EP1621009A1 - Method and device for securing transmission, recording and viewing of digital audiovisual packet flows - Google Patents

Method and device for securing transmission, recording and viewing of digital audiovisual packet flows

Info

Publication number
EP1621009A1
EP1621009A1 EP04760477A EP04760477A EP1621009A1 EP 1621009 A1 EP1621009 A1 EP 1621009A1 EP 04760477 A EP04760477 A EP 04760477A EP 04760477 A EP04760477 A EP 04760477A EP 1621009 A1 EP1621009 A1 EP 1621009A1
Authority
EP
European Patent Office
Prior art keywords
stream
packets
modified
additional information
flow
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP04760477A
Other languages
German (de)
French (fr)
Inventor
Daniel Lecomte
Mohammed Lamtouni
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Medialive SA
Original Assignee
Medialive SA
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Medialive SA filed Critical Medialive SA
Publication of EP1621009A1 publication Critical patent/EP1621009A1/en
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/45Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
    • H04N21/454Content or additional data filtering, e.g. blocking advertisements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/23Processing of content or additional data; Elementary server operations; Server middleware
    • H04N21/234Processing of video elementary streams, e.g. splicing of video streams or manipulating encoded video stream scene graphs
    • H04N21/2347Processing of video elementary streams, e.g. splicing of video streams or manipulating encoded video stream scene graphs involving video stream encryption
    • H04N21/23476Processing of video elementary streams, e.g. splicing of video streams or manipulating encoded video stream scene graphs involving video stream encryption by partially encrypting, e.g. encrypting the ending portion of a movie
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/44Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs
    • H04N21/4405Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs involving video stream decryption
    • H04N21/44055Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs involving video stream decryption by partially decrypting, e.g. decrypting a video stream that has been partially encrypted
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/45Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
    • H04N21/4508Management of client data or end-user data
    • H04N21/4532Management of client data or end-user data involving end-user characteristics, e.g. viewer profile, preferences
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/80Generation or processing of content or additional data by content creator independently of the distribution process; Content per se
    • H04N21/83Generation or processing of protective or descriptive data associated with content; Content structuring
    • H04N21/835Generation of protective data, e.g. certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N7/00Television systems
    • H04N7/16Analogue secrecy systems; Analogue subscription systems
    • H04N7/162Authorising the user terminal, e.g. by paying; Registering the use of a subscription channel, e.g. billing
    • H04N7/163Authorising the user terminal, e.g. by paying; Registering the use of a subscription channel, e.g. billing by receiver means only

Definitions

  • the present invention relates to the field of processing digital audiovisual streams.
  • the present invention relates more particularly to a device capable of securely transmitting a set of films of high visual quality to a viewing screen such as a television screen and / or to be recorded on the hard disk or on any other medium.
  • recording of a box connecting the remote transmission network to the display screen such as a television screen, a projector or a personal computer monitor, while preserving the audiovisual quality but avoiding any fraudulent use such as the possibility of make pirated copies of films or audiovisual programs recorded on the hard disk or any other recording medium of the set-top box.
  • the invention relates to a client-server system and the synchronization mechanism between the server which provides the secure digital stream enabling the audiovisual content to be viewed and the client which reads and displays the digital audiovisual stream.
  • This analysis of the flow mainly consists in marking the TS packets containing essential information for a correct decoding of the video, in the MPEG sense, so that in a second encryption phase, only the useful data of the marked TS packets are encrypted.
  • essential information is not available for unauthorized decoding, and the stream cannot therefore be displayed, while keeping a reasonable calculation time for the encryption.
  • this solution does not solve the security problem because the protection of the video stream is based on an encryption system based on digital keys, but for which the video stream transmitted to a receiving device contains, in an encrypted form, all the information initially present in the original video stream.
  • the video stream received by the client equipment already contains all the information initially present in the unencrypted video stream, even if it is stored in a form which does not allow its immediate use.
  • a malicious user while being disconnected from the network, can process the encrypted video stream so as to put it back in a form usable by a conventional video decoder and can thus bypass the protection system.
  • the present invention relates to the general principle of a method for securing an audiovisual stream.
  • the objective is to authorize video-on-demand and pay-per-view services across all broadcast networks and local recording in the memory of the user's digital set-top box, as well as live or online viewing. deferred, television channels.
  • the solution is to permanently store outside of the user's home, in fact in the broadcasting and transmission network, part of the audiovisual program recorded by the user or broadcast live, this part being essential. to view said audiovisual program on a television screen or monitor type, but being of a very low volume compared to the total volume of the program digital audiovisual recorded at the user's home or received in real time. The missing part will be transmitted in real time via the broadcasting network (transmission) when the said audiovisual program is viewed.
  • modified main stream Most of the audiovisual stream, called “modified main stream” will therefore be transmitted via a conventional broadcasting network, while the missing portion called “additional information" will be sent on demand via a narrowband telecommunications network like conventional telephone networks. or cellular networks of the GSM, GPRS or UMTS type or using a small part of a DSL or BLR type network, or even using a subset of the shared bandwidth on a cable network.
  • the audiovisual stream is reconstructed on the recipient equipment (decoder) by a synthesis module from the modified main stream and additional information.
  • decoder recipient equipment
  • synthesis module from the modified main stream and additional information.
  • the integration of its protection systems into channel decoders poses certain problems linked to the architecture of these decoders and the way they treat the data.
  • the majority of chain decoders use an intermediate format called PES (“Packetized Elementary Stream”), for processing and viewing data.
  • PES Packetized Elementary Stream
  • the present invention provides a protection system, comprising an analysis and scrambling module based on the PES format and respectively an analysis and descrambling module, and which is therefore easily integrated into existing digital audiovisual stream decoders .
  • the present invention relates to a method for the secure distribution of original digital audiovisual streams consisting of audio, video or other data components, characterized in that said original stream is a stream packaged in logical entities, called packets , manipulable and modular in size, each packet comprising a header containing information on said packet and a payload comprising part of the data of the stream, and in that one proceeds, before the transmission to the client equipment, analysis of said packaged stream to generate a main stream conforming to the packaged format of the original stream, modified in that all or part of said packets constituting it have been replaced by packets of the same structure, but the content of which has been modified, and additional information of any format, able to allow the reconstruction of said original flow, then to trans separately putting said modified main stream and said additional information thus generated from the server to the recipient equipment.
  • packets logical entities
  • each packet comprising a header containing information on said packet and a payload comprising part of the data of the stream
  • the method according to the invention has the following specific characteristics: • the substituted packets contain information relating to one or more audio or video streams included in the packaged stream
  • each package incorporates all or part of one (or more) access unit (s)
  • the complementary information contains the substituted packets coming from the original nominal flow • the complementary information contains the packets representing said access units
  • the additional information also includes synchronization data containing time references and metadata associated with the modified or substituted packets
  • the additional information also includes instructions describing actions to be performed on the packets following the processed packet
  • the invention also relates to equipment for manufacturing an audiovisual stream comprising at least one multimedia server containing the original audiovisual sequences and a device for analyzing the audiovisual stream originating from said server to generate said modified main stream and said additional information.
  • the equipment further comprises a standard packaged stream player, at least one recording interface (hard disk) intended to store the content of said modified main stream, at least one decoder element processing the packaged format. and at least one display and hearing interface, characterized in that it includes a means for recomposing the original stream from said modified main stream and from said additional information.
  • the invention also relates to a system for the transmission of an audiovisual stream comprising equipment for producing an audiovisual stream and at least one piece of equipment for operating an audiovisual stream and at least one communication network between the equipment for production and operating equipment (s).
  • a packetized elementary stream is an infinite series of digitally coded images (frames, planes), which can be of intra type (reference image I), predicted (P images) or bidirectional (images B), as described for example in MPEG formats.
  • a packaged elementary audio stream is a series of audio frames or blocks. These coded video or audio frames are of different sizes and constitute what are called Access Units.
  • an elementary stream ES (“Elementary Stream”) undergoes an intermediate packaging step, which allows to cut it into useful and easily manipulated packages called PES packages.
  • the resulting flow is called Packaged Elementary Flow (PES).
  • a PES packet of a packaged elementary stream is a logical structure made up of a header and a payload.
  • the payload simply represents the data taken directly from the access units of the elementary stream to be packaged.
  • the start of the payload does not have to coincide with the start of an access unit, therefore an access unit can appear anywhere in the PES packet and it is even possible that several units are contained in a single package.
  • the header of a PES packet can be of variable length, and mainly includes a packet start prefix, which as the name suggests, allows you to synchronize with the start of a PES packet. This prefix is followed by a stream identifier, which makes it possible to distinguish, in the same program, packets belonging to different elementary streams.
  • the header can also contain time stamps, which are of two types.
  • the presentation time stamp PTS (Presentation Time Stamp) which specifies the time at which an access unit must be displayed and the decoding time stamp DTS ("Decoding Time Stamp”) which, in turn, specifies the time at which an access unit must be moved from the storage buffer to the decoder to be processed.
