Classifications

• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
  • H04N7/00—Television systems
  • H04N7/16—Analogue secrecy systems; Analogue subscription systems
  • H04N7/162—Authorising the user terminal, e.g. by paying; Registering the use of a subscription channel, e.g. billing
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06F—ELECTRIC DIGITAL DATA PROCESSING
  • G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
  • G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04H—BROADCAST COMMUNICATION
  • H04H60/00—Arrangements for broadcast applications with a direct linking to broadcast information or broadcast space-time; Broadcast-related systems
  • H04H60/09—Arrangements for device control with a direct linkage to broadcast information or to broadcast space-time; Arrangements for control of broadcast-related services
  • H04H60/14—Arrangements for conditional access to broadcast information or to broadcast-related services
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04H—BROADCAST COMMUNICATION
  • H04H60/00—Arrangements for broadcast applications with a direct linking to broadcast information or broadcast space-time; Broadcast-related systems
  • H04H60/68—Systems specially adapted for using specific information, e.g. geographical or meteorological information
  • H04H60/72—Systems specially adapted for using specific information, e.g. geographical or meteorological information using electronic programme guides [EPG]
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
  • H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
  • H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
  • H04N21/25—Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
  • H04N21/266—Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
  • H04N21/26606—Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel for generating or managing entitlement messages, e.g. Entitlement Control Message [ECM] or Entitlement Management Message [EMM]
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
  • H04N7/00—Television systems
  • H04N7/16—Analogue secrecy systems; Analogue subscription systems
  • H04N7/167—Systems rendering the television signal unintelligible and subsequently intelligible
  • H04N7/1675—Providing digital key or authorisation information for generation or regeneration of the scrambling sequence

