US20080022411A1 - Method for local conditional access for mobile equipments - Google Patents
Method for local conditional access for mobile equipments Download PDFInfo
- Publication number
- US20080022411A1 US20080022411A1 US11/431,535 US43153506A US2008022411A1 US 20080022411 A1 US20080022411 A1 US 20080022411A1 US 43153506 A US43153506 A US 43153506A US 2008022411 A1 US2008022411 A1 US 2008022411A1
- Authority
- US
- United States
- Prior art keywords
- mobile
- network
- key
- local
- control
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N7/00—Television systems
- H04N7/16—Analogue secrecy systems; Analogue subscription systems
- H04N7/167—Systems rendering the television signal unintelligible and subsequently intelligible
- H04N7/1675—Providing digital key or authorisation information for generation or regeneration of the scrambling sequence
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04H—BROADCAST COMMUNICATION
- H04H60/00—Arrangements for broadcast applications with a direct linking to broadcast information or broadcast space-time; Broadcast-related systems
- H04H60/09—Arrangements for device control with a direct linkage to broadcast information or to broadcast space-time; Arrangements for control of broadcast-related services
- H04H60/14—Arrangements for conditional access to broadcast information or to broadcast-related services
- H04H60/23—Arrangements for conditional access to broadcast information or to broadcast-related services using cryptography, e.g. encryption, authentication, key distribution
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/25—Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
- H04N21/258—Client or end-user data management, e.g. managing client capabilities, user preferences or demographics, processing of multiple end-users preferences to derive collaborative data
- H04N21/25808—Management of client data
- H04N21/25841—Management of client data involving the geographical location of the client
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/25—Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
- H04N21/266—Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
- H04N21/26606—Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel for generating or managing entitlement messages, e.g. Entitlement Control Message [ECM] or Entitlement Management Message [EMM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/25—Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
- H04N21/266—Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
- H04N21/26606—Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel for generating or managing entitlement messages, e.g. Entitlement Control Message [ECM] or Entitlement Management Message [EMM]
- H04N21/26609—Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel for generating or managing entitlement messages, e.g. Entitlement Control Message [ECM] or Entitlement Management Message [EMM] using retrofitting techniques, e.g. by re-encrypting the control words used for pre-encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/41—Structure of client; Structure of client peripherals
- H04N21/414—Specialised client platforms, e.g. receiver in car or embedded in a mobile appliance
- H04N21/41407—Specialised client platforms, e.g. receiver in car or embedded in a mobile appliance embedded in a portable device, e.g. video client on a mobile phone, PDA, laptop
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/41—Structure of client; Structure of client peripherals
- H04N21/422—Input-only peripherals, i.e. input devices connected to specially adapted client devices, e.g. global positioning system [GPS]
- H04N21/42202—Input-only peripherals, i.e. input devices connected to specially adapted client devices, e.g. global positioning system [GPS] environmental sensors, e.g. for detecting temperature, luminosity, pressure, earthquakes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/43—Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
- H04N21/44—Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream, rendering scenes according to MPEG-4 scene graphs
- H04N21/4405—Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream, rendering scenes according to MPEG-4 scene graphs involving video stream decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/43—Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
- H04N21/442—Monitoring of processes or resources, e.g. detecting the failure of a recording device, monitoring the downstream bandwidth, the number of times a movie has been viewed, the storage space available from the internal hard disk
- H04N21/44236—Monitoring of piracy processes or activities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/60—Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client
- H04N21/63—Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
- H04N21/643—Communication protocols
- H04N21/64315—DVB-H
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04H—BROADCAST COMMUNICATION
- H04H60/00—Arrangements for broadcast applications with a direct linking to broadcast information or broadcast space-time; Broadcast-related systems
- H04H60/35—Arrangements for identifying or recognising characteristics with a direct linkage to broadcast information or to broadcast space-time, e.g. for identifying broadcast stations or for identifying users
- H04H60/49—Arrangements for identifying or recognising characteristics with a direct linkage to broadcast information or to broadcast space-time, e.g. for identifying broadcast stations or for identifying users for identifying locations
- H04H60/50—Arrangements for identifying or recognising characteristics with a direct linkage to broadcast information or to broadcast space-time, e.g. for identifying broadcast stations or for identifying users for identifying locations of broadcast or relay stations
Definitions
- the invention concerns the domain of conditional access to a digital data stream broadcasted through a wireless channel and received by a plurality of mobile equipments, such as, for example, mobile telephones, PDAs (Personal Digital Assistants), portable digital television receivers or a portable computers.
- mobile equipments such as, for example, mobile telephones, PDAs (Personal Digital Assistants), portable digital television receivers or a portable computers.
- the broadcasted data is encrypted and can be received in plain text only by authorized equipment when the user has acquired the necessary rights.