  • PTS Presentation Time Stamp
  • DTS Decoding Time Stamp
  • the size of a PES packet can be of variable size and this characteristic gives the flow great flexibility because the length of the PES packets can be shaped according to the intended application.
  • the analysis and scrambling system proposed by the present invention is based on the substitution and modification of PES packets. Indeed, as each PES packet contains part of an access unit or several access units, it is easy to remove a certain number of essential packets from the original flow and to replace them with replacement packets which serve as decoys.
  • the replacement packages have a format identical to the substituted packages. Before proceeding with the substitution of the packages, they are identified in a unique way, which allows their easy reconstitution.
  • each PES packet to be substituted is identified in a unique way by a pair composed of a stream identifier and either the presentation timestamp (PTS) in the case where the access unit included in said PES packet is type I or P, or the decoding time stamp (DTS) in the case where the access unit included in said PES packet is type B.
  • PTS presentation timestamp
  • DTS decoding time stamp
  • the scrambling system receives as input an elementary stream (ES) or a transport stream (TS), transforms it into PES format and after analysis of the content of the PES packets, produces two different streams, a modified main stream which contains the original stream in which a certain number of PES packets have been replaced by “decoy” packets, and additional information which contains the packets with the original values and optionally, the information necessary for the location of these packets in the PES stream and / or instructions for performing changes in the packages that follow the modified package.
  • the packets to be replaced are carefully chosen to guarantee a reasonable flow of additional information. Also, for example, a compromise is made between the degree of visual scrambling, and the volume or bit rate of the additional information output from the analysis and scrambling module.
  • the original flow is reconstituted in the decoder unit of the recipient equipment in which the analysis / descrambling module is integrated, which according to the modified main flow and the additional information sent in real time reconstitutes a flow strictly identical to the flow original PES.
  • the process is lossless.
  • the invention will be better understood on reading an exemplary embodiment concerning a stream in MPEG-2 format.
  • the invention highlights the integration of a descrambling module into a market decoder (Satellite or Terrestrial).
  • This analysis / descrambling system is the counterpart of the analysis and scrambling system detailed above, since it performs the reverse operation of the latter. It shows to what extent the choice of the packaged elementary flow is suitable for processing in hardware platforms.
  • the element (1) is the video stream to be scrambled
  • the module (2) is the analysis and scrambling module which receives an audio-visual stream in MPEG format as input. 2 TS or MPEG-2 ES, transforms said input stream into an MPEG-2 stream in PES format and generates two parts at its output different: the modified main stream, reconverted into TS format (31) after the substitution of certain PES packets, and additional information (51) of any format.
  • the modified main stream (31) is stored in the buffer (3) of the server (4), then is sent in real time to the user via a high speed network (7) which can be for example of ADSL, cable or satellite.
  • the additional information (51) is stored in the buffer (5), then is sent to the destination equipment (20) via a low speed transmission means.
  • the networks (6) and (7) can be merged into a single network, for example the complementary information (51) is also sent via a broadband network (7).
  • the element (20) represents a decoder box for a satellite channel for example.
  • the main stream modified (31) in MPEG-2 TS format arrives directly at the input interface (17) and passes via the bus (11) to the demultiplexer (12).
  • the demultiplexer (12) generates a packaged elementary stream (PES) and sends it back to the data bus (11) to be processed and / or stored.
  • the main stream modified at the input of the demultiplexer (12) comes from the hard disk (13) of the decoder unit.
  • the modified main stream (31) arriving in the input interface (17) comes from an external hard disk (15) such as for example the hard disk of a PC connected to the decoder unit (20).
  • the main stream modified at the input of the interface (17) comes from a physical medium (CD, DVD or other storage element) (71) burned at the output of the server (4) with the information of the modified main stream (31) and transmitted to an external reader (18).
  • the physical medium (71) is read by a reader (16) integrated in the housing (20).
  • the modified main stream is first processed by the demultiplexer (12) and then stored in PES format in the hard disk (13) of the decoder unit.
  • the modified main stream are 't previously stored in TS format or on a hard disk (the set-top box (13) or an external hard disk drive (15)) on a physical support (CD, DVD) before being demultiplexed.
  • the main stream modified in PES format is sent to the temporary storage memory (10) via the transport bus (11).
  • the additional information (51) is then transmitted on request to the decoder unit (20) via the network (6) and after having passed through the input interface (17) and the data bus (11), is stored partly in the temporary storage memory (10).
  • the synthesis and descrambling device (8) recovers the parts of the modified main stream (31) and of the additional information (51) stored in the temporary storage module (10) and operates the descrambling in real time of the modified main stream .
  • the additional information (51) arrives in real time via the network (6), the input interface (17) and the bus (11) as and when the synthesis device (8) needs it. All of the additional information (51) is not however never fully sent to the user.
  • the synthesis device (8) sends it to the reader (9), which decodes it and then routes it to a viewing and hearing module (14) of the television screen type.
  • the portal (4) has chosen the MPEG-2 TS stream (31) which it must send to the user's set-top box (20) to be watched on its television screen (14). This user is connected to a digital broadcasting network (7) and to an ADSL telecommunications network (6).
  • the analysis and scrambling module (2) of the portal (4) therefore reads the incoming MPEG-2 TS (1) or MPEG-2 ES (1) stream, transforms it into an MPEG-2 PES stream, analyzes the contents of PES packets and each time it detects a PES packet to be modified, substitutes it with a PES "decoy" packet, which is the same size as the substituted video and audio packet.
  • the analysis and scrambling module (2) then writes each true PES packet into the buffer (5) and continues its analysis until the end of the MPEG-2 input stream, in order to select the following PES packets to edit.
  • the analysis and scrambling module (2) also registers in the buffer containing the additional information (51) information making it possible to locate the modified packet in the PES stream.
  • the analysis and scrambling module (2) also registers in the buffer containing the additional information (51) instructions and data describing modifications to be made on the PES packets which follow the substituted packet .
  • the new modified MPEG-2 stream is then converted into MPEG-2 TS format to be broadcast on the broadcasting network via the link (7) and recorded in the output buffer (3).
  • the substituted PES packets of the incoming MPEG-2 stream (1) are stored in the buffer (5) of the portal (4).
  • the new MP ⁇ G-2 stream The modified file is converted into MPEG-2 TS format to be recorded on a disc (71) of CD or DVD type.
  • the CD or DVD (71) thus created will be read at the time of viewing the stream, by the decoder (20) via the internal reader (16) or via the external reader (18).
  • the protected MPEG-2 stream is broadcast to a set of users (20).
  • the phase described above corresponds to the first phase of preparation of the MPEG-2 stream by the portal (4), its transmission via the broadband network (7) and its recording in a decoder (20).
  • This decoder can then, after processing, display this MPEG-2 PES stream recorded on its hard disk (13).
  • the synthesis system (8) of the decoder (20) reads the MPEG-2 PES file from its hard disk (13), and sends it to a conventional MPEG-2 player (9).
  • the MPEG-2 PES stream which reaches the player (9) is processed, displayed and listened to as is, which causes significant distortion of sound and the display on the television (14).
  • the modified PES packets which are processed by the synthesis module (8) do not correspond to the PES packets which are necessary for correct visualization and hearing, since some of these PES packets have been replaced by random value packets.
  • the reader (9) makes no difference and restores the information on the output screen (14) which appears well as data of a stream audio / video MPEG-2 PES but totally inconsistent for the eye and the ear of the human being who looks at the television screen (14) and listens to the sound.
  • Any copy of the MPEG-2 TS stream coming from the hard disk (13) of the box (20) will produce the same audiovisual effect when it is reproduced by any MPEG-2 player.
  • the synthesis module (8) then makes a request to the hard disk (13) and the data read is temporarily stored in the input buffer (10).
  • the synthesis module (8) then establishes a link with the portal (4) via the telecommunications network (6) which is in our example an ADSL link. Once this connection has been established, and for the entire duration of viewing the film or the audiovisual program, the synthesis module (8) sends buffer memory
  • the synthesis module (8) identifies the packages to be modified using the location data contained in the additional information (51).
  • the PES packets are read and their location in the stream is obtained by reading their header.
  • the additional information contains, in addition to the original PES packets, instructions on actions to be performed on the packets to be followed, for example inversion of certain well-selected bits in a part of the packets which follow.
  • the synthesis module (8) reconstitutes inversely the analysis process and scrambling described above, the original MPEG-2 PES stream and sends the thus reconstructed MPEG-2 PES stream to the player (9) to be displayed on the screen (14) and played correctly.
  • the original PES packets originating from the portal (4) constituting said additional information (5) are deleted from the synthesis system (8).
  • the portal (4) before the portal (4) sends the original PES packets and associated data from its buffer (5), the portal (4) has verified that the user of the box (20) is indeed authorized to receive said information complementary .
  • the modified main stream (5) is passed directly via a network (7) to the input interface (17), then is passed through the bus (11) to the buffer memory (10) and the synthesis module (8).
  • the modified main stream (31) is written (recorded) on a physical medium such as a CD-ROM, DVD, hard disk, flash memory card, etc. (71).
  • the modified main stream (31) will then be read from the physical medium (71) by the disk drive (16) of the housing (20) or by the external disk drive (18) to be transmitted to the read buffer (10) then to the synthesis module (8).
  • the additional information (51) is recorded on a physical medium (52) of credit card format, consisting of a smart card or a flash memory card.
  • This card (52) will be read by the module (17) of the device (20) which includes a card reader (61).
  • the card (52) contains the applications and the algorithms which will be executed by the synthesis module (20).
  • the device (20) is an autonomous, portable and mobile system.
  • This preferred embodiment applies to audiovisual streams originating from the MPEG-2 standard and also to all normalized or standardized digital formats such as MPEG-1, MPEG-4, H262, H264, as well as to digital formats generating packets of private data, that is to say that the security process applies to all digital formats, for example but not only, to those regulated by the "Systems" part of the MPEG-2 standard (ISO / IEC 13818 -1).

