message
The user can cancel purchase by the menu that shows on the screen.The action that smart card is taked is decided according to purchase pattern:
(i) purchase of incident bag: begin to call out the CA server.
Smart card → CA server: alarm information (its alrte_type=0x08)
Smart card ← CA server: acknowledge message
Smart card → CA server: the incident bag purchaser record of cancellation
Smart card ← CA server: acknowledge message | the electronic cash certificate message of signature
Smart card → CA server: acknowledge message
The (ii) purchase of PPV incident: if also do not arrive the deadline date of cancellation incident, then Xuan Ding record is deleted fully.
In the adaptation fields of the transport stream packet that carries video data, ATM carries as exclusive data.By applicable instrument and function in the ECM transmission among the use MPEG-2, AIM also can be carried in the transmission stream with different PID.The adaptation_field_control bit should be ' 10 ' (adaptation fields is only arranged, do not have net load) or ' 11 ' (net load is arranged after the adaptation fields).The maximum cycle time with AIM message of identical AIM_id should be 500ms.
The bitstream syntax of access information message comprises following field: 8 bit identifier that this access information message is exclusive.AIM_id is second byte in the dedicated segments in the matching field.The Public key that uses when first byte allocation is used for being identified at protection AIM (if using a plurality of Public keys) at given DMA.And then the AIM_length field is 8 bit fields of byte number among the regulation AIM.The field identification assignment of one 32 bit is given the enrolment authority of provider_index field.The 16-bit field of sign content provider.This unique number is being registered by the enrolment authority that format_identifier identified.Identify 24 bit fields of concrete TV programme or incident.By content provider's assignment that provider_index identified, it is identified at all that program of registering in content provider's database uniquely.The transmission that is carrying incident is flow to 16 bit fields of line identifier.The transmission events special services is carried out uniquely identified 16 bit fields.Identify 14 bit fields of concrete incident in this given service that transmits stream uniquely.Though program_event_id is the value of the incident of a sign content provider, event_id is the program-guide index of incident.Perhaps, the broadcaster that plays content provider effect simultaneously wants to make two numbers to equate, but is invalid when not belonging to this situation.Indicate 32 bit fields of incident time started.Indicate to measure 20 bit fields of incident length second.Be used to store 10 byte field of preceding 10 characters in the English title of incident that this information is described.If actual title is less than 10 characters, then header segment must be filled with ESC characters before in it includes this field.Indicate 5 byte BCD fields of incident price.Indicate 16 bit fields of the affiliated incident bag of this incident.Highest significant position is corresponding to first incident bag, and least significant bit is corresponding to the 16th incident bag.If incident belongs to k incident bag, then k bit of this field should be set to 1.A more than bit can be set to 1, belongs to a plurality of incident bags to represent an incident.64 bit fields (or 168 bit fields of TDES key) that are used for the required DES key of the video and audio signal of descrambling institute consideration incident.Indicating the user need be by calling out 40 bit fields that the CA server obtains new private key or authentication secret.If the flag bit bit puts 1, then key needed to change before the deadline date that indicates.Be 8 bit fields that are used to identify AIM descriptor table total length (is unit with the byte) afterwards.
In one embodiment of the invention, but use authority control messages (ECM) replaces AIM.The form of ECM is defined specially according to MPEG-2 and ATSC standard.Spendable specific format comprise the version number field of protocol version field, 5 bits of segment length field, 8 bits of the form identification field of 8 bits, 3 indicator bit, 12 bits, 2 segment number fields, Public key field, one transmit traffic identifier field, main and secondary channel number fields, 2 event identifier fields, data flow PID and descriptor length field, an encryption verification field, a byte of padding field and one 32 bit crc field.
The RSA that the measured and Public key accepted extensively of the fail safe of system and symmetric key algorithm chosen algorithm are public-key encryption and the TDES and/or the DES of symmetric key scrambling.
In first preferred embodiment of the present invention, have a total RSA public/private key, be used for whole system is implemented to encrypt being Kpub/Kpri.Public key (Kpub) is shared by all broadcaster, and corresponding private key (Kpri) places the smart card based on false proof NRSS-A, distributes to the consumer by CA supplier.This Public key is used to protect the AIM that produces at front end.