- rights stored in a security module associated to the mobile equipment, consist of a set of keys that allow the decryption of the control words contained in control messages ECM (Entitlement Control Message) broadcasted in the audio data/video stream.
- ECM Entitlement Control Message
- a security module is considered as a tamper-proof device containing different encryption/decryption keys, information serving to identify a user on a network and the data that defines the rights purchased by the user for reception of a broadcasted content.
- the security module can take different forms such as a removable smart card inserted into a reader, an integrated circuit soldered onto a mother board or a card of the SIM type (Subscriber Identity Module) that is installed in the majority of mobile equipments.
- SIM type Subscriber Identity Module
- DVB technology has been designed to standardize digital television decoders (set top boxes) with the objective of reducing their costs at large scale. It standardizes the elements involved at the level of conditional access to the content broadcasted in MPEG-2 or MPEG-4 format for mobile television on the Internet. These elements consist of the encryption algorithm of the broadcasted content, the control messages ECM containing the decryption keys or control words, the management messages EMM containing the rights of the users and the interface between the decoder and the security module managing conditional access.
- DVB-H mobile television the protection of the content is developed by the group DVB-CBMS (Digital Video Broadcasting-Convergence of Broadcast and Mobile Services).
- Standardization does not extend neither to the content with added value of the ECM and EMM messages, nor to the protection method of the latter.
- Each conditional access supplier uses its own data structure and its own protection means for a broadcasted content. Therefore, DVB technology offers numerous possibilities for the development of the security of the content.
- control messages ECM In DVB technology, the discovery of one or several control words contained in the control messages ECM allows the decryption of the stream without having to acquire a subscription or pay for the pay-per-view broadcasted programs. This piracy causes damage that affects both the content supplier as well as the supplier of conditional access.
- the document WO2004084555 describes an access method using a mobile telephone with information services broadcasted via a first communication channel to a receiver device. This method includes the following steps:
- the reception of access control data via a second channel independent of the channel for broadcasting controlled access services certainly allows the improvement of the protection of this data against piracy, but not limiting the extent of the effects of a possible discovery of the decryption keys or of means for their production.
- the aim of the present invention is to provide countermeasure means in the event of piracy independently of the type of mobile equipment and at a relatively low cost. These means act on the protection elements that are not related to the standardization and that are preferably adjustable by the conditional access provider.
- Another aim is to limit the damaging effects of a possible piracy to a number as reduced as possible of mobile equipments.
- the method stands out by the use of a cryptogram containing, for example, localization information of the mobile equipment.
- the access to the data of the stream is thus only authorized to mobile equipments situated in a given geographic area.
- the broadcasted stream consists of the content encrypted by control words and control messages.
- the latter each contain control words resulting from the encryption of the original control words with a local key.
- Each mobile equipment is first connected to a mobile network of the GSM (Global System for Mobile Communications) or UMTS (Universal Mobile Telecommunications System) type or another through which it is located by the management center.
- the mobile equipment receives from this center a cryptogram containing a local identifier corresponding to that of the nearest network cell to its geographical position.
- This cryptogram transmitted to the security module of the equipment allows the determination of one or more local keys that are defined as functions of the local identifier.
- the mobile equipment gets this function and/or its parameters, via management messages EMM that it can receive, for example, from the management center when connected to the GSM or UMTS mobile network.
- management messages EMM that it can receive, for example, from the management center when connected to the GSM or UMTS mobile network.
- SMS short message SMS
- post or telephone call for instance, would be an alternative for obtaining this function.
- the cryptogram can be formed, for example, by carrying out a XOR function (OR exclusive) on the identifier of the cell, according to a simple embodiment. According to an embodiment with a higher security level, a cryptographic function using a random number combined with the identifier of the cell transmitted by the mobile network can be used.
- a XOR function OR exclusive
- a set of local keys can be determined from only one received cryptogram allowing the decryption of the controls words from different cells.
- This cryptogram contains, for example, a chain of local keys corresponding to consecutive cells.
- control messages ECM broadcasted in the stream specific to a given region because they contain control words that can only be decrypted by a local key that is determined from parameters specific to a mobile network of a given place.
- the control words are extracted.
- the local key determined thanks to the received cryptogram, allows determining the original control words for decrypting the content broadcasted on the condition to have the necessary rights in the security module.
- FIG. 2 shows a block diagram of the encryption of the control word of a control message with a local key and the encryption of a control message with a transmission key.
- FIG. 3 shows a schematized example of broadcasting areas of emitters of the broadcasting network and cells of the mobile network inside these broadcasting areas.
- a stream of digital data forming a content (C) encrypted with control words (CW) is broadcasted with control messages ECM.