Landscapes

  • Engineering & Computer Science (AREA)
  • Multimedia (AREA)
  • Signal Processing (AREA)
  • Databases & Information Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
  • Television Signal Processing For Recording (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention relates to a method for the secure distribution of audiovisual sequences according to a nominal format flow respecting the PES format, resulting from audio, visual or data packet flows whereby said packing is carried out by encapsulating audio components, video components or data components in logical entities which are known are as packets and which can be easily manipulated and which are of a modulatable size, whereby each packet is prefixed by an entity containing information on the packet and a useful load comprising part of the data of the flow. PES format packing, along with analysis of the PES flow in order to generate a principle flow in keeping with the PES format, which is modified in the sense that all or part of said PES packets forming it are substituted by packets having the same structure but whose contents are modified, and additional information in any particular format extracted from the original flow enabling the reconstruction of the original flow, occurs prior to transmission to the client's equipment. The principle modified flow is then transmitted separately in addition to the additional information thus generated from the server to the intended equipment and a synthesis of a flow having a nominal format is calculated according to the modified principal flow and the additional information.

Description

PROCEDE ET DISPOSITIF POUR SECURISER LA TRANSMISSION, L' ENREGISTREMENT ET LA VISUALISATION DE FLUX EMPAQUETES AUDIOVISUELS NUMERIQUES METHOD AND DEVICE FOR SECURING THE TRANSMISSION, RECORDING AND VIEWING OF DIGITAL AUDIO-PACKAGED STREAMS
La présente invention se rapporte au domaine du traitement de flux audiovisuels numériques.The present invention relates to the field of processing digital audiovisual streams.
On se propose dans la présente invention de fournir un procédé et un système permettant de recomposer un contenu audiovisuel numérique préalablement modifié visuellement.It is proposed in the present invention to provide a method and a system for recomposing digital audiovisual content previously visually modified.
La présente invention se rapporte plus particulièrement à un dispositif capable de transmettre de façon sécurisée un ensemble de films de haute qualité visuelle vers un écran de visualisation type écran de télévision et/ou pour être enregistré sur le disque dur ou sur tout autre support d'enregistrement d'un boîtier reliant le réseau de télétransmission à l'écran de visualisation tel qu'un écran de télévision, un projecteur ou un moniteur d'ordinateur personnel, tout en préservant la qualité audiovisuelle mais en évitant toute utilisation frauduleuse comme la possibilité de faire des copies pirates de films ou de programmes audiovisuels enregistrés sur le disque dur ou tout autre support d'enregistrement du boîtier décodeur. L'invention concerne un système client-serveur et le mécanisme de synchronisation entre le serveur qui fournit le flux numérique sécurisé permettant le visionnage du contenu audiovisuel et le client qui lit et affiche le flux audiovisuel numérique.The present invention relates more particularly to a device capable of securely transmitting a set of films of high visual quality to a viewing screen such as a television screen and / or to be recorded on the hard disk or on any other medium. recording of a box connecting the remote transmission network to the display screen such as a television screen, a projector or a personal computer monitor, while preserving the audiovisual quality but avoiding any fraudulent use such as the possibility of make pirated copies of films or audiovisual programs recorded on the hard disk or any other recording medium of the set-top box. The invention relates to a client-server system and the synchronization mechanism between the server which provides the secure digital stream enabling the audiovisual content to be viewed and the client which reads and displays the digital audiovisual stream.
Avec les solutions actuelles, il est possible de transmettre des films et des programmes audiovisuels sous forme numérique via des réseaux de diffusion de type hertzien, câble, satellite, etc. ou via des réseaux de télécommunication type DSL (Digital Subscriber Line) ou BLR (boucle locale radio) ou via des réseaux DAB (Digital Audio Broadcasting) , etc. Par ailleurs, pour éviter le piratage des œuvres ainsi diffusées, ces dernières sont souvent cryptées ou embrouillées par divers moyens bien connus de l'homme de l'art.With current solutions, it is possible to transmit films and audiovisual programs under digital form via radio, cable, satellite, etc. or via telecommunications networks such as DSL (Digital Subscriber Line) or BLR (radio local loop) or via DAB (Digital Audio Broadcasting) networks, etc. Furthermore, to avoid pirating of the works thus distributed, the latter are often encrypted or confused by various means well known to those skilled in the art.
Dans l'état de l'art précédent, la solution la plus proche de notre invention est décrite par le document WO 00/60846 (Diva Systems Corporation) . Cet art antérieur propose une solution de distribution de Vidéo à la Demande via un système de serveurs répartis. La protection du contenu de la vidéo numérique s'appuie sur un système de cryptage à base de clés numériques . La principale innovation de cet art précédent est de permettre un cryptage et un décryptage des flux conformes à la norme MPEG-TS (MPEG-Transport Stream) , simplifié en ce que l'on procède au préalable à une analyse du flux MPEG afin d'optimiser le cryptage en fonction de la structure du flux. Le temps de calcul est en effet fortement diminué grâce à un cryptage sélectif et optimal du flux MPEG-TS. Cette analyse du flux consiste principalement à marquer les paquets TS contenant une information essentielle pour un décodage correct de la vidéo, au sens MPEG, de façon à ce que dans une deuxième phase de cryptage, seules les données utiles des paquets TS marqués soient cryptées. Ainsi, l'information essentielle n'est pas disponible pour un décodage non autorisé, et le flux ne peut donc pas être affiché, tout en conservant un temps de calcul raisonnable pour le cryptage. Cependant cette solution ne permet pas de résoudre le problème de la sécurité car la protection du flux vidéo repose sur un système de cryptage à base de clés numériques, mais pour lequel le flux vidéo transmis à un équipement récepteur contient, sous une forme cryptée, toutes les informations initialement présentes dans le flux vidéo originel. Ainsi, le flux vidéo reçu par l'équipement client contient déjà toutes les informations initialement présentes dans le flux vidéo non crypté, même si elles sont stockées sous une forme qui ne permet pas leur utilisation immédiate. Un utilisateur mal intentionné, tout en étant déconnecté du réseau, peut traiter le flux vidéo crypté de façon à le remettre sous une forme utilisable par un décodeur vidéo classique et peut ainsi contourner le système de protection .In the prior art, the solution closest to our invention is described by document WO 00/60846 (Diva Systems Corporation). This prior art proposes a video on demand distribution solution via a system of distributed servers. The protection of digital video content is based on an encryption system based on digital keys. The main innovation of this previous art is to allow encryption and decryption of streams conforming to the MPEG-TS standard (MPEG-Transport Stream), simplified in that an analysis of the MPEG stream is carried out beforehand. optimize encryption according to the flow structure. The computation time is indeed greatly reduced thanks to a selective and optimal encryption of the MPEG-TS stream. This analysis of the flow mainly consists in marking the TS packets containing essential information for a correct decoding of the video, in the MPEG sense, so that in a second encryption phase, only the useful data of the marked TS packets are encrypted. Thus, essential information is not available for unauthorized decoding, and the stream cannot therefore be displayed, while keeping a reasonable calculation time for the encryption. However, this solution does not solve the security problem because the protection of the video stream is based on an encryption system based on digital keys, but for which the video stream transmitted to a receiving device contains, in an encrypted form, all the information initially present in the original video stream. Thus, the video stream received by the client equipment already contains all the information initially present in the unencrypted video stream, even if it is stored in a form which does not allow its immediate use. A malicious user, while being disconnected from the network, can process the encrypted video stream so as to put it back in a form usable by a conventional video decoder and can thus bypass the protection system.
La présente invention concerne le principe général d'un procédé de sécurisation d'un flux audiovisuel. L'objectif est d'autoriser les services de vidéo à la demande et à la carte à travers tous les réseaux de diffusion et l'enregistrement local dans la mémoire du boîtier décodeur numérique de l'usager, ainsi que la visualisation en direct ou en différé, des chaînes de télévision. La solution consiste à conserver en permanence à l'extérieur de l'habitation de l'usager, en fait dans le réseau de diffusion et de transmission, une partie du programme audiovisuel enregistré chez l'usager ou diffusé en direct, cette partie étant primordiale pour visualiser ledit programme audiovisuel sur un écran de télévision ou de type moniteur, mais étant d'un volume très faible par rapport au volume total du programme audiovisuel numérique enregistré chez l'usager ou reçu en temps réel. La partie manquante sera transmise en temps réel via le réseau de diffusion (transmission) au moment de la visualisation dudit programme audiovisuel.The present invention relates to the general principle of a method for securing an audiovisual stream. The objective is to authorize video-on-demand and pay-per-view services across all broadcast networks and local recording in the memory of the user's digital set-top box, as well as live or online viewing. deferred, television channels. The solution is to permanently store outside of the user's home, in fact in the broadcasting and transmission network, part of the audiovisual program recorded by the user or broadcast live, this part being essential. to view said audiovisual program on a television screen or monitor type, but being of a very low volume compared to the total volume of the program digital audiovisual recorded at the user's home or received in real time. The missing part will be transmitted in real time via the broadcasting network (transmission) when the said audiovisual program is viewed.
La plus grande partie du flux audiovisuel, appelé «flux principal modifié» sera donc transmise via un réseau de diffusion classique alors que la partie manquante appelée «information complémentaire» sera envoyée à la demande via un réseau de télécommunication bande étroite comme les réseaux téléphoniques classiques ou les réseaux cellulaires de type GSM, GPRS ou UMTS ou en utilisant une petite partie d'un réseau de type DSL ou BLR, ou encore en utilisant un sous-ensemble de la bande passante partagée sur un réseau câblé. Le flux audiovisuel est reconstitué sur l'équipement destinataire (décodeur) par un module de synthèse à partir du flux principal modifié et de l'information complémentaire. Actuellement, la majorité des systèmes de sécurisation opèrent soit sur des flux élémentaires Audio/Vidéo élémentaires (ES : « Elementary Stream ») , soit directement sur des flux de transport (TS : « Transport Stream ») . L'intégration de ses systèmes de protection dans les décodeurs de chaînes (Satellite ou Terrestre) , appelés communément « Set-Top-Box » en anglais, pose certains problèmes liés à l'architecture même de ces décodeurs et de la manière dont ils traitent les données. En effet, la majorité des décodeurs de chaînes utilisent un format intermédiaire dit PES (« Packetized Elementary Stream », ou flux élémentaire empaqueté) , pour le traitement et le visionnage des données . La présente invention réalise un système de protection, comprenant un module d'analyse et d' embrouillage basé sur le format PES et respectivement un module d'analyse et de désembrouillage, et qui est par conséquent facilement intégrable dans les décodeurs de flux audiovisuels numériques existants .Most of the audiovisual stream, called "modified main stream" will therefore be transmitted via a conventional broadcasting network, while the missing portion called "additional information" will be sent on demand via a narrowband telecommunications network like conventional telephone networks. or cellular networks of the GSM, GPRS or UMTS type or using a small part of a DSL or BLR type network, or even using a subset of the shared bandwidth on a cable network. The audiovisual stream is reconstructed on the recipient equipment (decoder) by a synthesis module from the modified main stream and additional information. Currently, the majority of security systems operate either on elementary Audio / Video elementary streams (ES: “Elementary Stream”), or directly on transport streams (TS: “Transport Stream”). The integration of its protection systems into channel decoders (Satellite or Terrestrial), commonly known as “Set-Top-Box” in English, poses certain problems linked to the architecture of these decoders and the way they treat the data. In fact, the majority of chain decoders use an intermediate format called PES (“Packetized Elementary Stream”), for processing and viewing data. The present invention provides a protection system, comprising an analysis and scrambling module based on the PES format and respectively an analysis and descrambling module, and which is therefore easily integrated into existing digital audiovisual stream decoders .