Definitions

• the invention relates to controlling access to content in a conditional access content transmission system.
• a conditional access system access to content is subject to verification of one or more access criteria: these must be satisfied to allow access to the content.
• Many digital television or radio systems are "conditional access" systems.
• DVB Digital Video Broadcasting
• conditional access system defined in the DVB framework relies on the following components: the content is encrypted, with a secret encryption and decryption key called "control word” [Word Control] and an encryption algorithm; the "control word”, in encrypted form, and the access criterion or criteria for the content are transmitted to the user terminal in a control message called "ECM” ( ⁇ ntitlement Control Mes sage); the encryption key of the control word, in encrypted form, as well as the information necessary for managing the rights of the user, are transmitted to the user terminal in a management message called "EMM" ( ⁇ ntitlement Management Message); .
• ECM secret encryption and decryption key
• the access criteria to the content may include: a valid subscription criterion to the television channel transmitting the content for the current period; an age criterion, for example having a criterion of belonging to a geographical area or a socio-professional category, a cost criterion, subordinating access to the content to a debit of a wallet pre-akmented, etc.
• a removable access module such as a smart card, stores the rights of the user provided by the received EMM message (s).
• the access card When receiving the content, and in order to authorize the decryption of the content, the access card checks whether the access criterion or criteria transported in the received ECM messages are satisfied, compared with the stored user rights. in the map. If the check is positive, the access card decrypts the control word, provides the decrypted control word to the terminal which can then decrypt the content.
• US20020129249 describes such a mechanism for transmitting to a receiving terminal a content accompanied by an ECM message and checking by a card connected to the terminal of the access criterion or criteria to the content relative to the right of the user.
• the verification of access criteria and decryption of the control word are performed by the access card, also called access control card, inserted into the terminal, as the content and ECM messages are received. associates.
• the access card also called access control card
• the user may wish to check whether he has the rights to access this content.
• an electronic guide of services or "Service Guide Electronic (ESG)” or “Electronic Program (me) Guide (EPG)” or Interactive Program (me) Guide (IPG) "An electronic guide to services is a guide to television or radio programs containing information relating to programs that are being broadcast or that are scheduled to be broadcast later, intended to be displayed on a connected screen.
• ESG Service Guide Electronic
• EPG Electronic Program (me) Guide
• IPG Interactive Program (me) Guide
• the terminal When the terminal accesses the electronic guide, it may in particular consult, among the data of the electronic guide, the criteria for access to the programs and / or services presented by the electronic guide. These access criteria, normally corresponding to those contained in the ECMs, are in a data format specific to the electronic guide. Different electronic guides can use different data formats. From these access criteria, the terminal can view rights stored in its access card. For this purpose, it sends a request for consultation to the access card, then compares the rights provided by the access card in response to the consultation request to the access criteria provided by the electronic guide. At the end of this comparison, the terminal informs the user of the possibilities of access to the services and / or programs presented by the electronic guide. Thus, to allow the user to know the possibilities he has to access the programs and / or services presented by the electronic guide, it is necessary to provide in the terminal specific software means for comparing the rights of the terminal stored in the map and access criteria in the program guide.
• One of the aims of the invention is to overcome disadvantages of the state of the art.
• the invention relates to a method for controlling access to a content intended to be received by a terminal synchronously with an access control message, said second control message, specific to said content and containing at least a criterion for access to the content, characterized in that it comprises - following the reception by the data terminal of an electronic guide of services relating to the content, a step of obtaining a control message of access, said first control message, own auditing content and containing at least one criterion for access to the content, in the electronic guide data, said at least one access criterion present in the first access control message being identical auditing at least one access criterion present in the second control message; a step of transmitting the first access control message obtained in the electronic guide data to an access module associated with the terminal with an access verification request; an access verification step, during which, upon receipt of the access verification request, the access module checks whether the at least one access criterion to the content present in the first control message of access, obtained in the data of the electronic guide, is satisfied by rights of
• the receiving terminal obtains an access control message, or ECM, specific to the content in the data of the electronic guide. It submits this message to an access module, for example an access smart card, with an access verification request.