- This digital data can also comprise audio/video data of television programs as well as data relating to applications that can be operated by a mobile equipment.
- a server of a conditional access supplier (CA) is connected to a server of an operator (OP) managing a broadcasting network (NET 1 ) and a mobile network (NET 2 ).
- the operator (OP) broadcasts on the broadcasting network (NET 1 ) the content (C) encrypted with the control words CW as well as the ECM messages containing a control word CW′ encrypted with a local key (KL 1 , KL 2 ).
- This local key is specific to the geographic location of the emitter (E 1 , E 2 ) of the broadcasting network such as a district, a town or a region.
- the access supplier (CA) broadcasts management messages EMM that define the access rights to the content according to the user's purchases as a subscription or a pre-payment of selected programs.
- the mobile equipments EM 1 , EM 2 are connected respectively to the broadcasting network (NET 1 ) and to the mobile network (NET 2 ).
- the broadcasting network (NET 1 ) provides the encrypted content while the mobile network (NET 2 ) provides the parameters necessary for the reception of the content (C).
- the broadcasting network (NET 1 ) can be, for example, of the DVB-H type where the content is broadcasted through a radio channel by a local emitter (E 1 , E 2 ), the mobile network (NET 2 ) will be of the GSM or UMTS type for example, also allowing communications with the management center (CG) of the operator (OP), (see FIG. 1 ).
- the emitters (E 1 , E 2 ) of the broadcasting network (NET 1 ) broadcast the digital data in a unidirectional way towards the mobile equipment (EM 1 , EM 2 ) while the data of the mobile network (NET 2 ) flows in a bidirectional way between the mobile equipment (EM 1 , EM 2 ) and the management center (CG).
- the mobile equipments can move from one cell of the mobile network (NET 2 ) towards another maintaining the possibility of receiving the data broadcasted by either of the emitters of the broadcasting network (NET 1 ).
- FIG. 3 shows this type of situation where cells (C 1 -C 10 -Cn) of the mobile network (NET 2 ) form meshes that extend over one or more broadcasting areas (Z 1 , Z 2 , Z 3 ) of the emitters (E 1 , E 2 , E 3 ) of the network (NET 1 ).
- a mobile equipment When a mobile equipment is moved, for example, from the first broadcasting area (Z 1 ) towards the third broadcasting area (Z 3 ), it can receive a set of keys corresponding to the cells that it traverses, for example the keys of cells C 1 to C 7 of the illustrated example.
- the mobile equipment receives a local key each time it enters into a cell during its displacement.
- the mobile equipment can receive as many keys as the number of broadcasting areas covered by the cell.
- the cell (C 4 ) extends over the three broadcasting areas (Z 1 , Z 2 , Z 3 ).
- the mobile equipment can receive the three local keys allowing it to operate the data transmitted by each emitter (E 1 , E 2 , E 3 ).
- Both the broadcasting and mobile networks can be of the same type as long as the bandwidth is sufficient for simultaneous transmission of a digital content and of bidirectional data exchanges.
- a network of the type UMTS, EDGE (Enhanced Data Rates for Global Evolution) or another type can be provided.
- the local ECM or more precisely the local control words CW′ are created by the management center (CG) of the mobile operator (OP) from the original control-words CW by encryption of this word with a local key (KL 1 , KL 2 ).
- the broadcasted control messages ECM are encrypted with a transmission key (TK) supplied to the mobile equipment (EM 1 , EM 2 ) by means of management messages EMM delivered by the access supplier (CA) via the management center (CG).
- TK transmission key
- the local key (KL 1 , KL 2 ) is determined by the mobile equipment when it connects to the mobile network (NET 2 ) by means of localization data or more precisely an identifier of a cell (C 1 -ID, C 2 -ID) of this network transmitted by the management center (CG).
- the local key can be determined in several ways:
- SMS short message
- the transmitted cryptogram can form the local key that can be used as it is, without intermediate calculation by the mobile equipment for decrypting the local control words.
- this local key is necessary for the decryption of the control words CW′ contained in the local ECM broadcasted in the digital data stream in order to obtain the original control words CW effectively encrypting the broadcasted content.
- the management center verifies the requests on the whole mobile network (NET 2 ) in order to detect if a same security module requests a cryptogram from several cells of the network. This situation occurs when a security module has been cloned, distributed and used in different places. In such a case, the cryptogram or the required key will be refused and the security module is considered as invalid at future connection attempts.
- the verification is carried out on the basis of the identifier of the security module (ID 1 , ID 2 ) transmitted by the mobile equipment (EM 1 , EM 2 ) to the management center (CG) when the cryptogram is requested.
- the exclusion of a cloned security module can also be carried out by means of management messages (EMM) that can be received only by one mobile equipment at a given place and recognized by the management center. Another mobile equipment in another cell with a same security module will thus not receive this message carrying the data access rights to the broadcasting network (NET 1 ).
