KR20150004997A - Authenticating method in external storage device - Google Patents

Authenticating method in external storage device Download PDF

Info

Publication number
KR20150004997A
KR20150004997A KR1020130078052A KR20130078052A KR20150004997A KR 20150004997 A KR20150004997 A KR 20150004997A KR 1020130078052 A KR1020130078052 A KR 1020130078052A KR 20130078052 A KR20130078052 A KR 20130078052A KR 20150004997 A KR20150004997 A KR 20150004997A
Authority
KR
South Korea
Prior art keywords
input
host
authentication information
storage device
connection state
Prior art date
Application number
KR1020130078052A
Other languages
Korean (ko)
Inventor
최성열
Original Assignee
(주)휴맥스
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by (주)휴맥스 filed Critical (주)휴맥스
Priority to KR1020130078052A priority Critical patent/KR20150004997A/en
Publication of KR20150004997A publication Critical patent/KR20150004997A/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F13/00Interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
    • G06F13/14Handling requests for interconnection or transfer
    • G06F13/20Handling requests for interconnection or transfer for access to input/output bus
    • G06F13/22Handling requests for interconnection or transfer for access to input/output bus using successive scanning, e.g. polling
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F13/00Interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
    • G06F13/38Information transfer, e.g. on bus
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC

Abstract

The present invention relates to an external storage device verification method. According to an embodiment of the present invention, the verification information corresponding to the connection status of multiple I/O ports can be transmitted to a host, and the data provided from the host can be recorded in a storage medium and be read from the storage medium to be provided to the host. The verification information is determined by a serial number based on the connection status of the I/O ports or can be generated by the sequence of the digits in the serial number. The values determined by the connection status of the I/O ports are encrypted by a hash algorithm to generate the verification information. Accordingly, the present invention can set the identification information needed for the verification in the external storage device without additional works of connecting to a separate device or performing a program for downloading the serial number. The present invention can also easily detect the connection status of the I/O ports to easily verify the validity of the external storage device.

Description

[0001] The present invention relates to an authentication method in an external storage device,

The present invention relates to an authentication method in an external storage device connected to a broadcast receiver.

Various types of digital broadcasting services such as terrestrial broadcasting, satellite broadcasting, cable broadcasting, and the like are provided, and channels and contents that can be viewed through these various types of broadcasting are increasing, and a set-top box Broadcast receivers such as televisions and the like are becoming popular.

Also, a set-top box having a PVR (Personal Video Recording) function is widely popularized so that a user can record a desired broadcast program on a large-capacity storage medium such as a hard disk and watch it at a desired time.

However, in the case of a set-top box of a low-cost model which can select and reproduce only a channel provided through broadcast without a PvEr function, a Universal Serial Bus (USB), an E-SATA Such as an external hard disk, via an input / output interface, such as an External-Serial Advanced Technology Attachment (SCSI) or a Small Computer Small Interface (SCSI).

When the broadcast content received by the set-top box is stored in the external hard disk, the set-top box must communicate with the external hard disk in order to recognize and connect with the valid hard disk, Software algorithms are used.

In order for an external storage connected to a set top box (STB) to execute a software algorithm required for authentication, a microprocessor (u-Processor) included in an external storage device for storing a hard disk (HDD) The memory of the external storage device must store a serial number corresponding to the password or unique information of the external storage device.

However, in order to download the serial number, the external storage device containing the external hard disk requires an additional work or process of connecting to a predetermined device and executing a program for downloading an allowable serial number, thereby causing an increase in cost do.

Accordingly, it is an object of the present invention to provide an effective method for authenticating an external storage medium connected to realize a PVR function in a broadcast receiver.

It is another object of the present invention to provide a method for generating unique information for determining whether or not to authenticate a device in an external storage device connected to a broadcast receiver for a PVR function.

According to another aspect of the present invention, there is provided an authentication method in an external storage device, the authentication method comprising: transmitting authentication information corresponding to connection states of a plurality of input / output ports to a connected host; And writing the data provided from the host to a storage medium or reading data from the storage medium and providing the data to the host.

In one embodiment, the connection state of each of the input / output ports may be a high state connected to a power source through a pull-up resistor and a low state connected to a ground through a pull-down resistor, and the authentication information may be a connection state of the plurality of input / Lt; / RTI >

In one embodiment, the authentication information may be generated by changing the order of numbers constituting the serial number based on the connection states of the plurality of input / output ports.

In one embodiment, the connection state of each of the input / output ports is a high state connected to a power source through a pull-up resistor and a low state connected to a ground through a pull-down resistor, and a value determined by a connection state of the plurality of input / Can be encrypted using a predetermined method, for example, a hash function, to generate the authentication information.