• This access verification request is independent of access to the content itself. In particular, it can be submitted to the card prior to access to the content.
• the request triggers an access verification operation in the card: the access module compares the access criterion or criteria contained in the control message with terminal rights stored in the access module. Once the verification is done, the access module directly sends a response message to the terminal indicating whether the latter has the ability to access the content, without triggering other operations to access access to the content.
• the access data relating to a content, transmitted in the electronic guide comprises a content access control message, having a format identical to that of the access control messages intended to be broadcast synchronously with this content.
• the analysis of the access data of the electronic guide can be performed by the access module adapted to process the access control messages broadcast synchronously with the content, using a function Access module access verification standard.
• the terminal does not need to be provided with additional processing means to check, regardless of access to the content, if the criteria or access to the content are verified.
• the invention makes it possible to simplify the verification of the criterion or criteria for access to a content before the reception of this content, by direct submission of the control message retrieved in the electronic guide to the access module which, by its role, includes already a function of verification of the criteria of access.
• the first access control message conveyed by the electronic guide and the second access control message or messages intended to be broadcast synchronously with the content are generated from the same access criterion or criteria. Thanks to this, the Access verification performed on the basis of the control message obtained in the electronic guide is very reliable.
• the second access control message carrying a decryption key of said content in encrypted form contains a false key decryption key. content in encrypted form.
• said access verification request is a simple access verification request, without decryption of the key contained in the first control message in the case of positive verification.
• the access module upon receipt of the specific request for simple access verification, the access module only checks the access criteria or the content, without decryption of the key present in the message in the case where the verification is positive.
• the access control message obtained in the electronic guide data contains only the at least one criterion for accessing the content.
• the access control message obtained in the electronic guide does not contain a decryption key, or "control word”, in encrypted form, the verification of the access criteria or access to the content by the access module n ' is not followed by a decryption operation of the key.
• the invention also relates to a terminal for receiving content through a conditional access system, comprising - means for linking to an access module able to check at least one access criterion present in an access control message content-specific means for synchronously receiving a content and at least one access control message, said second control message, own audit content and containing at least one access criterion to the content, - means for transmitting the second access control message to the access module with a request for access to the content; client means for managing an electronic service guide, arranged to receive electronic service guide data, characterized in that said electronic guide management client means are arranged to obtain in the electronic guide data received a message of access control, said first access control message, own audit content and containing at least one content access criterion identical to that present in the second message, and to control the transmission to the access module of said first message control with an access verification request.
• FIG. 1 represents a schematic view of the system of the invention; according to a particular embodiment;
• FIG. 2 represents a flowchart of the steps of the content access control method, according to a particular embodiment of the invention,
• FIG. 3 represents a functional block diagram of the receiver terminal, according to a particular embodiment of the invention.
• FIG. 4 shows a functional block diagram of the electronic guide provider, according to a particular embodiment of the invention,
• FIG. 1 represents a schematic view of the system of the invention; according to a particular embodiment
• FIG. 2 represents a flowchart of the steps of the content access control method, according to a particular embodiment of the invention
• FIG. 3 represents a functional block diagram of the receiver terminal, according to a particular embodiment of the invention.
• FIG. 4 shows a functional block diagram of the electronic guide provider, according to a particular embodiment of the invention,
• the system of the invention is a conditional access digital television system provided with an electronic program guide service, or ESG (Electronic Guided Service) or EPG (Electrovenu Program (m ⁇ ng) Guide) It allows the transmission of content, here programs of television channels, and provide information on these contents, using the electronic guide With reference to FIG.
• the system of the invention comprises a service provider 110, an encryption device 120, a content transmission device 130, a conditional access message provider 140 and a guide provider
• the service provider 110 is connected to and adapted to cooperate with the encryption device 120, the conditional access message provider 140, and the electronic guide provider 150.