- EMM management messages
- the mobile equipment is provided with a Global Positioning System of the GPS type (Global Positioning System) that determines the coordinates corresponding to its geographical position. This data is then used to determine the local key from the received cryptogram.
- GPS Global Positioning System
- the transmission key (TK) encrypting the control messages ECM can also depend on the broadcasting emitter.
- This configuration thus provides two security levels to be overcome in order to access the content broadcasted in the stream.
- the mobile equipment When the mobile equipment is connected to the mobile network, it receives a management message EMM containing the local transmission key (TKL) or elements suited for determining said key (parameters, calculation functions).
- the message EMM is transmitted in general only if the local transmission key (TKL) is not available in the security module of the mobile equipment or after a key change. In fact, the validity of the latter, for example, can be limited to a certain period for a given emitter.
- the mobile equipment After having obtained this key (TKL) allowing the decryption of the control messages ECM, the mobile equipment determines the local key(s) (KL 1 , KL 2 ) necessary for the decryption of the control words CW′ contained in the ECM messages. These local keys (KL 1 , KL 2 ) are determined according to the processes described above.
- the localization data such as the network cell identifiers or the position coordinates of the mobile equipments can be used in order to prevent access to certain content broadcasted to mobile equipments located in a given region.
- the ECM broadcasted and associated to a predetermined content contain a control word encrypted with a key which cannot be obtained from certain cell identifiers because, for example, the calculation function of the key does not have the adequate parameters. In other words, this restriction allows certain places to be blocked out from the reception of the broadcasted contents.
- a network key or a node can be specific to a broadcasted channel.
- the local identifier provided from the node key or the node key itself cannot be transmitted by the management center, which prohibits the reception of this channel near the node in question.
- the local broadcasting operator(s) decrypt the stream with the original control word CW for re-encrypting it with local control-words (CW′ 1 , CW′ 2 ).
- the local emitters (E 1 , E 2 ) each broadcast then a stream encrypted with local control words (CW′ 1 , CW′ 2 ) and local ECM messages containing these control words (CW′ 1 , CW′ 2 ) specific to each emitter (E 1 , E 2 ).
- the mobile equipment of a user is connected to the mobile network in order to receive a management message EMM containing at least one local transmission key (TKL) allowing the decryption of the local ECM messages in order to extract the control words (CW′ 1 , CW′ 2 ).
- TKL local transmission key
- the management message EMM can be received either automatically after the establishment of a connection recognized by the mobile network (NET 2 ) or on request by means of a short message SMS, for example.
- the mobile equipment could also be possible for the mobile equipment to receive a set of local transmission keys (TKL) in the EMM message when it connects to a cell of the mobile network (NET 2 ).
- TTKL local transmission keys
- This set allows decrypting the ECM messages sent from nearby emitters when the mobile equipment moves from one broadcasting area to another without requesting an EMM message from each cell.
Landscapes
- Engineering & Computer Science (AREA)
- Signal Processing (AREA)
- Multimedia (AREA)
- Databases & Information Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Ecology (AREA)
- Life Sciences & Earth Sciences (AREA)
- Remote Sensing (AREA)
- Emergency Management (AREA)
- Health & Medical Sciences (AREA)
- Theoretical Computer Science (AREA)
- Environmental Sciences (AREA)
- Environmental & Geological Engineering (AREA)
- Biodiversity & Conservation Biology (AREA)
- Business, Economics & Management (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Graphics (AREA)
- Mobile Radio Communication Systems (AREA)
- Telephonic Communication Services (AREA)
Abstract
A method is disclosed for conditional access to a digital data stream encrypted with at least one first control word and broadcasted via an emitter of a broadcasting network to at least one mobile equipment. The latter also is connected via a mobile communication network to a management center. The stream contains control messages encrypted with a transmission key and includes a second control word obtained by the encryption of the first control word with a local key. The method includes reception by the mobile equipment of at least one cryptogram via the mobile network, determination of at least one local key from the received cryptogram, and reception of a control message via the broadcasting network, decryption of the message and obtaining the second control word. The method further includes decryption of the second control word with the local key and obtaining the first control word and decryption of the data of the stream with the first control word
Description
- The invention concerns the domain of conditional access to a digital data stream broadcasted through a wireless channel and received by a plurality of mobile equipments, such as, for example, mobile telephones, PDAs (Personal Digital Assistants), portable digital television receivers or a portable computers.
- The broadcasted data is encrypted and can be received in plain text only by authorized equipment when the user has acquired the necessary rights. These rights, stored in a security module associated to the mobile equipment, consist of a set of keys that allow the decryption of the control words contained in control messages ECM (Entitlement Control Message) broadcasted in the audio data/video stream.