In one embodiment, the encryption key transmitted from the host may be applied to the hash function to generate the authentication information from a value determined by the connection state of the plurality of input / output ports.

In one embodiment, the connection state of the plurality of input / output ports can be confirmed when external power is applied to the external storage device or when a host is connected and power is applied.

According to another aspect of the present invention, there is provided a storage apparatus comprising: an interface unit for connecting to a host; A storage unit including a storage medium; And a processor for controlling the interface unit to be connected to a host for data exchange and controlling the storage unit to record data transmitted from the host to the storage medium or to read data from the storage medium and transmit the data to a connected host The processor generates authentication information corresponding to a connection state of a plurality of input / output ports and transmits the generated authentication information to a connected host.

Accordingly, the unique information necessary for authentication can be set in the external storage device without additional operation of connecting to a separate device or executing a program for downloading the serial number.

Also, the validity of the external storage device can be easily verified through the detection of the connection state of the input / output port.

1 illustrates a state in which an external hard disk having a serial number is connected to a broadcast receiver through an interface,
2 shows a configuration of a broadcast receiver for storing contents on an external hard disk via an interface or reproducing contents stored on an external hard disk,
FIG. 3 illustrates a message output by a broadcast receiver that records / reproduces content through an external storage device according to a user's content recording request,
4 illustrates a configuration of an external storage device that manages a serial number through a connection state of an input / output port,
Fig. 5 shows an embodiment for encrypting serial numbers read through a port,
FIG. 6 shows a message output by a broadcast receiver that records / reproduces contents through an external storage device when an unauthorized external storage device is connected.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS Hereinafter, embodiments of a method for authenticating an external storage device in a broadcast receiver according to the present invention will be described in detail with reference to the accompanying drawings.

A broadcast receiver capable of storing contents to be downloaded or streamed through a broadcast program or a network has been introduced. However, in the case of a broadcast receiver having no function of storing a broadcast program or contents, the broadcast receiver can be connected to an external storage device connected via a data transmission / An operation of storing the content and reproducing the content stored in the external storage device can be performed.

2 shows a configuration of a broadcast receiver for storing contents on an external hard disk via an interface or for reproducing contents stored on an external hard disk. The broadcast receiver of FIG. 2 includes terrestrial broadcasting, satellite broadcasting, cable broadcasting, IP A set-top box or a television receiving digital broadcasting such as broadcasting.

2 includes a broadcast receiving unit 110, a network unit 120, a processing unit 130, a graphic generating unit 140, an input unit 150, an interface unit 160, and a control unit 170 And the like.

The broadcast receiving unit 110 may receive one or more of terrestrial broadcast, satellite broadcast, and cable broadcast, and may include a tuner, a demodulator, a demultiplexer, a parser, a buffer memory, and the like for broadcast reception.

The tuner tunes the signal band selected by the user in a broadcast signal (e.g., terrestrial, cable or satellite broadcast signal) received through a connected RF signal line, for example, a coaxial cable, and transmits the quadrature phase shift Demodulates a digital signal modulated by a Quadrature Amplitude Modulation (QAM), a Vestigial Sideband (VSB) or an Orthogonal Frequency Division Multiplexing (OFDM) scheme, outputs the digital signal as a digital stream, Demodulates and outputs the digital stream.

The demultiplexer selects and outputs a transport packet for transporting video, audio, subtitle data, management information (for example, PSI) belonging to a single selected program among the transport streams of the multiplexed program in the output digital stream The reason information for selectively outputting only the transport stream corresponding to one program in the digital stream by the demultiplexer is program specific information (PSI) acquired and delivered from the corresponding tuning channel before the selective output of the transport stream, (PAT, PMT, etc.).

The parser removes the transport packets of each transport stream applied from the demultiplexer, collects only the payload data, and outputs the transport packets in a form of PES packet to the buffer memory in the form of video, audio, subtitle, or the like.

The buffer memory temporarily stores PES packets or the like, which are classified and output through the parser, by classifying the PES packets by type (e.g., video, audio, subtitle, etc.) with reference to the header information of the PES packet.

The network unit 120 is connected to an external content providing server to perform a function of receiving a content desired by the user or additional information related to a broadcast program received through the broadcast receiving unit 110, And transmitting output data that is signal-processed and reproduced through the processing unit 130 to a TV or a speaker that is responsible for an output of the device, and is capable of communicating with another device connected to the home network or controlling another device It is also possible to perform a function of exchanging control signals.