Dans son acceptation la plus générale, la présente invention concerne un procédé pour la distribution sécurisée de flux originel audiovisuels numérisés constitués de composantes audio, vidéo ou autres données, caractérisé en ce que ledit flux originel est un flux empaquetées dans des entités logiques, dites paquets, manipulables et de taille modulable, chaque paquet comportant une entête contenant des informations sur ledit paquet et une charge utile comportant une partie des données du flux, et en ce que l'on procède, avant la transmission à l'équipement client, à une analyse dudit flux empaqueté pour générer un flux principal conforme au format empaqueté du flux originel, modifié en ce que tout ou partie desdits paquets le constituant ont été substitués par des paquets de même structure, mais dont le contenu a été modifié, et une information complémentaire d'un format quelconque, apte à permettre la reconstruction dudit flux originel, puis à transmettre séparément ledit flux principal modifié et ladite information complémentaire ainsi générés depuis le serveur vers l'équipement destinataire.In its most general acceptance, the present invention relates to a method for the secure distribution of original digital audiovisual streams consisting of audio, video or other data components, characterized in that said original stream is a stream packaged in logical entities, called packets , manipulable and modular in size, each packet comprising a header containing information on said packet and a payload comprising part of the data of the stream, and in that one proceeds, before the transmission to the client equipment, analysis of said packaged stream to generate a main stream conforming to the packaged format of the original stream, modified in that all or part of said packets constituting it have been replaced by packets of the same structure, but the content of which has been modified, and additional information of any format, able to allow the reconstruction of said original flow, then to trans separately putting said modified main stream and said additional information thus generated from the server to the recipient equipment.
Avantageusement, le procédé selon l'invention présente les caractéristiques spécifiques suivantes : • les paquets substitués contiennent des informations relatives à un ou plusieurs flux audio ou vidéo inclus dans le flux empaquetéAdvantageously, the method according to the invention has the following specific characteristics: • the substituted packets contain information relating to one or more audio or video streams included in the packaged stream
• l'analyse du flux comporte une étape de sélection des paquets à substituer• the analysis of the flow includes a step of selecting the packets to replace
• chaque paquet incorpore tout ou partie d'une (ou plusieurs) unité (s) d'accès• each package incorporates all or part of one (or more) access unit (s)
• l'information complémentaire contient les paquets substitués issus du flux nominal originel • l'information complémentaire contient les paquets représentant lesdites unités d'accès• the complementary information contains the substituted packets coming from the original nominal flow • the complementary information contains the packets representing said access units
• l'information complémentaire comprend en outre des données de synchronisation contenant des références temporelles et de méta-données associées aux paquets modifiés ou substitués• the additional information also includes synchronization data containing time references and metadata associated with the modified or substituted packets
• l'information complémentaire comprend en outre des instructions décrivant des actions à effectuer sur les paquets qui suivent le paquet traité• the additional information also includes instructions describing actions to be performed on the packets following the processed packet
• les paquets utilisés pour substituer les paquets du flux originel sont choisis de sorte que ledit flux principal modifié a la même taille en octets que le flux originel• the packets used to replace the packets of the original stream are chosen so that said modified main stream has the same size in bytes as the original stream
• on calcule sur l'équipement destinataire une synthèse d'un flux au format nominal en fonction dudit flux principal modifié et de ladite information complémentaire• a summary of a stream in nominal format is calculated on the recipient equipment as a function of said modified main stream and of said additional information
• le flux originel à protéger est encodé selon une norme ou un standard propriétaire quelconque supportant le format empaqueté, comme par exemple les formats PES des normes MPEG-2 ou MPEG-4. L'invention concerne également un équipement pour la fabrication d'un flux audiovisuel comportant au moins un serveur multimédia contenant les séquences audiovisuelles originelles et un dispositif d'analyse du flux audiovisuel provenant dudit serveur pour générer ledit flux principal modifié et ladite information complémentaire .• the original stream to be protected is encoded according to any norm or any proprietary standard supporting the packaged format, such as for example the PES formats of the MPEG-2 or MPEG-4 standards. The invention also relates to equipment for manufacturing an audiovisual stream comprising at least one multimedia server containing the original audiovisual sequences and a device for analyzing the audiovisual stream originating from said server to generate said modified main stream and said additional information.
Selon les variantes de cette invention, l'équipement comprend en outre un lecteur standard de flux empaqueté, au moins une interface d'enregistrement (disque dur) destiné à stocker le contenu dudit flux principal modifié, au moins un élément décodeur traitant le format empaqueté et au moins une interface d'affichage et d'audition, caractérisé en ce qu'il comporte un moyen pour la recomposition du flux originel à partir dudit flux principal modifié et de ladite information complémentaire .According to the variants of this invention, the equipment further comprises a standard packaged stream player, at least one recording interface (hard disk) intended to store the content of said modified main stream, at least one decoder element processing the packaged format. and at least one display and hearing interface, characterized in that it includes a means for recomposing the original stream from said modified main stream and from said additional information.
L'invention concerne également un système pour la transmission d'un flux audiovisuel comprenant un équipement de production d'un flux audiovisuel et au moins un équipement d'exploitation d'un flux audiovisuel et au moins un réseau de communication entre l'équipement de production et le (s) équipement (s) d'exploitation.The invention also relates to a system for the transmission of an audiovisual stream comprising equipment for producing an audiovisual stream and at least one piece of equipment for operating an audiovisual stream and at least one communication network between the equipment for production and operating equipment (s).
La présente invention sera mieux comprise à la lecture de la description d'un exemple non limitatif de réalisation qui suit, se référant à la figure qui décrit l'architecture d'ensemble d'un système pour la mise en œuvre du procédé selon l'invention. L'élaboration de la protection des flux vidéo et audio est basée sur la structure empaquetée des flux audiovisuels et des caractéristiques qui découlent de cette paquetisation, dont nous rappelons ci-après les propriétés à l'aide d'un exemple décrivant le format PES .The present invention will be better understood on reading the description of a nonlimiting exemplary embodiment which follows, referring to the figure which describes the overall architecture of a system for implementing the method according to invention. The development of the protection of video and audio streams is based on the packaged structure of audiovisual streams and characteristics which follow from this package, the properties of which we recall below using an example describing the PES format.
Un flux vidéo élémentaire empaqueté PES («Packetized Elementary Stream ») est une suite infinie d'images (trames, plans) codées numériquement, qui peuvent être de type intra (image I de référence) , prédites (images P) ou bidirectionnelles (images B) , comme décrit par exemple dans les formats MPEG. De même un flux audio élémentaire empaqueté est une suite de trames ou blocs audio. Ces trames vidéo ou audio codées sont de tailles différentes et constituent ce qu'on appelle des Unités d'Accès.A packetized elementary stream (PES) is an infinite series of digitally coded images (frames, planes), which can be of intra type (reference image I), predicted (P images) or bidirectional (images B), as described for example in MPEG formats. Similarly, a packaged elementary audio stream is a series of audio frames or blocks. These coded video or audio frames are of different sizes and constitute what are called Access Units.
Avant d'être transformé en un flux de programme PS (« Program Stream ») ou un flux de transport TS (« Transport Stream ») , un flux élémentaire ES (« Elementary Stream ») subit une étape intermédiaire d'empaquetage, qui permet de le découper en paquets utiles et facilement manipulables dits paquets PES. Le flux qui en résulte est appelé Flux Elémentaire Empaqueté (PES en anglais) .Before being transformed into a program stream PS (“Program Stream”) or a transport stream TS (“Transport Stream”), an elementary stream ES (“Elementary Stream”) undergoes an intermediate packaging step, which allows to cut it into useful and easily manipulated packages called PES packages. The resulting flow is called Packaged Elementary Flow (PES).
Un paquet PES d'un flux élémentaire empaqueté est une structure logique constituée d'un entête et d'une charge utile. La charge utile représente simplement les données prises directement des unités d'accès du flux élémentaire à empaqueter. Il n'est pas obligatoire que le début de la charge utile coïncide avec le début d'une unité d'accès, par conséquent une unité d'accès peut apparaître n'importe où dans le paquet PES et il est même possible que plusieurs unités d'accès soient contenues dans un seul et même paquet. L'entête d'un paquet PES peut être de longueur variable, et comprend principalement un préfixe de début de paquet, qui comme son nom l'indique, permet de se synchroniser sur le début d'un paquet PES. Ce préfixe est suivi d'un identificateur de flux, qui permet de distinguer, dans un même programme, des paquets appartenant à des flux élémentaires différents. L'entête peut aussi contenir des horodatages, qui sont de deux types. L'horodatage de présentation PTS (« Présentation Time Stamp ») qui spécifie l'heure à laquelle une unité d'accès doit être affichée et l'horodatage de décodage DTS (« Decoding Time Stamp ») qui, quant a lui, spécifie l'heure à laquelle une unité d'accès doit être déplacée du tampon de stockage au décodeur pour être traitée. Dans le cas des paquets PES audio, seul l'horodatage PTS est présent, les trames audio étant décodées les unes après les autres. Ces deux empreintes temporelles sont d'une grande importance et permettent entre autres de distinguer un paquet PES d'une manière unique dans le flux.A PES packet of a packaged elementary stream is a logical structure made up of a header and a payload. The payload simply represents the data taken directly from the access units of the elementary stream to be packaged. The start of the payload does not have to coincide with the start of an access unit, therefore an access unit can appear anywhere in the PES packet and it is even possible that several units are contained in a single package. The header of a PES packet can be of variable length, and mainly includes a packet start prefix, which as the name suggests, allows you to synchronize with the start of a PES packet. This prefix is followed by a stream identifier, which makes it possible to distinguish, in the same program, packets belonging to different elementary streams. The header can also contain time stamps, which are of two types. The presentation time stamp PTS ("Presentation Time Stamp") which specifies the time at which an access unit must be displayed and the decoding time stamp DTS ("Decoding Time Stamp") which, in turn, specifies the time at which an access unit must be moved from the storage buffer to the decoder to be processed. In the case of audio PES packets, only the PTS time stamp is present, the audio frames being decoded one after the other. These two time stamps are of great importance and allow, among other things, to distinguish a PES packet in a unique way in the flow.
La taille d'un paquet PES peut être de taille variable et cette caractéristique confère au flux une grande flexibilité car la longueur des paquets PES peut être modelée en fonction de l'application visée. Le système d'analyse et d' embrouillage proposé par la présente invention repose sur la substitution et la modification de paquets PES. En effet, comme chaque paquet PES contient une partie d'une unité d'accès ou plusieurs unités d'accès, il est facile d'enlever un -certain nombre de paquets essentiels du flux originel et de les substituer par des paquets de remplacement qui servent de leurres. Les paquets de remplacement ont un format identique aux paquets substitués. Avant de procéder à une substitution des paquets, ces derniers sont identifiés d'une manière unique, ce qui permet leur reconstitution facile. Par exemple, la norme MPEG-2 Audio/Vidéo dans sa partie système (ISO/CEI 13818-1) spécifie un certain nombre d'éléments qui permettent cette identification. Ainsi, dans la procédure décrite par la présente invention, chaque paquet PES à substituer est identifié d'une manière unique par un couple composé d'un identificateur de flux et soit l'horodatage de- présentation (PTS) dans le cas où l'unité d'accès qu'inclut ledit paquet PES est de type I ou P, soit l'horodatage de décodage (DTS) dans le cas ou l'unité d'accès qu'inclut ledit paquet PES est de type B. Pour les paquets de type audio, le même principe est appliqué de sorte que chaque paquet audio au format PES est identifié par l'identificateur du flux auquel il appartient et par l'horodatage de présentation (PTS) de l'unité d'accès audio qui lui est associé. Concrètement, le système d' embrouillage reçoit en entrée un flux élémentaire (ES) ou un flux de transport (TS) , le transforme en format PES et après analyse du contenu des paquets PES, produit deux flux différents, un flux principal modifié qui contient le flux originel dans lequel un certain nombre de paquets PES ont été substitués par des paquets « leurres », et une information complémentaire qui contient les paquets avec les valeurs originelles et optionnellement, les informations nécessaires à la localisation de ces paquets dans le flux PES et/ou des instructions pour effectuer des modifications dans les paquets qui suivent le paquet modifié. Les paquets à substituer sont judicieusement choisis pour garantir un débit raisonnable de l'information complémentaire. Aussi, par exemple, un compromis est fait entre le degré d' embrouillage visuel, et le volume ou le débit de l'information complémentaire en sortie du module d'analyse et d' embrouillage . Le flux originel est reconstitué dans le boîtier décodeur de l'équipement destinataire dans lequel est intégré le module d' analyse/désembrouillage, qui en fonction du flux principal modifié et de l'information complémentaire envoyée en temps réel reconstitue un flux strictement identique au flux originel PES . Le procédé est sans perte . L'invention sera mieux comprise à la lecture d'un exemple de réalisation concernant un flux au format MPEG-2. Dans cet exemple, l'invention met en évidence l'intégration d'un module de désembrouillage dans un décodeur de chaînes (Satellite ou Terrestre) du marché. Ce système d' analyse/désembrouillage est la contrepartie du système d' analyse et d' embrouillage détaillé précédemment, car il effectue l'opération inverse de ce dernier. Il montre dans quelle mesure le choix du flux élémentaire empaqueté est adapté au traitement dans les plates-formes matérielles. Dans cet exemple préféré de réalisation, mais non limitatif, l'élément (1) est le flux vidéo à embrouiller, le module (2) est le module d'analyse et d' embrouillage qui reçoit en entrée un flux audiovisuel au format MPEG-2 TS ou MPEG-2 ES, transforme ledit flux d'entrée en un flux MPEG-2 au format PES et génère à sa sortie deux parties différentes : le flux principal modifié, reconverti en format TS (31) après la substitution des certains paquets PES, et l'information complémentaire (51) de format quelconque. Le flux principal modifié (31) est stocké dans le tampon (3) du serveur (4) , puis est envoyé en temps réel à l'utilisateur via un réseau haut débit (7) qui peut être par exemple de type ADSL, câble ou satellite. L'information complémentaire (51) est stockée dans le tampon (5), puis est envoyée vers l'équipement destinataire (20) via un moyen de transmission bas débitThe size of a PES packet can be of variable size and this characteristic gives the flow great flexibility because the length of the PES packets can be shaped according to the intended application. The analysis and scrambling system proposed by the present invention is based on the substitution and modification of PES packets. Indeed, as each PES packet contains part of an access unit or several access units, it is easy to remove a certain number of essential packets from the original flow and to replace them with replacement packets which serve as decoys. The replacement packages have a format identical to the substituted packages. Before proceeding with the substitution of the packages, they are identified in a unique way, which allows their easy reconstitution. For example, the MPEG-2 Audio / Video standard in its system part (ISO / IEC 13818-1) specifies a certain number of elements which allow this identification. Thus, in the procedure described by the present invention, each PES packet to be substituted is identified in a unique way by a pair composed of a stream identifier and either the presentation timestamp (PTS) in the case where the access unit included in said PES packet is type I or P, or the decoding time stamp (DTS) in the case where the access unit included in said PES packet is type B. For packets of audio type, the same principle is applied so that each audio packet in PES format is identified by the identifier of the stream to which it belongs and by the presentation timestamp (PTS) of the audio access unit assigned to it associated. Concretely, the scrambling system receives as input an elementary stream (ES) or a transport stream (TS), transforms it into PES format and after analysis of the content of the PES packets, produces two different streams, a modified main stream which contains the original stream in which a certain number of PES packets have been replaced by “decoy” packets, and additional information which contains the packets with the original values and optionally, the information necessary for the location of these packets in the PES stream and / or instructions for performing changes in the packages that follow the modified package. The packets to be replaced are carefully chosen to guarantee a reasonable flow of additional information. Also, for example, a compromise is made between the degree of visual scrambling, and the volume or bit rate of the additional information output from the analysis and scrambling module. The original flow is reconstituted in the decoder unit of the recipient equipment in which the analysis / descrambling module is integrated, which according to the modified main flow and the additional information sent in real time reconstitutes a flow strictly identical to the flow original PES. The process is lossless. The invention will be better understood on reading an exemplary embodiment concerning a stream in MPEG-2 format. In this example, the invention highlights the integration of a descrambling module into a market decoder (Satellite or Terrestrial). This analysis / descrambling system is the counterpart of the analysis and scrambling system detailed above, since it performs the reverse operation of the latter. It shows to what extent the choice of the packaged elementary flow is suitable for processing in hardware platforms. In this preferred embodiment, but not limiting, the element (1) is the video stream to be scrambled, the module (2) is the analysis and scrambling module which receives an audio-visual stream in MPEG format as input. 2 TS or MPEG-2 ES, transforms said input stream into an MPEG-2 stream in PES format and generates two parts at its output different: the modified main stream, reconverted into TS format (31) after the substitution of certain PES packets, and additional information (51) of any format. The modified main stream (31) is stored in the buffer (3) of the server (4), then is sent in real time to the user via a high speed network (7) which can be for example of ADSL, cable or satellite. The additional information (51) is stored in the buffer (5), then is sent to the destination equipment (20) via a low speed transmission means.
(6) comme une ligne téléphonique classique, ou réseaux mobile GSM, GPRS, UMTS, ou encore un réseau à boucle locale filaire ou sans fil. Les réseaux (6) et (7) peuvent être confondus en un seul réseau, par exemple l'information complémentaire (51) est aussi envoyée via un réseau large bande (7) .(6) like a conventional telephone line, or GSM, GPRS, UMTS mobile networks, or even a wired or wireless local loop network. The networks (6) and (7) can be merged into a single network, for example the complementary information (51) is also sent via a broadband network (7).
L'élément (20) représente un boîtier décodeur pour une chaîne satellite par exemple. Le flux principal modifié (31) au format MPEG-2 TS arrive directement sur l'interface d'entrée (17) et transite via le bus (11) jusqu'au démultiplexeur (12). Le démultiplexeur (12) génère un flux élémentaire empaqueté (PES) et le renvoie sur le bus de données (11) pour être traité et/ou stocké. Dans une autre réalisation, le flux principal modifié à l'entrée du démultiplexeur (12), provient du disque dur (13) du boîtier décodeur. Selon une variante, le flux principal modifié (31) arrivant dans l'interface d'entrée (17) provient d'un disque dur externe (15) comme par exemple le disque dur d'un PC relié au boîtier décodeur (20) . Dans une autre réalisation, le flux principal modifié à l'entrée de l'interface (17), provient d'un support physique (CD, DVD ou autre élément de stockage) (71) gravé à la sortie du serveur (4) avec les informations du flux principal modifié (31) et transmis à un lecteur (18) externe. Avantageusement, le support physique (71) est lu par un lecteur (16) intégré dans le boîtier (20) .The element (20) represents a decoder box for a satellite channel for example. The main stream modified (31) in MPEG-2 TS format arrives directly at the input interface (17) and passes via the bus (11) to the demultiplexer (12). The demultiplexer (12) generates a packaged elementary stream (PES) and sends it back to the data bus (11) to be processed and / or stored. In another embodiment, the main stream modified at the input of the demultiplexer (12), comes from the hard disk (13) of the decoder unit. According to a variant, the modified main stream (31) arriving in the input interface (17) comes from an external hard disk (15) such as for example the hard disk of a PC connected to the decoder unit (20). In another embodiment, the main stream modified at the input of the interface (17), comes from a physical medium (CD, DVD or other storage element) (71) burned at the output of the server (4) with the information of the modified main stream (31) and transmitted to an external reader (18). Advantageously, the physical medium (71) is read by a reader (16) integrated in the housing (20).
Dans un autre exemple de réalisation, le flux principal modifié est d' abord traité par le démultiplexeur (12) puis stocké en format PES dans le disque dur (13) du boîtier décodeur. Avantageusement, le flux principal modifié es't préalablement stocké en format TS soit sur un disque dur (celui du boîtier décodeur (13) ou un disque dur externe (15) ) soit sur un support physique (CD, DVD) avant d'être démultiplexé. Afin de réaliser le désembrouillage, on envoie le flux principal modifié en format PES sur la mémoire de stockage temporaire (10) via le bus de transport (11) . L'information complémentaire (51) est alors transmise à la demande au boîtier décodeur (20) via le réseau (6) et après avoir transité par l'interface d'entrée (17) et le bus de donnée (11) , est stockée en partie dans la mémoire de stockage temporaire (10) .In another exemplary embodiment, the modified main stream is first processed by the demultiplexer (12) and then stored in PES format in the hard disk (13) of the decoder unit. Advantageously, the modified main stream are 't previously stored in TS format or on a hard disk (the set-top box (13) or an external hard disk drive (15)) on a physical support (CD, DVD) before being demultiplexed. In order to perform descrambling, the main stream modified in PES format is sent to the temporary storage memory (10) via the transport bus (11). The additional information (51) is then transmitted on request to the decoder unit (20) via the network (6) and after having passed through the input interface (17) and the data bus (11), is stored partly in the temporary storage memory (10).
Le dispositif de synthèse et de désembrouillage (8) récupère les parties du flux principal modifié (31) et de l'information complémentaire (51) stockés dans le module de stockage temporaire (10) et opère le désembrouillage en temps réel du flux principal modifié. L'information complémentaire (51) arrive en temps réel via le réseau (6), l'interface d'entrée (17) et le bus (11) au fur et à mesure que le dispositif de synthèse (8) en a besoin. La totalité de l'information complémentaire (51) n'est cependant jamais envoyée intégralement à l'utilisateur. Une fois le flux désembrouillé, le dispositif de synthèse (8) l'envoie au lecteur (9), qui le décode et l'achemine ensuite vers un module de visionnage et d'audition (14) de type écran de télévision.The synthesis and descrambling device (8) recovers the parts of the modified main stream (31) and of the additional information (51) stored in the temporary storage module (10) and operates the descrambling in real time of the modified main stream . The additional information (51) arrives in real time via the network (6), the input interface (17) and the bus (11) as and when the synthesis device (8) needs it. All of the additional information (51) is not however never fully sent to the user. Once the stream is descrambled, the synthesis device (8) sends it to the reader (9), which decodes it and then routes it to a viewing and hearing module (14) of the television screen type.
Décrivons maintenant un autre exemple de réalisation en détaillant les différentes étapes pour un utilisateur (20) .Let us now describe another exemplary embodiment, detailing the different steps for a user (20).
Le portail (4) a choisi le flux MPEG-2 TS (31) qu'il doit envoyer au boîtier décodeur (20) de l'utilisateur pour être regardé sur son écran de télévision (14) . Cet utilisateur est relié à un réseau numérique de diffusion (7) et à un réseau de télécommunication ADSL (6) . Le module d'analyse et d' embrouillage (2) du portail (4) lit donc le flux entrant MPEG-2 TS (1) ou MPEG-2 ES (1), le transforme en un flux MPEG-2 PES, analyse le contenu des paquets PES et à chaque fois qu' il détecte un paquet PES à modifier, le substitue avec un paquet PES « leurre », qui à la même taille que le paquet vidéo et audio substitué. A la différence avec l' audio dont les trames sont choisies de longueur constante, pour la vidéo, cette analyse lui permet de reconnaître dans le bitstream les unités d'accès à modifier en fonction de ce qu'elles contiennent : des trames I, P ou B. Le choix des paquets PES à modifier est effectué en fonction de la bande passante disponible pour l'information complémentaire (51) . Si le lien (6) est de faible débit, on substitue des paquets PES contenant des unités d'accès comportant des images B ou P, et si le lien (6) est de débit plus élevé, on substitue également certaines unités d'accès contenant des images I. Le contenu des paquets PES est substitué par des valeurs aléatoires sans changer leur taille, au sein du paquet PES, afin de rendre les trames (et par conséquent la séquence) non acceptables du point de vue de la perception visuelle et auditive humaine mais totalement conforme au standard du format de flux d'entrée (1). Les vrais paquets PES sont stockés dans le tampon de sortie (5) , qui permettra plus tard la reconstitution de la séquence de départ dans le boîtier (20), en suivant le schéma inverse.The portal (4) has chosen the MPEG-2 TS stream (31) which it must send to the user's set-top box (20) to be watched on its television screen (14). This user is connected to a digital broadcasting network (7) and to an ADSL telecommunications network (6). The analysis and scrambling module (2) of the portal (4) therefore reads the incoming MPEG-2 TS (1) or MPEG-2 ES (1) stream, transforms it into an MPEG-2 PES stream, analyzes the contents of PES packets and each time it detects a PES packet to be modified, substitutes it with a PES "decoy" packet, which is the same size as the substituted video and audio packet. Unlike audio, the frames of which are chosen to be of constant length, for video, this analysis allows it to recognize in the bitstream the access units to be modified according to what they contain: I, P frames or B. The choice of PES packets to be modified is made according to the bandwidth available for the additional information (51). If the link (6) is of low speed, one substitutes PES packets containing access units comprising B or P images, and if the link (6) is of higher speed, one also substitutes certain units of access containing images I. The content of the PES packets is replaced by random values without changing their size, within the PES packet, in order to make the frames (and therefore the sequence) not acceptable from the point of view of human visual and auditory perception but fully compliant with the standard of the input stream format (1). The real PES packets are stored in the output buffer (5), which will later allow the reconstitution of the starting sequence in the box (20), following the reverse diagram.