- A security module is considered as a tamper-proof device containing different encryption/decryption keys, information serving to identify a user on a network and the data that defines the rights purchased by the user for reception of a broadcasted content. The security module can take different forms such as a removable smart card inserted into a reader, an integrated circuit soldered onto a mother board or a card of the SIM type (Subscriber Identity Module) that is installed in the majority of mobile equipments.
- At present, a mobile equipment configured for the reception of digital television programs is based on standard technologies such as OMA (Open Mobile Alliance), DVB-H (Digital Video Broadcast, Handheld), or DMB (Digital Multimedia Broadcasting) that is in certain ways a broadband extension of (Digital Audio Broadcasting).
- OMA technology implements a complete unique solution for a given market such as that of mobile telephones where each equipment and the content suppliers support the OMA technology.
- DVB technology has been designed to standardize digital television decoders (set top boxes) with the objective of reducing their costs at large scale. It standardizes the elements involved at the level of conditional access to the content broadcasted in MPEG-2 or MPEG-4 format for mobile television on the Internet. These elements consist of the encryption algorithm of the broadcasted content, the control messages ECM containing the decryption keys or control words, the management messages EMM containing the rights of the users and the interface between the decoder and the security module managing conditional access.
- In the particular case of DVB-H mobile television, the protection of the content is developed by the group DVB-CBMS (Digital Video Broadcasting-Convergence of Broadcast and Mobile Services).
- Standardization does not extend neither to the content with added value of the ECM and EMM messages, nor to the protection method of the latter. Each conditional access supplier uses its own data structure and its own protection means for a broadcasted content. Therefore, DVB technology offers numerous possibilities for the development of the security of the content.
- The drawback of a too advanced standardization as that of OMA technology lies in the fact that additional protection measures are restricted especially when the conditional access system has been pirated by third parties.
- In DVB technology, the discovery of one or several control words contained in the control messages ECM allows the decryption of the stream without having to acquire a subscription or pay for the pay-per-view broadcasted programs. This piracy causes damage that affects both the content supplier as well as the supplier of conditional access.
- The document WO2004084555 describes an access method using a mobile telephone with information services broadcasted via a first communication channel to a receiver device. This method includes the following steps:
-
- storage in the mobile telephone of access control data allowing access to information received by the receiver device via the first channel,
- establishment of a communication between the receiver device and the mobile telephone via a second wireless low range local channel of the Bluetooth or WiFi (Wireless Fidelity) type according to the standards IEEE 802.11,
- transmission of the access control data stored in the mobile telephone to the receiver device via the second channel in order to authorize access to information services broadcasted via the first channel.
- The reception of access control data via a second channel independent of the channel for broadcasting controlled access services certainly allows the improvement of the protection of this data against piracy, but not limiting the extent of the effects of a possible discovery of the decryption keys or of means for their production.
- The aim of the present invention is to provide countermeasure means in the event of piracy independently of the type of mobile equipment and at a relatively low cost. These means act on the protection elements that are not related to the standardization and that are preferably adjustable by the conditional access provider.
- Another aim is to limit the damaging effects of a possible piracy to a number as reduced as possible of mobile equipments.
- These aims are achieved by a method for conditional access to a digital data stream encrypted with at least one first control word and broadcasted via an emitter of a broadcasting network to at least one mobile equipment, the latter also being connected via a mobile communication network to a management center, said stream containing the control messages encrypted with a transmission key and comprising a second control word obtained by means of the encryption of the first control word with a local key, said method comprises the following steps:
-
- Reception by the mobile equipment of at least one cryptogram via the mobile network,
- Determination of at least one local key from the received cryptogram,
- Reception of a control message via the broadcasting network, decryption of said message and obtaining the second control word,
- Decryption of the second control word with the local key and obtaining the first control word,
- Decryption of the data of the stream with the first control word.
- The method stands out by the use of a cryptogram containing, for example, localization information of the mobile equipment. The access to the data of the stream is thus only authorized to mobile equipments situated in a given geographic area.
- The discovery of a control word encrypting the data of the stream will thus have consequences limited to mobile equipment functioning in a district or in a town without extending to all the equipment in the country, for example.
- According to a first embodiment, the broadcasted stream consists of the content encrypted by control words and control messages. The latter each contain control words resulting from the encryption of the original control words with a local key. Each mobile equipment is first connected to a mobile network of the GSM (Global System for Mobile Communications) or UMTS (Universal Mobile Telecommunications System) type or another through which it is located by the management center. The mobile equipment receives from this center a cryptogram containing a local identifier corresponding to that of the nearest network cell to its geographical position. This cryptogram transmitted to the security module of the equipment allows the determination of one or more local keys that are defined as functions of the local identifier.