The processing unit 130 stores PES packets of broadcast programs divided into areas in the buffer memory of the broadcast receiver 110 or contents received through the network unit 120 and divided into small units and buffered Decodes it through the corresponding internal decoding module to restore it to an original A / V (audio / video) signal and output it to an output device connected by wire or wireless.

The graphic generator 140 may generate a menu that displays a text or a picture of information related to a broadcast receiver or may change a setting of a broadcast receiver or may generate a message to guide a response according to a user's request A video signal such as a generated screen, a menu, or a message and a video signal output from the processing unit 130 are superimposed over a mixer to provide an electronic apparatus having a normal screen output function, for example, It is displayed visually through TV, monitor, and so on.

The input unit 150 may be a keyboard, a mouse, a key pad, a touch pad, a touch screen, or a pair of a remote control and a remote control receiver for receiving a request or setting of a user related to content reception and reproduction of a broadcast receiver .

The interface unit 160 may include a connection terminal for data transmission / reception of USB, SCSI, E-SATA, Firewire, etc., and a controller for controlling the flow of data through the connection terminal. Data can be transmitted and received.

The control unit 170 controls each component constituting the broadcast receiver so that a reproduction signal of a broadcasting signal or a content is outputted to a TV screen and a speaker according to a request of a user and / or a set condition (Not shown) that provides a space for storing data necessary for a control operation, environment setting, or a process to be executed, and can execute hardware codes such as firmware, And an operating system (not shown) for performing appropriate signaling and / or information exchange with the resources.

The operation of the controller 170 or the operation of the application executed thereby may be performed by a suitable intermediary operation of the operating system (for example, the components of FIG. 2 and the particular functions provided by the operating system, , Communication with the outside, confirmation of the hardware status, and operation by requesting a timer, etc.), and a description of the intermediary operation is omitted.

The configuration of the broadcast receiver 100 illustrated in FIG. 2 may be configured integrally with the TV, or may be configured in the form of a computer or a device added to the notebook computer. The controller 170 receives a request from a user through a normal user interface, such as a keypad, a remote controller, a touch pad, etc., and controls the graphic generator 140, if necessary, A video signal for guiding a response can be outputted. The output video signal is visually expressed through an electronic device having a normal screen output function, for example, a TV, a monitor, or the like.

The configuration of the broadcast receiver illustrated in FIG. 2 is merely an example for showing a specific and illustrative description of the present invention, and may further include various functional elements not shown. However, a broadcasting receiver that embodies the concepts and subject matter of the present invention by embodying the concepts and subject matter of the present invention, which is illustratively described below, even if it further includes unillustrated components, or by executing separate applications, It is to be understood that they fall within the scope of the present invention unless they are excluded from the interpretation.

Meanwhile, when a recording request for a broadcast program or a content to be downloaded or streamed is received from the user through the input unit 150, the controller 170 does not include a storage device in the broadcast receiver, If the external storage device is not connected, it checks the graphics generation unit 140 to check whether the external storage device is connected through the external storage device 160. If the external storage device is not connected, And output it.

When the user connects an external storage device containing a high-capacity hard disk or a solid state disk (SSD) to a broadcast receiver through a USB, SCSI, E-SATA or FireWire interface, the controller 170 controls the broadcast receiver 110 Or a content streamed from an external server connected via a network may be stored in an external storage device connected through the interface unit 160. [ The controller 170 controls the processing unit 130 and the interface unit 160 to reproduce contents stored in the connected external storage device.

The operator who provides the broadcasting receiver tries to protect the copyright by using only the product certified by the management company as an external storage device for storing the broadcasting program or the contents and recording the broadcasting program or the contents. To this end, the broadcast receiver performs a procedure for confirming whether the external storage device connected when the external storage device is connected through the interface unit 160 is an authorized product.

To this end, the external storage device must store or include the authentication number or unique information of the product authenticated by the management company providing the broadcast receiver in the device. Conventionally, a serial number required for authentication has to be stored in a built-in memory of a microprocessor. Therefore, a separate process for embedding a unique serial number in the built-in memory was required after the process of assembling the device for each external storage device.

In the present invention, in the process of assembling the external storage device without additional process, the corresponding device is identified by a hardware method and unique information necessary for authentication is embedded in the device. In a case where a plurality of input / output ports So that the microprocessor can recognize the unique information.

The input / output port of the microprocessor included in the external storage device is connected to the power supply through a pull-up resistor and connected to the ground through a pull-down resistor or a high- (Low) state, so that n-bit data can be expressed through n input / output ports. The external storage device may read unique information corresponding to the connection state of the input / output port of the microprocessor, and may transmit the unique information to a connected broadcast receiver by processing it in a predetermined manner.