Le module d'analyse et d' embrouillage (2) inscrit alors chaque vrai paquet PES dans le tampon (5) et continue son analyse jusqu'à la fin du flux d'entrée MPEG-2, afin de sélectionner les paquets PES suivants à modifier. Selon une variante de cet exemple, le module d'analyse et d' embrouillage (2) inscrit de plus dans le tampon contenant l'information complémentaire (51) des informations permettant de localiser le paquet modifié dans le flux PES. Selon une autre variante, le module d'analyse et d' embrouillage (2) inscrit de plus dans le tampon contenant l'information complémentaire (51) des instructions et des données décrivant des modifications à effectuer sur les paquets PES qui suivent le paquet substitué.The analysis and scrambling module (2) then writes each true PES packet into the buffer (5) and continues its analysis until the end of the MPEG-2 input stream, in order to select the following PES packets to edit. According to a variant of this example, the analysis and scrambling module (2) also registers in the buffer containing the additional information (51) information making it possible to locate the modified packet in the PES stream. According to another variant, the analysis and scrambling module (2) also registers in the buffer containing the additional information (51) instructions and data describing modifications to be made on the PES packets which follow the substituted packet .
Le nouveau flux MPEG-2 modifié est alors converti en format MPEG-2 TS pour être diffusé sur le réseau de diffusion à travers la liaison (7) et enregistré dans le tampon de sortie (3) . Les paquets PES substitués du flux MPEG-2 entrant (1) sont mémorisés dans le tampon (5) du portail (4). Avantageusement, le nouveau flux MPΞG-2 modifié est converti en format MPEG-2 TS pour être enregistré sur un disque (71) de type CD ou DVD. Le CD ou DVD (71) ainsi créé sera lu au moment de la visualisation du flux, par le décodeur (20) via le lecteur interne (16) ou via le lecteur externe (18) .The new modified MPEG-2 stream is then converted into MPEG-2 TS format to be broadcast on the broadcasting network via the link (7) and recorded in the output buffer (3). The substituted PES packets of the incoming MPEG-2 stream (1) are stored in the buffer (5) of the portal (4). Advantageously, the new MPΞG-2 stream The modified file is converted into MPEG-2 TS format to be recorded on a disc (71) of CD or DVD type. The CD or DVD (71) thus created will be read at the time of viewing the stream, by the decoder (20) via the internal reader (16) or via the external reader (18).
En même temps ou plus tard, et par exemple de façon totalement non synchronisée, le flux de sortie MPEG-2 TS modifié en provenance du tampon de sortie (3) du portailAt the same time or later, and for example completely unsynchronized, the modified MPEG-2 TS output stream coming from the portal's output buffer (3)
(4) est diffusé via le réseau large bande (7) vers l'interface d'entrée (17) de l'utilisateur (20), et stocké, après démultiplexage, sur le disque dur (13) du boîtier décodeur au format PES. Avantageusement, le flux protégé MPEG-2 est diffusé vers un ensemble d'utilisateurs (20). La phase décrite ci-dessus correspond à la première phase de préparation du flux MPEG-2 par le portail (4) , à sa transmission via le réseau large bande (7) et à son enregistrement dans un décodeur (20) . Ce décodeur peut alors, après traitement, afficher ce flux MPEG-2 PES enregistré sur son disque dur (13) . Pour cela, le système de synthèse (8) du décodeur (20) lit le fichier MPEG-2 PES depuis son disque dur (13), et l'envoie vers un lecteur classique MPEG-2 (9) . Si aucune information complémentaire n'est reçue par le système de synthèse (8), alors le flux MPEG-2 PES qui parvient au lecteur (9) est traité, affiché et écouté tel quel, ce qui provoque une distorsion importante du son et de l'affichage sur le téléviseur (14) . En effet, les paquets PES modifiés qui sont traités par le module de synthèse (8) ne correspondent pas aux paquets PES qui sont nécessaires pour une visualisation et une audition correcte, puisque certains de ces paquets PES ont été substitués par des paquets à valeurs aléatoires. En revanche, comme le flux enregistré est bien un flux de type MPEG-2 PES, le lecteur (9) ne fait aucune différence et restitue les informations sur l'écran de sortie (14) qui apparaissent bien comme des données d'un flux audio/vidéo MPEG-2 PES mais totalement incohérentes pour l'œil et l'oreille de l'être humain qui regarde l'écran de télévision (14) et écoute le son. Toute copie du flux MPEG-2 TS en provenance du disque dur (13) du boîtier (20) produira le même effet audiovisuel lors de sa restitution par un lecteur MPEG-2 quelconque. Lorsque l'usager du décodeur(4) is broadcast via the broadband network (7) to the input interface (17) of the user (20), and stored, after demultiplexing, on the hard disk (13) of the set-top box in PES format . Advantageously, the protected MPEG-2 stream is broadcast to a set of users (20). The phase described above corresponds to the first phase of preparation of the MPEG-2 stream by the portal (4), its transmission via the broadband network (7) and its recording in a decoder (20). This decoder can then, after processing, display this MPEG-2 PES stream recorded on its hard disk (13). For this, the synthesis system (8) of the decoder (20) reads the MPEG-2 PES file from its hard disk (13), and sends it to a conventional MPEG-2 player (9). If no additional information is received by the synthesis system (8), then the MPEG-2 PES stream which reaches the player (9) is processed, displayed and listened to as is, which causes significant distortion of sound and the display on the television (14). Indeed, the modified PES packets which are processed by the synthesis module (8) do not correspond to the PES packets which are necessary for correct visualization and hearing, since some of these PES packets have been replaced by random value packets. On the other hand, as the recorded stream is indeed an MPEG-2 PES type stream, the reader (9) makes no difference and restores the information on the output screen (14) which appears well as data of a stream audio / video MPEG-2 PES but totally inconsistent for the eye and the ear of the human being who looks at the television screen (14) and listens to the sound. Any copy of the MPEG-2 TS stream coming from the hard disk (13) of the box (20) will produce the same audiovisual effect when it is reproduced by any MPEG-2 player. When the decoder user
(20) veut réellement visualiser sur son écran (14) le programme audiovisuel enregistré sur son disque dur (13) , il en fait la demande au système de synthèse (8) avec sa télécommande comme il le ferait avec un magnétoscope ou un lecteur de DVD présentant un menu sur son écran de télévision. Le module de synthèse (8) fait alors une requête au disque dur (13) et les données lues sont temporairement stockées dans le tampon d'entrée (10) . Le module de synthèse (8) établit alors une liaison avec le portail (4) via le réseau de télécommunication (6) qui est dans notre exemple une liaison ADSL. Une fois cette liaison établie, et pendant toute la durée de visualisation du film ou du programme audiovisuel, le module de synthèse (8) fait parvenir de la mémoire tampon(20) actually wants to view on its screen (14) the audiovisual program recorded on its hard disk (13), it requests it to the synthesis system (8) with its remote control as it would with a video recorder or a video player. DVD presenting a menu on its television screen. The synthesis module (8) then makes a request to the hard disk (13) and the data read is temporarily stored in the input buffer (10). The synthesis module (8) then establishes a link with the portal (4) via the telecommunications network (6) which is in our example an ADSL link. Once this connection has been established, and for the entire duration of viewing the film or the audiovisual program, the synthesis module (8) sends buffer memory
(5) du serveur (4) les paquets PES originaux à travers le tampon (10) où est enregistré temporairement le flux PES démultiplexé. Ces données parviennent au module de synthèse (8) via le bus interne au décodeur (11) . Le module de synthèse (8) identifie les paquets à modifier en utilisant les données de localisation contenues dans l'information complémentaire (51) .(5) from the server (4) the original PES packets through the buffer (10) where the demultiplexed PES stream is temporarily saved. This data reaches the synthesis module (8) via the internal bus at the decoder (11). The synthesis module (8) identifies the packages to be modified using the location data contained in the additional information (51).
Selon une variante, les paquets PES sont lus et leur localisation dans le flux est obtenue par la lecture de leur entête .According to a variant, the PES packets are read and their location in the stream is obtained by reading their header.
Selon un autre mode de réalisation l'information complémentaire contient, en plus des paquets PES originaux, des instructions sur des actions à effectuer sur les paquets à suivre, par exemple inversion de certains bits bien sélectionnés dans une partie des paquets qui suivent. A partir du flux MPEG-2 PES modifié qui parvient également du tampon (10) et à partir des paquets PES originaux qui parviennent via la liaison (6), le module de synthèse (8) reconstitue de façon inverse au processus d'analyse et d' embrouillage décrit précédemment, le flux MPEG-2 PES originel et envoie le flux MPEG-2 PES ainsi reconstitué vers le lecteur (9) pour être affiché sur l'écran (14) et joué correctement.According to another embodiment, the additional information contains, in addition to the original PES packets, instructions on actions to be performed on the packets to be followed, for example inversion of certain well-selected bits in a part of the packets which follow. From the modified MPEG-2 PES stream which also arrives from the buffer (10) and from the original PES packets which arrive via the link (6), the synthesis module (8) reconstitutes inversely the analysis process and scrambling described above, the original MPEG-2 PES stream and sends the thus reconstructed MPEG-2 PES stream to the player (9) to be displayed on the screen (14) and played correctly.
Avantageusement, dès leur utilisation, les paquets PES originaux provenant du portail (4) constituant ladite information complémentaire (5) sont effacés du système de synthèse (8) .Advantageously, as soon as they are used, the original PES packets originating from the portal (4) constituting said additional information (5) are deleted from the synthesis system (8).
Avantageusement, avant que le portail (4) n'envoie les paquets PES originaux et des données associées depuis son tampon (5) , le portail (4) a vérifié que l'utilisateur du boîtier (20) était bien autorisé à recevoir ladite information complémentaire .Advantageously, before the portal (4) sends the original PES packets and associated data from its buffer (5), the portal (4) has verified that the user of the box (20) is indeed authorized to receive said information complementary .
Avantageusement, le flux principal modifié (5) est passé directement via un réseau (7) à l'interface d'entrée (17), puis est transité à travers le bus (11) vers la mémoire tampon (10) et le module de synthèse (8) .Advantageously, the modified main stream (5) is passed directly via a network (7) to the input interface (17), then is passed through the bus (11) to the buffer memory (10) and the synthesis module (8).
Avantageusement, le flux principal modifié (31) est inscrit (enregistré) sur un support physique comme un disque de type CD-ROM, DVD, disque dur, carte à mémoire flash, etc. (71) . Le flux principal modifié (31) sera ensuite lu depuis le support physique (71) par le lecteur de disque (16) du boîtier (20) ou bien par le lecteur de disque externe (18) pour être transmis à la mémoire tampon de lecture (10) puis au module de synthèse (8) .Advantageously, the modified main stream (31) is written (recorded) on a physical medium such as a CD-ROM, DVD, hard disk, flash memory card, etc. (71). The modified main stream (31) will then be read from the physical medium (71) by the disk drive (16) of the housing (20) or by the external disk drive (18) to be transmitted to the read buffer (10) then to the synthesis module (8).
Avantageusement, l'information complémentaire (51) est enregistrée sur un support physique (52) de format carte de crédit, constitué par une carte à puce ou une carte à mémoire flash. Cette carte (52) sera lue par le module (17) du dispositif (20) qui comprend un lecteur de carte (61) .Advantageously, the additional information (51) is recorded on a physical medium (52) of credit card format, consisting of a smart card or a flash memory card. This card (52) will be read by the module (17) of the device (20) which includes a card reader (61).
Avantageusement, la carte (52) contient les applications et les algorithmes qui seront exécutés par le module de synthèse (20) .Advantageously, the card (52) contains the applications and the algorithms which will be executed by the synthesis module (20).
Avantageusement, le dispositif (20) est un système autonome, portable et mobile.Advantageously, the device (20) is an autonomous, portable and mobile system.
Cet exemple préféré de réalisation s'applique aux flux audiovisuels issus de la norme MPEG-2 et également à tous formats numériques normalisés ou standardisés comme MPEG-1, MPEG-4, H262, H264, ainsi qu'aux formats numériques générant des paquets de données privées, c'est-à-dire que le procédé de sécurisation s'applique à tous les formats numériques, par exemple mais pas uniquement, à ceux réglementés par la partie « Systèmes » de la norme MPEG-2 (ISO/CEI 13818-1). This preferred embodiment applies to audiovisual streams originating from the MPEG-2 standard and also to all normalized or standardized digital formats such as MPEG-1, MPEG-4, H262, H264, as well as to digital formats generating packets of private data, that is to say that the security process applies to all digital formats, for example but not only, to those regulated by the "Systems" part of the MPEG-2 standard (ISO / IEC 13818 -1).