• the service provider 110 is connected to and adapted to cooperate with the encryption device 120. stores content corresponding to programs of a plurality of television channels, as well as information relating to these contents: broadcast schedules, title, genre, theme, access point (s), etc.
• the encryption device 120 is connected to and adapted to cooperate with the service provider 110, the transmission device 130 and the conditional access message provider 140.
• the contents to be transmitted are transmitted by the service provider 110 to the device
• the encryption device 120 In operation, in known manner, for transmitting a content to one or more user receiving terminals, the encryption device 120 generates a succession of keys, called control words or
• CW Control Word
• Controller Word which are secret keys for encryption and decryption. It encrypts the successive data of the content using the successive control words and supplies each generated control word to the conditional access message provider. 140, with an access control ECM message request.
• conditional access message provider 140 The purpose of the conditional access message provider 140 is to generate access control messages, or ECM, specific to contents.
• the conditional access message provider 140 comprises the following functional and / or structural elements: a reception module 142, adapted to receive requests for generation of ECM, these queries possibly coming from the provider of service 1 10 or the encryption device 120, and containing, for a given content, the access criteria or criteria for this content and a control word; a memory 144 for storing received information relating to the contents (access criterion and control word), an ECM access control message generation module 146, intended to generate an ECM on receipt of a request to generate a message.
• ECM a sending module 147, connected to the ECM generation module, arranged to transmit the ECMs generated on request to the transmitter of the ECM generation request, that is to say either to the service provider 110 either to the encryption device 120.
• ECMi first access control message
• ECM2 second access control messages
• the first control message, noted ECMi is intended to be transmitted to the electronic guide provider 150, here via the service provider 110, and the second control messages, noted ECM2, are intended to be transmitted to one or several receiving terminals synchronously with the transmission of the content, as will be explained below.
• the corresponding ECMi and EC] MB messages that is to say, specific to the same content, have the same format and contain the same criteria
• the role of an ECM message associated with a content is only to transport the access criteria or criteria to the content in question.
• an ECM message also contains a control word of any kind, corresponding to a false control word, incapable of decrypting data of the corresponding content.
• the ECMi message could also not contain a control word.
• the conditional access message provider 140 comprises a central control unit, not shown, arranged to control the operation of the various elements of the provider 140.
• the transmission device 130 connected to and adapted to cooperate with the encryption device 120, has the function of transmitting to user receiving terminals, synchronously, contents encrypted by the encryption device 120 and the second successive ECM2 access control messages associated.
• the synchronization between the transmission of a content-specific ECM2 carrying a control word used to encrypt part of the content data and the transmission of this part of the content data consists in transmitting I ⁇ CM2 repeatedly and regularly. during a period of time slightly offset from the period of time during which the corresponding portion of the content is transmitted, the transmission period of the ECM starting slightly before that of transmission of the corresponding part of the content.
• the service electronic guide provider 150 has the role of transmitting to receiving terminals electronic guide data, or ESG data, denoted "data ESG” in the figures, containing information relating to the content (broadcast schedule, title, theme, genre, access criteria, etc.). This information is transmitted to the electronic guide provider 150 by the service provider 110. Referring to FIG.
• the electronic guide provider 150 comprises a first reception module 152, adapted to receive information relating to the contents and transmitted by the service provider 110, a module 154 for generating the electronic guide, arranged to process the information and messages received by the module 152 in order to generate ESG data in a particular ESG format, a communication interface module 156, acting as an interface with receiving terminals to provide them with the electronic guide; the interface module 156 being in particular arranged to transmit data from the electronic guide to the terminals, upon requests thereof.
• the information relating to a given content, received by the reception module 152 from the service provider 110 contains the aforementioned information - time and duration of transmission, title, genre, theme, access point (s), etc. ..
• the generation module 154 is arranged to insert the ECMi access control message received, associated with this content, into the ESG data, and more specifically into the access data of the ESG data. , relating to the content, without modifying the message ECMi.
• the ESG provider 150 comprises a central control unit, not shown, arranged to control the operation of the various elements of the supplier 150.
• FIG. 1 also shows a receiver terminal 160.
• the receiver terminal 160 is connected to the electronic guide provider 150 and to the transmission device 130 via a data transmission system 100.
• the user terminal 160 is a digital television receiver, also called “Set Top Box” or "decoder
• the terminal 160 is here connected to a residential gateway 190, by a first interface module 161, and to a television 200 having a screen, by a second interface module 162.