4 illustrates a configuration of an external storage device that manages a serial number through a connection state of an input / output port.

The external storage device 200 includes an interface unit 210 for connecting to a host device such as a broadcast receiver through USB, SCSI, E-SATA, FireWire, etc., and a storage medium of a large capacity such as a hard disk or a solid state disk The controller 220 controls the storage unit 220 and the interface unit 210 to connect to a host such as a broadcasting receiver to exchange data and to control the storage unit 220 to store content data transmitted from a broadcasting receiver, And a microprocessor 230 for reading contents data from the input unit 220 and transmitting the contents data to a connected broadcasting receiver. The microprocessor 230 may include n input ports or input / output ports 235 may be provided.

When the external power is supplied to the external storage device or the broadcasting receiver is connected to the external storage device through the interface part 210 and the power is applied, the microprocessor 230 connects the n input ports or the input / output ports 235 And can confirm the serial number or the unique number of the external storage device.

When the input port or the input / output port 235 is connected to the power supply through the pull-up resistor, data 1 is set to the high state and data 0 is set to the low state when it is connected to the ground via the pull- The bit data can be determined by the serial number.

The connection state of the input port or the input / output port (235) is such that one end is connected to the pull-up resistor and the other end is connected to the pull-down resistor. You can adjust the connection status of each port by operating the connected switch.

When the broadcasting receiver is connected, the microprocessor 230 can transmit the serial number or the unique number previously confirmed to the broadcasting receiver connected through the interface 210. The microprocessor 230 can transmit the confirmed serial number as it is, It is possible to change the order of the numbers constituting the serial number determined from the connection state of the input / output port and transmit the serial number, or to encrypt the serial number by a predetermined method without transferring the serial number as it is.

5 illustrates an embodiment of encrypting a serial number read through an input / output port. The microprocessor 230 may use one of various encryption functions including a unidirectional and stable hash function, n it may generate a verification code (Authenticating code) of a predetermined number of bits of ports serial number (P 0 ~ P n) of n bits received through, to generate the verification code, the encryption key from the connected TV receiver And may apply the hash function based on the reception.

The microprocessor 230 receives a request for transmission of an authentication code from a broadcast receiver connected through the interface 210 and generates a verification code by encrypting the serial number identified from the connection state of the input / output port 235 with a hash function To the broadcast receiver through the interface unit 210.

When the external storage device 200 is connected to the interface unit 160, the broadcast receiver 100 may request the transmission of the authentication code so as to check whether the connected external storage device is an authorized product, , And if the authentication code is transmitted from the external storage device, the authentication of the external storage device can be confirmed based on the encryption key and the authentication code transmitted to the external storage device.

The control unit 170 of the broadcast receiver 100 controls the graphic generation unit 140 so that the authentication code is not transmitted from the external storage device or the authentication code transmitted from the external storage device fails to authenticate the genuine product, It is possible to generate and output an image including a message that the external storage device is not an authenticated external storage device as shown in FIG.

When authenticating the external storage device from the authentication code, the controller 170 can transmit a packet that constitutes the broadcast program or the content requested by the user to the external storage device. At this time, the control unit 170 performs encryption processing on the data to be transmitted to the external storage device Or scramble processing can be performed. This is to prevent a broadcast program or contents stored in the external storage device from being reproduced by a device other than the broadcast receiver.

When authenticating the external storage device from the authentication code, the controller 170 checks the list of the broadcast programs or contents stored in the connected external storage device, and displays the list screen through the graphic generator 140 And transmits the data to the external storage device by requesting the external storage device to play back the content requested to be reproduced in the list screen, and decrypts and processes the received data through the processing unit 130 and outputs it as an audio / video signal .

It will be apparent to those skilled in the art that various modifications and variations can be made in the present invention without departing from the spirit or scope of the invention as defined in the appended claims. Addition or the like.

100: broadcast receiver 110: broadcast receiver
120: network unit 130:
140: graphic generation unit 150: input unit
160: interface unit 170: control unit
200: external storage device 210: interface part
220: storage unit 230: microprocessor
235: I / O port

Claims (12)