Claims

REVENDICATIONS
1 - Procédé pour la distribution sécurisée de flux originel audiovisuels numérisés constitués de composantes audio, vidéo ou autres données, caractérisé en ce que ledit flux originel est un flux empaquetées dans des entités logiques, dites paquets, manipulables et de taille modulable, chaque paquet comportant une entête contenant des informations sur ledit paquet et une charge utile comportant une partie des données du flux, et en ce que l'on procède, avant la transmission à l'équipement client, à une analyse dudit flux empaqueté pour générer un flux principal conforme au format empaqueté du flux originel, modifié en ce que tout ou partie desdits paquets le constituant ont été substitués par des paquets de même structure, mais dont le contenu a été modifié, et une information complémentaire d'un format quelconque, apte à permettre la reconstruction dudit flux originel, puis à transmettre séparément ledit flux principal modifié et ladite information complémentaire ainsi générés depuis le serveur vers l'équipement destinataire.1 - Method for the secure distribution of original digital audiovisual streams consisting of audio, video or other data components, characterized in that said original stream is a stream packaged in logical entities, called packets, which can be manipulated and of modular size, each packet comprising a header containing information on said packet and a payload comprising part of the data of the stream, and in that one proceeds, before the transmission to the client equipment, to an analysis of said packaged stream to generate a main stream conforming in the packaged format of the original stream, modified in that all or part of the said packets constituting it have been replaced by packets of the same structure, but the content of which has been modified, and additional information of any format, capable of allowing the reconstruction of said original flow, then to transmit separately said modified main flow and said information thus generated from the server to the recipient equipment.
2 - Procédé pour la distribution sécurisée de flux audiovisuels numérisés selon la revendication 1, caractérisé en ce que lesdits paquets substitués contiennent des informations relatives à un ou plusieurs flux audio ou vidéo inclus dans le flux empaqueté.2 - Method for the secure distribution of digital audiovisual streams according to claim 1, characterized in that said substituted packets contain information relating to one or more audio or video streams included in the packaged stream.
3 - Procédé pour la distribution sécurisée de flux audiovisuels numérisés selon l'une des revendications précédentes, caractérisé en ce que ladite analyse du flux comporte une étape de sélection des paquets à substituer.3 - Method for the secure distribution of digital audiovisual streams according to one of claims above, characterized in that said analysis of the flow includes a step of selecting the packets to be substituted.
4 - Procédé pour la distribution sécurisée de flux audiovisuels numérisés selon l'une des revendications précédentes, caractérisé en ce que chaque paquet incorpore tout ou partie d'une (ou plusieurs) unité (s) d' accès .4 - Method for the secure distribution of digital audiovisual streams according to one of the preceding claims, characterized in that each packet incorporates all or part of one (or more) access unit (s).
5 - Procédé pour la distribution sécurisée de flux audiovisuels numérisés selon l'une des revendications précédentes, caractérisé en ce que ladite information complémentaire contient les paquets substitués issus du flux nominal originel .5 - Method for the secure distribution of digital audiovisual streams according to one of the preceding claims, characterized in that said additional information contains the substituted packets originating from the original nominal stream.
6 - Procédé pour la distribution sécurisée de flux audiovisuels numérisés selon l'une des revendications précédentes, caractérisé en ce que ladite information complémentaire contient les paquets représentant lesdites unités d'accès.6 - Method for the secure distribution of digital audiovisual streams according to one of the preceding claims, characterized in that said additional information contains packets representing said access units.
7 - Procédé pour la distribution sécurisée de flux audiovisuels numérisés selon l'une des revendications précédentes, caractérisé en ce que ladite information complémentaire comprend en outre des données de synchronisation contenant des références temporelles et de méta-données associées aux paquets modifiés ou substitués .7 - Method for the secure distribution of digital audiovisual streams according to one of the preceding claims, characterized in that said additional information also comprises synchronization data containing time references and metadata associated with the modified or substituted packets.
8 - Procédé pour la distribution sécurisée de flux audiovisuels numérisés, selon l'une des revendications précédentes, caractérisé en ce que ladite information complémentaire comprend en outre des instructions décrivant des actions à effectuer sur les paquets qui suivent le paquet traité .8 - Method for the secure distribution of digital audiovisual streams, according to one of claims above, characterized in that said additional information further comprises instructions describing actions to be carried out on the packets which follow the processed packet.
9 - Procédé pour la distribution sécurisée de flux audiovisuels numérisés, selon l'une des revendications précédentes, caractérisé en ce que les paquets utilisés pour substituer les paquets du flux originel sont choisis de sorte que ledit flux principal modifié a la même taille en octets que le flux originel.9 - Method for the secure distribution of digital audiovisual streams, according to one of the preceding claims, characterized in that the packets used to replace the packets of the original stream are chosen so that said modified main stream has the same size in bytes as the original flow.
10 - Procédé pour la distribution sécurisée de flux audiovisuels numérisés, selon l'une des revendications précédentes, caractérisé en ce que l'on calcule sur l'équipement destinataire une synthèse d'un flux au format nominal en fonction dudit flux principal modifié et de ladite information complémentaire.10 - Method for the secure distribution of digital audiovisual streams, according to one of the preceding claims, characterized in that a summary of a stream in nominal format is calculated on the recipient equipment as a function of said modified main stream and of said additional information.
11 - Procédé pour la distribution sécurisée de flux audiovisuels numérisés, selon l'une des revendications précédentes, caractérisé en ce que ledit flux originel à protéger est encodé selon une norme ou un standard propriétaire quelconque supportant le format empaqueté, comme par exemple les formats PES des normes MPEG-2 ou MPEG-4.11 - Method for the secure distribution of digital audiovisual streams, according to one of the preceding claims, characterized in that said original stream to be protected is encoded according to any standard or any proprietary standard supporting the packaged format, such as for example PES formats MPEG-2 or MPEG-4 standards.
12 - Equipement pour la fabrication d'un flux audiovisuel pour la mise en œuvre du procédé selon l'une des revendications de 1 à 11, comportant au moins un serveur multimédia contenant les séquences audiovisuelles originelles et caractérisé en ce qu'il comporte un dispositif d'analyse du flux audiovisuel provenant dudit serveur pour générer ledit flux principal modifié et ladite information complémentaire.12 - Equipment for the production of an audiovisual stream for the implementation of the method according to one of claims from 1 to 11, comprising at least one multimedia server containing the original audiovisual sequences and characterized in that it includes a device for analyzing the audiovisual stream from said server to generate said modified main stream and said additional information.
13 - Equipement pour l'exploitation d'un flux audiovisuel pour la mise en œuvre du procédé selon l'une des revendications 1 à 12, comprenant un lecteur standard de flux empaqueté, au moins une interface d'enregistrement (disque dur) destiné à stocker le contenu dudit flux principal modifié, au moins un élément décodeur traitant le format empaqueté et au moins une interface d'affichage et d'audition, caractérisé en ce qu' il comporte un moyen pour la recomposition du flux originel à partir dudit flux principal modifié et de ladite information complémentaire .13 - Equipment for the exploitation of an audiovisual stream for the implementation of the method according to one of claims 1 to 12, comprising a standard packaged stream player, at least one recording interface (hard disk) intended for storing the content of said modified main stream, at least one decoder element processing the packaged format and at least one display and hearing interface, characterized in that it includes a means for recomposing the original stream from said main stream modified and said additional information.
14 - Système pour la transmission d'un flux audiovisuel comprenant un équipement de production d'un flux audiovisuel selon le revendication 12, au moins un équipement d'exploitation d'un flux audiovisuel selon la revendication 13 et au moins un réseau de communication entre l'équipement de production et le (s) équipement (s) d'exploitation. 14 - System for the transmission of an audiovisual stream comprising equipment for producing an audiovisual stream according to claim 12, at least one equipment for operating an audiovisual stream according to claim 13 and at least one communication network between production equipment and operating equipment (s).
EP04760477A 2003-05-02 2004-04-30 Method and device for securing transmission, recording and viewing of digital audiovisual packet flows Withdrawn EP1621009A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FR0350139A FR2854530B1 (en) 2003-05-02 2003-05-02 METHOD AND DEVICE FOR SECURING THE TRANSMISSION, RECORDING AND VISUALIZATION OF DIGITAL AUDIOVISUAL EMPTY STREAMS
PCT/FR2004/050178 WO2004100532A1 (en) 2003-05-02 2004-04-30 Method and device for securing transmission, recording and viewing of digital audiovisual packet flows