- Several keys can be generated from a cryptogram thus allowing the decryption of the control words broadcasted by nearby emitters when the equipment moves from one district to another, for example.
- The mobile equipment gets this function and/or its parameters, via management messages EMM that it can receive, for example, from the management center when connected to the GSM or UMTS mobile network. A particular request by short message SMS, post or telephone call, for instance, would be an alternative for obtaining this function.
- The cryptogram can be formed, for example, by carrying out a XOR function (OR exclusive) on the identifier of the cell, according to a simple embodiment. According to an embodiment with a higher security level, a cryptographic function using a random number combined with the identifier of the cell transmitted by the mobile network can be used.
- According to one embodiment that allows the mobile equipment to move from one cell to another, two solutions are possible:
- a) several cryptograms corresponding to surrounding cells can be transmitted to the mobile equipment when it connects to the first cell. The security module can also determine the local keys necessary for the decryption of the controls words from the following cells.
- b) a set of local keys can be determined from only one received cryptogram allowing the decryption of the controls words from different cells. This cryptogram contains, for example, a chain of local keys corresponding to consecutive cells.
- The control messages ECM broadcasted in the stream specific to a given region because they contain control words that can only be decrypted by a local key that is determined from parameters specific to a mobile network of a given place.
- After decryption of the ECM messages with the transmission key, the control words are extracted. The local key, determined thanks to the received cryptogram, allows determining the original control words for decrypting the content broadcasted on the condition to have the necessary rights in the security module.
- These rights are obtained from management messages EMM broadcasted through a conditional access system CAS whose server is connected to that of the operator of the GSM or UMTS mobile network or the management center.
- The invention will be better understood thanks to the following detailed description that refers to the annexed figures given as non-limitative examples.
-
FIG. 1 shows a block diagram of an example of configuration with two emitters placed in different locations and that can be got by local mobile equipment. -
FIG. 2 shows a block diagram of the encryption of the control word of a control message with a local key and the encryption of a control message with a transmission key. -
FIG. 3 shows a schematized example of broadcasting areas of emitters of the broadcasting network and cells of the mobile network inside these broadcasting areas. - A stream of digital data forming a content (C) encrypted with control words (CW) is broadcasted with control messages ECM. This digital data can also comprise audio/video data of television programs as well as data relating to applications that can be operated by a mobile equipment.
- A server of a conditional access supplier (CA) is connected to a server of an operator (OP) managing a broadcasting network (NET1) and a mobile network (NET2). The operator (OP) broadcasts on the broadcasting network (NET1) the content (C) encrypted with the control words CW as well as the ECM messages containing a control word CW′ encrypted with a local key (KL1, KL2). This local key is specific to the geographic location of the emitter (E1, E2) of the broadcasting network such as a district, a town or a region. Moreover, the access supplier (CA) broadcasts management messages EMM that define the access rights to the content according to the user's purchases as a subscription or a pre-payment of selected programs.
- The mobile equipments EM1, EM2 are connected respectively to the broadcasting network (NET1) and to the mobile network (NET2). The broadcasting network (NET1) provides the encrypted content while the mobile network (NET2) provides the parameters necessary for the reception of the content (C). The broadcasting network (NET1) can be, for example, of the DVB-H type where the content is broadcasted through a radio channel by a local emitter (E1, E2), the mobile network (NET2) will be of the GSM or UMTS type for example, also allowing communications with the management center (CG) of the operator (OP), (see
FIG. 1 ). - The emitters (E1, E2) of the broadcasting network (NET1) broadcast the digital data in a unidirectional way towards the mobile equipment (EM1, EM2) while the data of the mobile network (NET2) flows in a bidirectional way between the mobile equipment (EM1, EM2) and the management center (CG).
- The mobile equipments (EM1, EM2) can move from one cell of the mobile network (NET2) towards another maintaining the possibility of receiving the data broadcasted by either of the emitters of the broadcasting network (NET1).
-
FIG. 3 shows this type of situation where cells (C1-C10-Cn) of the mobile network (NET2) form meshes that extend over one or more broadcasting areas (Z1, Z2, Z3) of the emitters (E1, E2, E3) of the network (NET1). When a mobile equipment is moved, for example, from the first broadcasting area (Z1) towards the third broadcasting area (Z3), it can receive a set of keys corresponding to the cells that it traverses, for example the keys of cells C1 to C7 of the illustrated example. These local keys allow the mobile equipment decrypting the control words of ECM messages in the areas (Z1) and (Z3) covered by emitters (E1) and (E3). According to one alternative, the mobile equipment receives a local key each time it enters into a cell during its displacement. When the cell crosses two or several broadcasting areas, such as for example the cells C2 to C6, the mobile equipment can receive as many keys as the number of broadcasting areas covered by the cell. - In the example of
FIG. 3 , the cell (C4) extends over the three broadcasting areas (Z1, Z2, Z3). In this case, the mobile equipment can receive the three local keys allowing it to operate the data transmitted by each emitter (E1, E2, E3). - Both the broadcasting and mobile networks (NET1, NET2) can be of the same type as long as the bandwidth is sufficient for simultaneous transmission of a digital content and of bidirectional data exchanges. For example, a network of the type UMTS, EDGE (Enhanced Data Rates for Global Evolution) or another type can be provided.