• the gateway 190 has the role of to connect the transmission system 100 and a home network including the terminal 160, the TV 200 and possibly other equipment not shown
• the terminal 160 comprises a first interface module 161 arranged to receive and transmit data through the transmission system 100, via the gateway 190.
• the interface module 161 is notably for receiving content data, EMM management messages, ECM control messages, and ESG data.
• the terminal 160 includes a second module 162 for interfacing with the television 200.
• the interface module 162 is arranged in particular for converting data, such as decrypted data of content or ESG data, into a format usable by the television. 200 and transmit them to this one. It is also adapted to receive user commands from the television 200, for example to navigate and select functions in the electronic guide.
• the terminal 160 also comprises an ESG module 163, a content decoding module 165, a housing 167 for receiving a removable access module 170, in this case a smart card, and means 164 for linking with the access module 170.
• the ESG module 163 is an electronic service guide management client module. It is arranged to access the electronic guide proposed by the ESG provider 150, to receive data from the electronic guide, treat them and / or have them displayed on the TV screen and allow a user to navigate the guide and to select functions or options from the guide. In operation, this ESG module
• the ESG module 163 receives data from the electronic guide from the ESG provider 150, processes and transmits them to the second interface module 162 for display on the TV screen 200. It also manages the navigation and selection of functions in the electronic guide on a user's orders.
• the ESG module 163 is arranged for, in the case where the ESG data received by the terminal 160 contain an ECMi message for controlling access to a given content, extracting this ECMi from the received ESG data and submitting it to the access card 170, here with a simple access verification request.
• simple access verification is meant that it is a request to trigger a simple access check, without decryption of the control word present in the message ECMi in case of verification of positive access.
• the access card 170 comprises the following elements. link interface means 171 with the terminal 160, a memory 172 for storing the rights of the terminal, a module 173 for verifying EMM or ECM message signatures, a module 174 for verifying the access point (s) for access to a content, ⁇ resent (s) in an ECM, a control word decryption module 175, a rights management module 176 of the terminal.
• the access card 170 comprises a central control unit 177 to which all the above elements are connected and arranged to control the operation of these elements.
• the module 173 is arranged to check the signature of the ECM and EMM messages received by the terminal 160 and supplied to the access card 170.
• the memory 172 serves to store the rights of the terminal 160, provided by EMM management messages received by the terminal 160.
• the module 174 is arranged to check whether the access criterion or criteria present in a received message ECM, specific to a content, are satisfied in view of the rights stored in the memory 172.
• the verification of an access criterion present in An ECM control message received by the terminal 160 consists in comparing this access criterion with the rights of the terminal 160 stored in the memory 172 of the card 170, in order to check whether the terminal 160 has sufficient rights to access the content.
• the module 174 is arranged to, on receiving a content-specific access control message accompanied by a simple access verification request, perform only a verification the access criterion present in the control message, without decryption of the control word in case of positive verification, as will be explained later in the description of the method.
• the decryption module 175 is arranged to decrypt a control word contained in an ECM control message received with an ECM processing request, if the verification of the access criterion (s) contained in this ECM is positive.
• the control word once deciphered, is transmitted by the access card 170 to the terminal 160 for use by the decryption module 165 to decrypt data of the corresponding content.
• the management module 176 is designed to manage the rights stored in the card, in particular to store new rights provided by EMM messages received by the terminal and to consume access rights, or access tokens, stored in the memory 172, in case of access to a content subordinate to the consumption of tokens.
• the different elements of the terminal 160 described above include both hardware and software resources.
• the invention therefore also relates to a computer program for the terminal 160 comprising software instructions for controlling the execution of those of the steps of the access control method described hereinafter which are implemented by the terminal, when the program is executed by a processor.
• the invention also relates to a data carrier on which this computer program is stored.
• the different elements of the access module 170 include both hardware and software means.
• the invention therefore also relates to a computer program for the access module 170 comprising software instructions for controlling the execution of those steps of the access control method described below which are implemented by the module access, when the program is executed by a processor.
• the invention also relates to a data carrier on which this computer program is stored.
• the method comprises a plurality of preliminary configuration steps E (Hi to E 0 ,
• the conditional access message provider 140 receives from the service provider 110, denoted SP in FIG. 2, a message request RQn of access control for the content C.