Transmitting authentication information corresponding to connection states of a plurality of input / output ports to a connected host; And
And writing the data provided from the host to a storage medium or reading data from the storage medium and providing the data to the host. The method according to claim 1,
The connection state of each of the input / output ports may be a high state connected to a power source through a pull-up resistor and a low state connected to a ground through a pull-down resistor, and the authentication information may be a serial number according to a connection state of the plurality of input / The authentication method comprising the steps of: 3. The method of claim 2,
Wherein the authentication information generating unit generates the authentication information by changing the order of the numbers constituting the serial number based on the connection states of the plurality of input / output ports. The method according to claim 1,
The connection state of each of the input / output ports may be a high state connected to a power source through a pull-up resistor and a low state connected to a ground through a pull-down resistor, and a value determined by a connection state of the plurality of input / And generates the authentication information by encrypting the authentication information. 5. The method of claim 4,
Wherein the predetermined method uses a hash function. 6. The method of claim 5,
Wherein the authentication information is generated from a value determined by a connection state of the plurality of input / output ports by applying an encryption key transmitted from the host to the hash function. The method according to claim 1,
Wherein the connection state of the plurality of input / output ports is checked when external power is applied to the external storage device or when a host is connected and power is applied. An interface unit for connecting to a host;
A storage unit including a storage medium; And
And a processor for controlling the interface unit to connect to a host for data exchange and controlling the storage unit to record data transmitted from the host to the storage medium or to read data from the storage medium and transmit the read data to a connected host, Respectively,
Wherein the processor generates authentication information corresponding to a connection state of a plurality of input / output ports and transmits the generated authentication information to a connected host. 9. The method of claim 8,
The connection state of each input / output port is a high state connected to a power supply through a pull-up resistor and a low state connected to a ground through a pull-down resistor,
Wherein the processor generates the authentication information with a serial number based on a connection state of the plurality of input / output ports, or generates an authentication information by changing a sequence of numbers constituting the serial number. 9. The method of claim 8,
The connection state of each input / output port is a high state connected to a power supply through a pull-up resistor and a low state connected to a ground through a pull-down resistor,
Wherein the processor generates the authentication information by encrypting a value determined by a connection state of the plurality of input / output ports using a hash function. 11. The method of claim 10,
Wherein the processor generates the authentication information by applying an encryption key transmitted from the host to the hash function. 9. The method of claim 8,
Wherein the processor checks a connection state of the plurality of input / output ports when external power is applied to the storage device or when a host is connected and power is applied.
KR1020130078052A 2013-07-03 2013-07-03 Authenticating method in external storage device KR20150004997A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020130078052A KR20150004997A (en) 2013-07-03 2013-07-03 Authenticating method in external storage device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020130078052A KR20150004997A (en) 2013-07-03 2013-07-03 Authenticating method in external storage device

Publications (1)

Publication Number Publication Date
KR20150004997A true KR20150004997A (en) 2015-01-14

Family

ID=52476950

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020130078052A KR20150004997A (en) 2013-07-03 2013-07-03 Authenticating method in external storage device

Country Status (1)

Country Link
KR (1) KR20150004997A (en)

Similar Documents

Publication Publication Date Title
US10848806B2 (en) Technique for securely communicating programming content
US8208630B2 (en) Encryption and utilization of hard drive content
US8130965B2 (en) Retrieval and transfer of encrypted hard drive content from DVR set-top boxes to a content transcription device
KR101776630B1 (en) Digital broadcast receiver and booting method of digital broadcast receiver
US7602913B2 (en) Retrieval and transfer of encrypted hard drive content from DVR set-top box utilizing second DVR set-top box
KR101705010B1 (en) Processing recordable content in a stream
JPWO2004086235A1 (en) Revocation information transmission method, reception method and apparatus
US9058837B2 (en) Method and apparatus for managing contents
KR100926910B1 (en) Method and system for providing multi room based on downloadable conditional access system
JP4314986B2 (en) Recording / reproducing apparatus and recording / reproducing method
US7752462B2 (en) Content output apparatus, content output method and content acquisition apparatus
US9165122B2 (en) Content reproducing device, content reproducing method, and content reproducing system
US20090144549A1 (en) Copyright protection processing apparatus and copyright protection processing method
US20140029747A1 (en) System and method for transcoding content
KR20150004997A (en) Authenticating method in external storage device
KR101927435B1 (en) Electronic apparatus and control method thereof
CN101630519A (en) IP streaming copy control method and system
KR100745280B1 (en) Safe apparatus and method for broadcasting contents
KR100708194B1 (en) Method and apparatus for encrypting and transmitting contents based on the capability of contents reproducing apparatus, method of receiving encrypted contents on contents reproducing apparatus based on the capability of the apparatus, and the contents reproducing apparatus
KR100950596B1 (en) Broadcasting receiving apparatus based on downloadable conditional access system and method for reinforcing security thereof
KR20130048047A (en) Method for processing two or more scrambled contents in broadcast receiver
JP2007013401A (en) Decoding apparatus, decoding method, encrypting apparatus, encrypting method, and computer program

Legal Events

Date Code Title Description
A201 Request for examination
WITB Written withdrawal of application