In second preferred embodiment of the present invention, use a plurality of public/private key that (Kpub1/Kpri1, Kpub2/Kpri2, Kpub3/Kpri3 etc.) implement are encrypted, each key is pair corresponding with a specific broadcaster or geographic area.
For example, the someone lives in the Princeton, New Jersey, and he can receive from the broadcasting of each broadcast source (just, can receive the broadcasting that comes from area, Philadelphia broadcaster, the broadcasting that Trenton area broadcaster is come, and the next broadcasting of New York City area broadcaster, or the like).By means of use the right conditional access system of a plurality of keys is arranged, wherein each key is pair corresponding (for example with different broadcaster, the corresponding Philadelphia of Kpub1/Kpri1 broadcaster, the corresponding Trenton broadcaster of Kpub2/Kpri2, and the corresponding New York City broadcaster of Kpub3/Kpri3), can receive the transmission that sends with each broadcaster of descrambling the people of Princeton.Particularly, each broadcaster can use its oneself Public key (Kpub1~3) to encrypt its ECM or AIM (having carried descramble key).So, just can descrambling to using corresponding private key (Kpri1~3) to recover descramble key from each transmission of broadcaster.Private key (Kpri1~3) can be disposed in each user's the set-top box or the smart card in the digital television.
In this second preferred embodiment, each broadcaster can use each other Public key that their descramble key (is for example encrypted, Philadelphia broadcaster can be used first Public key (Kpub1), and the Trenton broadcaster can be used second Public key (Kpub2), or the like).If set-top box that the user in area, Princeton has or digital television have the corresponding private key (Kpri1, Kpri2) that is used for each Public key (Kpub1, Kpub2), they can descrambling from the transmission signals of all spot broadcasting sides.
In ECM or AIM, a data byte (it is called " ECM key ID ") is used to indicate uses encrypt specific ECM for which ECM key.Comprise a sheet smart card in the condition memory device (for example, set-top box), it stores ECM and ECM key ID.For example,, and use TDES to encrypt these ECM, a kind of memory mapping of example is shown in the table 1 below if smart card can keep 5 ECM.In this example that following table provides, the smart card of example comprises 3 effective keys, and its ident value is " 55 ", " AA " and " 01 ".
Table 1
The memory location | Content | Numerical value |
100 | ECM_Key_ID1 | 0x55 |
101 | ECM_Key_ID2 | 0XAA |
102 | ECM_Key_ID3 | 0x01 |
103 | ECM_Key_ID4 | 0x00 |
104 | ECM_Key_ID5 | 0x00 |
105-129 | ECM_Key1 | ' key1 ' (as, 0x123456) |
130-153 | ECM_Key2 | ' key2 ' (as, 0x234567) |
154-177 | ECM_Key3 | ' key3 ' (as, 0x345678) |
178-201 | ECM_Key4 | 0x000000 |
202-225 | ECM_Key5 | 0x000000 |
When conditioned access module (for example, set-top box) received an ECM, the software in the module took out the ECM key ID from ECM, sought a record in the ECM of smart card key ID field.For example, receive an ECM, the value in its card in the ECM key ID field is 0x01, can be defined as ECM key ID 3, so software will use " key 3 " to decipher this ECM.According to the authorization message that carries among the ECM, smart card is entered a judgement, and whether authorized user receives a specific program.If the user is authorized, conditioned access module (for example, set-top box) civilian dress carries this audio-video (A/V) stream, uses the descramble key of deciphering to come this A/V stream of descrambling.
In the 3rd preferred embodiment of the present invention, but different geographic area assignments is right with different keys.Provide " every broadcaster " in the example above the replacement, can give the different geographic regions that many broadcaster operations are wherein arranged to assignment, thereby can have more than one broadcaster to use identical key right in those areas different keys.According to top example, but around Philadelphia in the 100 mile radius zones assignment first key to (Kpub1/Kpri1), but around the Trenton in the 100 mile radius zones assignment second key to (Kpub2/Kpri2), but New York City on every side in the 100 mile radius zones assignment the 3rd key to (Kpub3/Kpri3).Like this, near two broadcaster Philadelphia can use same key right.Since the residing geographic area of Trenton by above-mentioned 3 different keys to covering, thereby the condition of Trenton insert the user they set-top box or digital television in can have 3 all correspondences private key (Kpri1~3), be used for the different broadcast singal of descrambling.