• the request RQo is accompanied by the content access criteria C, denoted CrA, and a false control word noted CWt.
• the term "false” means that it is a control word of any kind, which does not make it possible to decipher the content C.
• the access criteria to the content C include a subscription condition to the television channel having programmed the transmission of the content C and the flow of a quantity Access token data. Of course, other access criteria relating to content C could be provided.
• conditional access message provider 140 in response to the request RQo, the conditional access message provider 140 generates a first access control message ECMi specific to the content C and transmits it to the service provider SP 140.
• the message control ECMi contains the access criteria CrA to the content C and the false control word CWf in encrypted form.
• the configuration step Eo i can be performed prior to the broadcast of the associated content C.
• the service provider SP 110 transmits to the ESG provider 150, noted "ESG Pr" on FIG. 2, information relating to the content C (broadcast times, title, theme, summary, etc.) as well as the message ECMi received, which contains the access criteria CrA and the false control word CWt in encrypted form.
• the ESG provider 150 converts the received information relating to the content C into electronic guide data in a given ESG format and inserts the message ECMi, without format modification, in the data. of the electronic guide relating to the content C, and more specifically in the access data relating to the content C.
• the conditional access message provider 140 transmits the control message ECMi relating to the content C directly to the ESG provider 150.
• the terminal 160 can check the conditions of access to the content C, in other words control access to the content C, at any time, independently of access to the content itself, including before the transmission. content C, as explained below.
• the terminal 160 accesses the electronic services guide and receives data from the electronic guide.
• the terminal 160 navigates in the electronic guide to access information relating to to the content C then, in a menu, selects an access verification function proposed by the electronic guide.
• a step E2 on selecting the content access verification function C, the terminal 160 sends the electronic guide provider 150 a request to obtain access data relating to the content C, denoted by REQi.
• the terminal 160 receives access data from the electronic guide relating to the content C, transmitted by the electronic guide provider 150 through the transmission system 100.
• the access data received contain the control message ECMi relating to the content C.
• the control message ECMi which carries the criteria CrA for access to the content C, is transmitted to the terminal 160 by the electronic guide provider 150, in the data of the electronic guide.
• a step E4 after receiving the ESG access data relating to the content C, the terminal 160 obtains in the received ESG data the control message ECMi and transmits it to the access card 170 denoted "Access Card "in Figure 2, with an access verification request, denoted REQ2.
• the REQ2 request is a simple access verification request. In other words, it is a specific request to trigger only a verification of access to the content C by the card, regardless of access to the content itself, without decryption of the control word present in ECMi in case positive verification.
• the access card 170 first checks the signature ⁇ ECMi message in a step E5, before controlling the execution of the access verification operation E6.
• the access module 174 of the access card 170 performs a rights verification operation, from the control message ECMi received .
• the module 174 compares the CrA access criteria contained in the ECMi message to the rights of the terminal 160 stored by the memory 172 of the card 170.
• the content access CrA CrA criteria here comprise a subscription criteria and a amount of tokens to consume to access the content.
• the access module 174 simply checks that the terminal 160 benefits from the required subscription, as compared with the rights stored in the memory 172 of the card 170, and the number of access tokens stored in memory 172 of the card is greater than or equal to the amount of tokens required to access the content, indicated in the content access criteria present in ECM].
• step E7 the method goes directly to a step E7 of transmitting a response message to the request REQ2 by the card 170 to the terminal 160.
• the positive access check is not followed by a decryption of the control word present in the ECMi message.
• the operation of checking the access to the content C triggered from the ECMi message obtained in the electronic guide is thus not accompanied by any modification of the card 170, in particular any bit rate in the memory 172.
• the access verification carried out on the basis of the control message ECMi obtained in the data of the electronic guide is carried out independently of the access to the content by the terminal. It can in particular be carried out prior to access to the content. that is, upon reception of the content by the terminal.
• step E7 the access card 170 transmits to the terminal 160 a message
• step E6 If the verification performed in step E6 is positive, that is, if the rights of the terminal 160 stored in the card 170 are sufficient to satisfy the CrA access criteria present in ECMi, the response message RESP contains the indication that the terminal 160 has the possibility of accessing the content C. If the verification carried out in the step E6 is negative, in other words if the terminal 160 does not have the rights to satisfy the access criterion CrA, the response message RESP contains the indication that the terminal 160 does not have the possibility to access the content C.