- The local ECM or more precisely the local control words CW′ are created by the management center (CG) of the mobile operator (OP) from the original control-words CW by encryption of this word with a local key (KL1, KL2). The new control word CW′=KL1(CW) or KL2(CW) obtained in this way is inserted into the ECM messages broadcasted by the emitter (E1, E2) of the broadcasting network (NET1) to mobile equipments (EM1, EM2) connected to the mobile network (NET2). These equipments are situated in a cell of the mobile network (NET2) where they can receive the cryptogram necessary for obtaining the local key (KL1, KL2). (See
FIG. 2 , embodiment (1)) - It should be noted that the broadcasted control messages ECM are encrypted with a transmission key (TK) supplied to the mobile equipment (EM1, EM2) by means of management messages EMM delivered by the access supplier (CA) via the management center (CG).
- According to a first embodiment, the local key (KL1, KL2) is determined by the mobile equipment when it connects to the mobile network (NET2) by means of localization data or more precisely an identifier of a cell (C1-ID, C2-ID) of this network transmitted by the management center (CG). The local key can be determined in several ways:
- calculation carried out by means of an operation or a relatively simple mathematical function such as for example XOR (OR exclusive) or from a random number transmitted by the management center.
- combination with a key specific to the mobile network or to a node of the latter provided either when the mobile equipment connects to the management center, or in response to a particular request by a short message SMS, for example.
- the transmitted cryptogram can form the local key that can be used as it is, without intermediate calculation by the mobile equipment for decrypting the local control words.
- To summarize, this local key is necessary for the decryption of the control words CW′ contained in the local ECM broadcasted in the digital data stream in order to obtain the original control words CW effectively encrypting the broadcasted content.
- Beyond the distribution of cryptograms to locally recognized mobile equipments, the management center (CG) verifies the requests on the whole mobile network (NET2) in order to detect if a same security module requests a cryptogram from several cells of the network. This situation occurs when a security module has been cloned, distributed and used in different places. In such a case, the cryptogram or the required key will be refused and the security module is considered as invalid at future connection attempts. The verification is carried out on the basis of the identifier of the security module (ID1, ID2) transmitted by the mobile equipment (EM1, EM2) to the management center (CG) when the cryptogram is requested. The exclusion of a cloned security module can also be carried out by means of management messages (EMM) that can be received only by one mobile equipment at a given place and recognized by the management center. Another mobile equipment in another cell with a same security module will thus not receive this message carrying the data access rights to the broadcasting network (NET1).
- According to one alternative the mobile equipment is provided with a Global Positioning System of the GPS type (Global Positioning System) that determines the coordinates corresponding to its geographical position. This data is then used to determine the local key from the received cryptogram.
- According to a second embodiment, the transmission key (TK) encrypting the control messages ECM can also depend on the broadcasting emitter. This configuration thus provides two security levels to be overcome in order to access the content broadcasted in the stream. When the mobile equipment is connected to the mobile network, it receives a management message EMM containing the local transmission key (TKL) or elements suited for determining said key (parameters, calculation functions). The message EMM is transmitted in general only if the local transmission key (TKL) is not available in the security module of the mobile equipment or after a key change. In fact, the validity of the latter, for example, can be limited to a certain period for a given emitter.
- After having obtained this key (TKL) allowing the decryption of the control messages ECM, the mobile equipment determines the local key(s) (KL1, KL2) necessary for the decryption of the control words CW′ contained in the ECM messages. These local keys (KL1, KL2) are determined according to the processes described above.
- The localization data such as the network cell identifiers or the position coordinates of the mobile equipments can be used in order to prevent access to certain content broadcasted to mobile equipments located in a given region. In fact, the ECM broadcasted and associated to a predetermined content contain a control word encrypted with a key which cannot be obtained from certain cell identifiers because, for example, the calculation function of the key does not have the adequate parameters. In other words, this restriction allows certain places to be blocked out from the reception of the broadcasted contents.
- According to one configuration, a network key or a node can be specific to a broadcasted channel. When a mobile equipment is situated in a given place, the local identifier provided from the node key or the node key itself cannot be transmitted by the management center, which prohibits the reception of this channel near the node in question.