Publications (1)

Publication Number Publication Date
EP1621009A1 true EP1621009A1 (en) 2006-02-01

Family

ID=33155681

Family Applications (1)

Application Number Title Priority Date Filing Date
EP04760477A Withdrawn EP1621009A1 (en) 2003-05-02 2004-04-30 Method and device for securing transmission, recording and viewing of digital audiovisual packet flows

Country Status (5)

Country Link
US (2) US7613181B2 (en)
EP (1) EP1621009A1 (en)
FR (1) FR2854530B1 (en)
MX (1) MXPA05011744A (en)
WO (1) WO2004100532A1 (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2849980B1 (en) * 2003-01-15 2005-04-08 Medialive METHOD FOR THE DISTRIBUTION OF VIDEO SEQUENCES, DECODER AND SYSTEM FOR THE IMPLEMENTATION OF THIS PRODUCT
FR2853786B1 (en) * 2003-04-11 2005-08-05 Medialive METHOD AND EQUIPMENT FOR DISTRIBUTING DIGITAL VIDEO PRODUCTS WITH A RESTRICTION OF CERTAIN AT LEAST REPRESENTATION AND REPRODUCTION RIGHTS
FR2898451B1 (en) * 2006-03-13 2008-05-09 Medialive METHOD AND EQUIPMENT FOR DISTRIBUTING DIGITAL AUDIOVISUAL CONTENT SECURED BY INTEROPERABLE SOLUTIONS
FR2909507B1 (en) * 2006-12-05 2009-05-22 Medialive Sa METHOD AND SYSTEM FOR THE SECURE DISTRIBUTION OF AUDIOVISUAL DATA BY TRANSACTIONAL MARKING
US8059210B2 (en) * 2007-08-24 2011-11-15 Lg Electronics, Inc. Digital broadcasting system and method of processing data in the digital broadcasting system
ES2611160T3 (en) * 2013-12-11 2017-05-05 Squadeo S.A.S. Apparatus and method for decoding compressed video
KR102138075B1 (en) 2014-01-09 2020-07-27 삼성전자주식회사 Method and apparatus for transceiving data packet for multimedia data in variable size
FR3067541A1 (en) * 2017-06-23 2018-12-14 Orange TRANSMITTING AND RECEIVING A DATA STREAM

Family Cites Families (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR0136460B1 (en) * 1994-12-24 1998-05-15 이헌조 Data interleaving method for a variable bit rate coding device
CN1912885B (en) * 1995-02-13 2010-12-22 英特特拉斯特技术公司 Systems and methods for secure transaction management and electronic rights protection
KR100203262B1 (en) * 1996-06-11 1999-06-15 윤종용 Interface device of video decoder for syncronization of picture
US5917830A (en) * 1996-10-18 1999-06-29 General Instrument Corporation Splicing compressed packetized digital video streams
KR100640117B1 (en) * 1998-06-30 2006-10-31 도꾜 브로드캐스팅 시스템, 인크. A terminal apparatus used for a digital broadcasting service, a controlling method thereof, and broadcasting apparatus
US6647202B1 (en) * 1998-07-30 2003-11-11 Matsushita Electric Industrial Co., Ltd. Video signal reproducing apparatus capable of reproducing bitstreams and video signal reproducing method
US6421720B2 (en) * 1998-10-28 2002-07-16 Cisco Technology, Inc. Codec-independent technique for modulating bandwidth in packet network
US6570926B1 (en) * 1999-02-25 2003-05-27 Telcordia Technologies, Inc. Active techniques for video transmission and playback
US6415031B1 (en) * 1999-03-12 2002-07-02 Diva Systems Corporation Selective and renewable encryption for secure distribution of video on-demand
AU2001275777A1 (en) * 2000-06-15 2001-12-24 France Telecom Video interfacing arrangement, distribution system and a method for transferringencoded video programs and sequences over a wide area network
FR2812147A1 (en) * 2000-07-19 2002-01-25 Innovatron Sa Method of security processing of data flow such as e.g. MP3 data stream by transmitting processes data stream back to external device that recombines of processes part with major fraction to produce flux of output information
US7933411B2 (en) * 2002-06-28 2011-04-26 Trident Microsystems (Far East) Ltd. Method of constructing MPEG program streams from encrypted MPEG transport streams
FR2845554B1 (en) * 2002-10-03 2004-11-26 Medialive DEVICE FOR SECURE TRANSMISSION OF HIGH QUALITY AUDIOVISUAL FILES
US7382969B2 (en) * 2003-02-19 2008-06-03 Sony Corporation Method and system for preventing the unauthorized copying of video content
US20040168185A1 (en) * 2003-02-24 2004-08-26 Dawson Thomas Patrick Multimedia network picture-in-picture
US7298741B2 (en) * 2003-02-27 2007-11-20 Sharp Laboratories Of America, Inc. Robust MPEG-2 multiplexing system and method using an adjustable time stamp
US20040181811A1 (en) * 2003-03-13 2004-09-16 Rakib Selim Shlomo Thin DOCSIS in-band management for interactive HFC service delivery
US7464171B2 (en) * 2004-10-01 2008-12-09 Microsoft Corporation Effective protection of computer data traffic in constrained resource scenarios

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO2004100532A1 *

Also Published As

Publication number Publication date
FR2854530A1 (en) 2004-11-05
US20100017498A1 (en) 2010-01-21
WO2004100532A1 (en) 2004-11-18
US7613181B2 (en) 2009-11-03
MXPA05011744A (en) 2006-03-30
US8270402B2 (en) 2012-09-18
US20060072559A1 (en) 2006-04-06
FR2854530B1 (en) 2005-07-22

Similar Documents

Publication Publication Date Title
FR2849567A1 (en) SECURE DEVICE FOR BROADCASTING, ACCESS, COPYING, RECORDING, ON-DEMAND VIEWING AND RIGHTS MANAGEMENT OF JPEG PHOTOGRAPHIC IMAGES
EP1477009B1 (en) Device for secure transmission recording and visualisation of audiovisual programmes
US8270402B2 (en) Process and device for securing the transmission, recording and viewing of digital audiovisual packetized streams
WO2005101836A1 (en) Method and system for the secure diffusion of protected audiovisual flows to a dynamic group of receivers
FR2835386A1 (en) DEVICE FOR SECURE BROADCASTING, CONDITIONAL ACCESS, CONTROLLED VIEWING, PRIVATE COPYING AND MANAGEMENT OF MPEG-4 AUDIOVISUAL CONTENT RIGHTS
EP1654875A2 (en) Distributed and secured method and system for protecting and distributing audio-visual flows
EP1470714B1 (en) Secure device that is used to process high-quality audiovisual works
EP1590959B1 (en) Secure equipment which is used, on request, to distribute, record and display audio-visual works with an mpeg-2 ts-type format
WO2004056114A1 (en) Synchronisation of secure audiovisual streams
FR2843517A1 (en) Scrambling system for audio-visual and multi-media data uses processor operating with data planes and vectors to scramble and decode data
EP1994718B2 (en) Method and device for distributing secure digital audiovisual contents by interoperable solutions
WO2005039098A1 (en) Secure distributed method and system for the distribution of audiovisual flows
FR2853786A1 (en) Digital video product e.g. DVD, audio visual content distribution process, involves transmitting selected video sequence with modified content, and registering personalized information that is complementary to selected sequence
EP1554879B1 (en) Device for the transformation of mpeg-2-type multimedia and audiovisual content into secure content of the same type
FR2846831A1 (en) Pseudo on-demand broadcast system, e.g. for video, transmitting information elements to all receivers for encrypted storage after filtering according to individual selection criteria
FR2845554A1 (en) DEVICE FOR SECURE TRANSMISSION OF HIGH QUALITY AUDIOVISUAL FILES
FR3001352A1 (en) Method for recording and playing broadcast digital service received in scrambled form by e.g. digital TV, involves generating replacement table, transferring output stream including table, and recording stream to host equipment
WO2013093846A1 (en) Method for broadcasting digital data

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20051102

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LI LU MC NL PL PT RO SE SI SK TR

DAX Request for extension of the european patent (deleted)
STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20071031