The geographical example of dividing above using, the user of Princeton has in their (set-top box or digital television) smart card and is used for Trenton, New York, Philadelphia and the private key of geographic area around any other.Yet, it may be noted that, live in the user who does not receive the transmission signals that comes certain geographic area in the specific geographical area, not necessarily need the private key (just, the user in California is not the private key that needs the transmission of area, Philadelphia) in the sort of area essentially.
Though, above the example of " every broadcaster " and " every geographic area " address and use a plurality of public/private key coming encryption and decryption ECM, it may be noted that the skilled person in the present technique field also can use a plurality of symmetric keys to carry out encryption and decryption.Present technique field those of ordinary skill will recognize that, also can utilize the access information that therefrom can draw descramble key according to certain predetermined processing (for example hash processing).For example, if initial data obtains one or several descramble key after hash is handled, then this kind initial data can be with expressly inserting on the receiver from the transmitter condition that is sent to together with scrambled content.Then, in receiver, initial data is carried out hash and handle, to draw one or several descramble key.
The electronic cash certificate has the amount of money that will be added in the smart card.Incident bag certificate comprises the incident contract price lattice that offer the consumer.Because two certificates all have sensitive data, so need a signature mechanism to guarantee the integrality of these message.Therefore, the channel with feedback path is all passed through in the transmission of all certificates, for example, uses the backward channel of modulator-demodulator.
Although incident bag certificate is sent by the CA server usually, also can be that different signal source (as ATM or other special terminal) is to be used for that electronic cash is downloaded to smart card.If each signal source is used unique private key signature, then DTV need preserve a plurality of Public keys.CA of the present invention system adopts authentication schemes based on ID to allow only to use a Public key to carry out signature verification.
As previously mentioned, in order to participate in scrambling, encryption and signature agreement, broadcaster, CA server and smart card will need to store some key.Fig. 2 has summed up the storage and the use of all types of keys.
Kpub is kept at the broadcaster place, and is used to encrypt the local DES key that is used for scrambling A/V stream that produces.Smart card has the corresponding K pri that is used to recover the DES key.
Ksig be used for signing incident bag and electronic cash certificate.The certificate of signature uses the Kver that is stored in the smart card to verify.In the scheme of describing in part 8.2 based on ID, Ksig is that each certificate supplier (the CA seller, ATM etc.) is exclusive, but Kver is that all certificate suppliers are shared.
Kcallback is that smart card and CA server are shared, and is used to encrypt the sensitive information that is exchanged.The information that sends to the CA server from smart card has payment card number, quantitative electronic cash and incident purchaser record.When needed, Kpri and Kver can be replaced by the CA server generation.Kcallback can be that each card is exclusive, and its replacement is only just possible when the user sends neocaine.
Claims (17)
1. one kind is used for method that the restricted transmission events of access is managed, and described method comprises:
(a) reception is from least one first transmission events of first service supplier, and described transmission events is scrambling;
(b) reception is from least one second transmission events of second service supplier, and described transmission events is scrambling;
(c) receive the access information of the encryption be associated with described transmission events, described access information comprises first and second descramble keys, described first descramble key is corresponding to described first service supplier, and described second descramble key is corresponding to described second service supplier;
(d) decipher described access information; And
(e) the described transmission events of descrambling.
2. the method for claim 1, wherein, the step of deciphering and descrambling realizes in smart card, use corresponding first and second Public keys to encrypt the access information of described encryption, and use corresponding first and second private keys that are stored in correspondence in the described smart card to decipher the access information of described encryption.
3. the method for claim 1, wherein, the step of deciphering and descrambling realizes in smart card, use the access information of the described encryption of corresponding first and second symmetric key encryptions, and use corresponding first and second symmetric keys that are stored in correspondence in the described smart card to decipher the access information of described encryption.
4. the process of claim 1 wherein that described smart card comprises a card body that has many terminals, these terminals are arranged on the surface of described card body according to one of ISO 7816 and pcmcia card standard.
5. the process of claim 1 wherein that first service supplier's the broadcast region and second service supplier's broadcast region is adjacent.
6. the process of claim 1 wherein that first service supplier's the broadcast region and second service supplier's broadcast region is overlapping.