• the card 170 which verifies the criterion of access to the content C, and not the terminal 160, from a control message ECMi carries in the data of the electronic guide, by using its verification function. access. No related treatment the verification of the criterion of access to the content is therefore necessary in the terminal 160
• the terminal 160 controls the display of the response of the card 170 to the screen of the television 200, through the interface module 162, to inform the user.
• the transmission of the content C is programmed during a predetermined time slot, defined by a start time and an end time. During this time slot, the service provider 110 controls the transmission of the content C to the receiving terminal 7, and possibly to other receiving terminals.
• the encryption device 120 which generates the successive control words CW 1 used to encrypt the data of the content C, transmits each of these control words to the conditional access message provider 140 with an access control message request.
• conditional access message provider 140 in response to the access control message requests, the conditional access message provider 140 generates a succession of second content-specific control messages C, of respective indices, denoted ECMa ,,.
• a second ECMa control message ,! of index i contains the access criteria to the content C, previously transmitted by the service provider 1 10, and the control word CW 1 index i in encrypted form.
• ECMa control messages 1 are successively transmitted to the receiver terminal 7, synchronously, with the transmission of the content in encrypted form C More precisely, a control message specific to the content C of index, denoted ECM,,,, containing the index control word i CWi, used to encrypt a set of data D 1 , is transmitted synchronously with the transmission of these data D, content C (here substantially before and during).
• ECM a control message specific to the content C of index
• i CWi index control word
• the block 210 represents the CrA criteria for access to the content C itself represented by the block 211. From the same CrA access criteria 210, the first access control message ECMi (block 213) and the second messages control
• Block 212A represents the false control word CWt, which is inserted in ECMi.
• Block 212B represents the successive control words CWi used to encrypt the content C to obtain the content C (block 215) and inserted in the control messages ECM21.
• the ESG data, containing the ECMi message, is represented by block 216.
• the ESG data 216 carrying ECMi are transmitted to the terminal 160 and analyzed by the ESG module 163 of the terminal.
• the ESG module 163 extracts the ECMi control message from the ESG data and submits it to the card 170 with a simple access verification request.
• the submission of ECMi to the card 170 is represented by the arrow 218.
• the card 170 checks the CrA access criteria and, in response to the request 218, indicates to the terminal 160 whether the access is authorized or not (arrow 220 ).
• the messages ECM21 214 and the encrypted content C, represented by the block 217 are transmitted to the terminal 160 synchronously.
• the decryption module 165 of the terminal 160 submits the ECM messages,! received on the card 170 with a request for access to the received content C
• the card 170 checks the access criteria and, in the case of positive verification, debits here the tokens required for access to the content and decrypts the control word CW , contained in ECM21. Then the card 170 transmits a response to the terminal 160 (arrow 221). If the check is positive, the response indicates that access to the content is allowed and contains the decrypted CWi control word. If the check is negative, the response indicates that access to the content is not allowed.
• the first ECMi access control message conveyed in the electronic guide data contains a false control word and is submitted to the card 170 by the terminal 160 with a specific request for verification.
• the first ECMi control message contains only the access criteria to the content, without a control word.
• the conditional access message provider is arranged to receive a request to generate an access control message ECMi without a control word and, in response to this request, generate a message ECMi without a word. control, containing only the criteria or criteria for accessing the associated content. After extracting the ECMi message from the electronic guide data, the terminal 160 submits it to the card with a standard ECM processing request.
• the card Upon receipt of the request and the ECMi message without a control word, the card verifies the signature of the ECMi then checks whether the access criteria or content are satisfied by the rights stored in the card. If the verification of the access criterion or criteria is positive, this verification is not followed by a decryption operation of a control word since the ECMi does not contain a control word.

Landscapes

• Engineering & Computer Science (AREA)
• Signal Processing (AREA)
• Multimedia (AREA)
• Computer Security & Cryptography (AREA)
• Theoretical Computer Science (AREA)
• Software Systems (AREA)
• Technology Law (AREA)
• Computer Hardware Design (AREA)
• Physics & Mathematics (AREA)
• General Engineering & Computer Science (AREA)
• General Physics & Mathematics (AREA)
• Databases & Information Systems (AREA)
• Storage Device Security (AREA)

Applications Claiming Priority (2)

Publications (1)

Family

ID=40512268

Family Applications (1)

Country Status (2)

Families Citing this family (1)

Family Cites Families (3)

• 2009
  • 2009-08-28 WO PCT/FR2009/051640 patent/WO2010037940A1/fr active Application Filing
  • 2009-08-28 EP EP09740501A patent/EP2345247A1/de not_active Withdrawn

Non-Patent Citations (1)

Also Published As

Similar Documents

Legal Events