7. one kind can make digital video apparatus to the method that the restricted transmission events of access manages, and comprises step:
(a) receive the access information that uses first public-key encryption from first service supplier, described access information comprises one first encrypted event key;
(b) receive the access information that uses second public-key encryption from second service supplier, described access information comprises one second encrypted event key;
(c) described first and second event key are sent in the smart card that is connected with described digital video apparatus;
(d) receive first transmission events from described first service supplier, described first transmission events is to use the described first event key scrambling;
(e) receive second transmission events from described second service supplier, described second transmission events is to use the described second event key scrambling; And
(f) one of described first and second encrypted event keys of deciphering in described smart card.
8. the method for claim 7 further comprises step:
(g) at least one incident in described first and second transmission events is sent in the described smart card;
(h) in described smart card, use that a key carries out descrambling to one of described first and second transmission events described in described first and second event key; And
(i) transmission events with described descrambling sends described digital video apparatus to.
9. conditional access system comprises:
At least two program service suppliers; And
At least one digital device is used for from the transmission signals of two service suppliers' reception scramblings at least, and described digital device comprises at least one smart card, is used for the transmission signals of the described scrambling of descrambling,
Wherein, described at least one smart card comprises at least two decruption keys, is used at least two corresponding descramble keys of deciphering, and described descramble key is used for the transmission signals that descrambling receives from these two service suppliers at least.
10. the conditional access system of claim 9, wherein, at least two decruption keys comprise at least two private keys.
11. the conditional access system of claim 9, wherein, at least two decruption keys comprise at least two symmetric keys.
12. the conditional access system of claim 9, wherein, make first supplier of at least two service suppliers use the first scrambling key that signal is carried out scrambling by first public-key encryption, second supplier of these at least two service suppliers uses the second scrambling key by second public-key encryption that signal is carried out scrambling, make first key at least two private keys be used to recover the first scrambling key, and descrambling first service supplier's signal, and make second key at least two private keys be used to recover the second scrambling key, and descrambling second service supplier's signal.
13. the conditional access system of claim 9, wherein, first supplier among described at least two service suppliers is configured in first geographic area, second supplier among described at least two service suppliers is configured in second geographic area, and this zone is adjacent with first geographic area but also inequality.
14. the conditional access system of claim 9, wherein, first supplier among described at least two service suppliers is configured in first broadcast region, second supplier among described at least two service suppliers is configured in second broadcast region, and this area is adjacent with first broadcast region but also inequality.
15. one kind is used for method that a plurality of restricted transmission events of access are managed, described method comprises:
(a) reception is from a plurality of transmission events of a plurality of different service suppliers, and described each transmission events is scrambling;
(b) receive encryption access information from a plurality of different service suppliers that are associated with described a plurality of transmission events, described access information comprises a plurality of descramble keys, and each of described a plurality of descramble keys is corresponding to each of described a plurality of service suppliers;
(c) decipher described access information; And
(d) the described a plurality of transmission events of descrambling.
16. a method that provides condition to insert comprises step:
(a) right to the first geographic area assignment, first key;
(b) right to the second geographic area assignment, second key that is different from described first geographic area;
(c) allow that a broadcaster in first geographic area uses the Public key of described first cipher key pair to encrypt at least one descramble key;
(d) allow that a broadcaster in second geographic area uses the Public key of described second cipher key pair to encrypt at least one descramble key;
(e) in digital device, provide the private key of described first cipher key pair and the private key of described second cipher key pair; And
(f) allow that the user uses the private key that provides in the digital device that the transmission signals realization condition from the described scrambling of described first and second geographic areas is inserted.
17. one kind is used for method that the restricted transmission events of access is managed, described method comprises:
(a) reception is from least one first transmission events of first service supplier, and described transmission events is scrambling;
(b) reception is from least one second transmission events of second service supplier, and described transmission events is scrambling;
(c) receive the access information that is associated with described transmission events;
(d) draw first and second descramble keys from described access information, described first descramble key is corresponding to described first service supplier, and described second descramble key is corresponding to described second service supplier; And
(e) use described first and second descramble keys that described transmission events is carried out descrambling.
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/US2001/029818 WO2003043310A1 (en) | 2001-09-25 | 2001-09-25 | Ca system for broadcast dtv using multiple keys for different service providers and service areas |
Publications (2)
Publication Number | Publication Date |
---|---|
CN1550100A CN1550100A (en) | 2004-11-24 |
CN1310497C true CN1310497C (en) | 2007-04-11 |
Family
ID=21742859
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CNB018236618A Expired - Fee Related CN1310497C (en) | 2001-09-25 | 2001-09-25 | CA system for using multiple cipher key broadcasting DTV to different service supply merchants and service areas |
Country Status (8)
Country | Link |
---|---|
EP (1) | EP1483900A1 (en) |
JP (1) | JP2005510137A (en) |
KR (1) | KR20040037133A (en) |
CN (1) | CN1310497C (en) |
BR (1) | BR0117132A (en) |
IL (1) | IL160542A0 (en) |
MX (1) | MXPA04002726A (en) |
WO (1) | WO2003043310A1 (en) |
Families Citing this family (24)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9100457B2 (en) | 2001-03-28 | 2015-08-04 | Qualcomm Incorporated | Method and apparatus for transmission framing in a wireless communication system |
US7352868B2 (en) | 2001-10-09 | 2008-04-01 | Philip Hawkes | Method and apparatus for security in a data processing system |
US7649829B2 (en) | 2001-10-12 | 2010-01-19 | Qualcomm Incorporated | Method and system for reduction of decoding complexity in a communication system |
US7599655B2 (en) | 2003-01-02 | 2009-10-06 | Qualcomm Incorporated | Method and apparatus for broadcast services in a communication system |
KR101123598B1 (en) * | 2003-07-08 | 2012-03-20 | 퀄컴 인코포레이티드 | Method and apparatus for security in a data processing system |
US8724803B2 (en) | 2003-09-02 | 2014-05-13 | Qualcomm Incorporated | Method and apparatus for providing authenticated challenges for broadcast-multicast communications in a communication system |
US7620179B2 (en) | 2004-01-29 | 2009-11-17 | Comcast Cable Holdings, Llc | System and method for security processing media streams |
US20060031873A1 (en) | 2004-08-09 | 2006-02-09 | Comcast Cable Holdings, Llc | System and method for reduced hierarchy key management |
US8099369B2 (en) | 2004-12-08 | 2012-01-17 | Ngna, Llc | Method and system for securing content in media systems |
US7383438B2 (en) | 2004-12-18 | 2008-06-03 | Comcast Cable Holdings, Llc | System and method for secure conditional access download and reconfiguration |
KR100784688B1 (en) * | 2005-01-26 | 2007-12-12 | 한국전자통신연구원 | Contents Execution Device equipped with Independent Authentication Means and Contents Re-Distribution Method |
US7933410B2 (en) | 2005-02-16 | 2011-04-26 | Comcast Cable Holdings, Llc | System and method for a variable key ladder |
KR100648456B1 (en) | 2005-09-30 | 2006-11-24 | 에스케이 텔레콤주식회사 | Purchasing system of complex terminal equipped with middleware and method thereof |
US20080019517A1 (en) * | 2006-04-06 | 2008-01-24 | Peter Munguia | Control work key store for multiple data streams |
US20070239605A1 (en) * | 2006-04-06 | 2007-10-11 | Peter Munguia | Supporting multiple key ladders using a common private key set |
WO2008048255A1 (en) * | 2006-10-16 | 2008-04-24 | Toptrend Global Technologies, Inc. | Dual display apparatus and methodology for broadcast, cable television and iptv |
CN101212642B (en) * | 2006-12-25 | 2012-06-27 | 北京握奇数据系统有限公司 | Broadcast signal processing method, system, and receiver |
CN101056393B (en) * | 2007-04-20 | 2010-06-16 | 中兴通讯股份有限公司 | Data de-scrambling method and system |
US7934083B2 (en) | 2007-09-14 | 2011-04-26 | Kevin Norman Taylor | Configurable access kernel |
SE0950806A1 (en) * | 2009-10-29 | 2011-04-30 | Cryptoguard Ab | Procedure and digital television system |
GB2489672A (en) * | 2011-03-28 | 2012-10-10 | Sony Corp | Authentication certificate distribution to set top boxes |
US20130139198A1 (en) * | 2011-11-29 | 2013-05-30 | General Instrument Corporation | Digital transport adapter regionalization |
KR20130083948A (en) * | 2012-01-16 | 2013-07-24 | 삼성전자주식회사 | Image processing apparatus and control method thereof |
US11349640B2 (en) | 2019-09-12 | 2022-05-31 | Intertrust Technologies Corporation | Dynamic broadcast content access management systems and methods |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5420866A (en) * | 1994-03-29 | 1995-05-30 | Scientific-Atlanta, Inc. | Methods for providing conditional access information to decoders in a packet-based multiplexed communications system |
WO1999007147A1 (en) * | 1997-08-01 | 1999-02-11 | Scientific-Atlanta, Inc. | Method and apparatus for geographically limiting service in a conditional access system |
WO1999007151A1 (en) * | 1997-08-01 | 1999-02-11 | Scientific-Atlanta, Inc. | Mechanism and apparatus for encapsulation of entitlement authorization in conditional access system |
WO2000057636A1 (en) * | 1999-03-24 | 2000-09-28 | Microsoft Corporation | Enhancing smart card usage for associating media content with households |
-
2001
- 2001-09-25 WO PCT/US2001/029818 patent/WO2003043310A1/en active Application Filing
- 2001-09-25 BR BR0117132-1A patent/BR0117132A/en not_active IP Right Cessation
- 2001-09-25 JP JP2003545013A patent/JP2005510137A/en not_active Withdrawn
- 2001-09-25 IL IL16054201A patent/IL160542A0/en unknown
- 2001-09-25 KR KR10-2004-7004395A patent/KR20040037133A/en not_active Application Discontinuation
- 2001-09-25 EP EP01977158A patent/EP1483900A1/en not_active Withdrawn
- 2001-09-25 MX MXPA04002726A patent/MXPA04002726A/en active IP Right Grant
- 2001-09-25 CN CNB018236618A patent/CN1310497C/en not_active Expired - Fee Related
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5420866A (en) * | 1994-03-29 | 1995-05-30 | Scientific-Atlanta, Inc. | Methods for providing conditional access information to decoders in a packet-based multiplexed communications system |
WO1999007147A1 (en) * | 1997-08-01 | 1999-02-11 | Scientific-Atlanta, Inc. | Method and apparatus for geographically limiting service in a conditional access system |
WO1999007151A1 (en) * | 1997-08-01 | 1999-02-11 | Scientific-Atlanta, Inc. | Mechanism and apparatus for encapsulation of entitlement authorization in conditional access system |
WO2000057636A1 (en) * | 1999-03-24 | 2000-09-28 | Microsoft Corporation | Enhancing smart card usage for associating media content with households |
Also Published As
Publication number | Publication date |
---|---|
MXPA04002726A (en) | 2005-10-05 |
BR0117132A (en) | 2004-10-13 |
IL160542A0 (en) | 2004-07-25 |
EP1483900A1 (en) | 2004-12-08 |
KR20040037133A (en) | 2004-05-04 |
WO2003043310A1 (en) | 2003-05-22 |
JP2005510137A (en) | 2005-04-14 |
CN1550100A (en) | 2004-11-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN1310497C (en) | CA system for using multiple cipher key broadcasting DTV to different service supply merchants and service areas | |
CN1146235C (en) | Conditional access system for broadcast digital TV. | |
US20020146125A1 (en) | CA system for broadcast DTV using multiple keys for different service providers and service areas | |
US8761393B2 (en) | Method and apparatus for providing secure internet protocol media services | |
KR100426740B1 (en) | Global conditional access system for broadcast services | |
US20040151315A1 (en) | Streaming media security system and method | |
US8098820B2 (en) | Conditional access system for broadcast digital television | |
US9277259B2 (en) | Method and apparatus for providing secure internet protocol media services | |
MX2007003228A (en) | System and method for providing authorized access to digital content. | |
US20120131333A1 (en) | Service key delivery in a conditional access system | |
JP2005245010A (en) | Source authentication of download information in conditional access system | |
JP2009273151A (en) | Authentication of service in conditional access system | |
JP2004363724A (en) | Reception management apparatus, broadcast receiver, information distributor, and information distribution method and program | |
US20200068175A1 (en) | Method and apparatus for supporting multiple broadcasters independently using a single conditional access system | |
US7664946B2 (en) | System and method of guaranteed anonymity of cable television viewership behavior | |
MXPA01000606A (en) | A conditional access system for broadcast digital television | |
EP3158769A1 (en) | Method and apparatus for providing secure internet protocol media services | |
KR20110057477A (en) | System and method for encrypting content |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
C19 | Lapse of patent right due to non-payment of the annual fee | ||
CF01 | Termination of patent right due to non-payment of annual fee |