- According to another configuration, (see
FIG. 2 , embodiment (2)) the local broadcasting operator(s) decrypt the stream with the original control word CW for re-encrypting it with local control-words (CW′1, CW′2). The local emitters (E1, E2) each broadcast then a stream encrypted with local control words (CW′1, CW′2) and local ECM messages containing these control words (CW′1, CW′2) specific to each emitter (E1, E2). The mobile equipment of a user is connected to the mobile network in order to receive a management message EMM containing at least one local transmission key (TKL) allowing the decryption of the local ECM messages in order to extract the control words (CW′1, CW′2). - The management message EMM can be received either automatically after the establishment of a connection recognized by the mobile network (NET2) or on request by means of a short message SMS, for example.
- Of course, it could also be possible for the mobile equipment to receive a set of local transmission keys (TKL) in the EMM message when it connects to a cell of the mobile network (NET2). This set allows decrypting the ECM messages sent from nearby emitters when the mobile equipment moves from one broadcasting area to another without requesting an EMM message from each cell.
Claims (12)
1. Method for conditional access to a digital data stream encrypted with at least one first control word and broadcasted via an emitter of a broadcasting network to at least one mobile equipment, the latter also being connected via a mobile communication network to a management center, said stream containing control messages encrypted with a transmission key and comprising a second control word obtained by the encryption of the first control word with a local key, said method comprising:
reception by the mobile equipment of at least one cryptogram via the mobile network,
determination of at least one local key from the received cryptogram,
reception of a control message via the broadcasting network, decryption of said message and obtaining the second control word,
decryption of the second control word with the local key and obtaining the first control word, and
decryption of the data of the stream with the first control word.
2. Method according to claim 1 , wherein the local key is specific to the geographic location where is placed the emitter of the broadcasting network got by the mobile equipment and in that the cryptogram includes an identifier of a cell of the mobile network to which said equipment is connected.
3. Method according to claim 2 , wherein the cryptogram is transmitted by the management center, via the mobile network, when the mobile equipment connects to said network.
4. Method according to claim 1 , wherein the local key is obtained from the cryptogram and the geographical coordinates related to the position of the mobile equipment.
5. Method according to claim 4 , wherein the position of the mobile equipment is determined by a global positioning device associated to said equipment.
6. Method according to claim 1 , wherein the local key is determined by way of a mathematical function carried out on the cryptogram received from the management center, said function being obtained by way of management messages delivered by a conditional access supplier via said management center.
7. Method according to claim 2 , wherein the local key is determined by means of a combination of the identifier of a cell of the mobile network with a node key of said network to which the mobile equipment is connected.
8. Method according to claim 1 , wherein the local key is made up of the cryptogram received by the mobile equipment.
9. Method according to claim 1 , wherein the transmission key encrypting the control messages is specific to the emitter of the broadcasting network.
10. Method according to claim 9 , including a supplementary step of reception of a management message followed by a step of extraction of the transmission key or elements suited for determining said key.
11. Method according to claim 1 , where each emitter of the broadcasting network broadcasts a digital data stream encrypted with control words specific to said emitter and control messages encrypted with a local transmission key containing said control words wherein the mobile equipment receives a management message, via the mobile network, containing at least one local transmission key, deciphers the control messages with the received local transmission key, extracts the control words and decrypts the digital data of the stream.
12. Method according to claim 1 , wherein the emitters of the broadcasting network broadcast the digital data in a unidirectional way towards the mobile equipments while the data of the mobile network flows in a bidirectional way between the mobile equipment and the management center.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11/979,958 US9077856B2 (en) | 2005-05-13 | 2007-11-13 | Method for local conditional access for mobile equipments |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP05291046A EP1722564A1 (en) | 2005-05-13 | 2005-05-13 | Local conditional access method for mobile receivers |
EPEP05291046.0 | 2005-05-13 |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/EP2006/062265 Continuation-In-Part WO2006122908A1 (en) | 2005-05-13 | 2006-05-12 | Local conditional access method for mobile equipment |
Publications (1)
Publication Number | Publication Date |
---|---|
US20080022411A1 true US20080022411A1 (en) | 2008-01-24 |
Family
ID=35094488
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US11/431,535 Abandoned US20080022411A1 (en) | 2005-05-13 | 2006-05-11 | Method for local conditional access for mobile equipments |
US11/979,958 Expired - Fee Related US9077856B2 (en) | 2005-05-13 | 2007-11-13 | Method for local conditional access for mobile equipments |
Family Applications After (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US11/979,958 Expired - Fee Related US9077856B2 (en) | 2005-05-13 | 2007-11-13 | Method for local conditional access for mobile equipments |
Country Status (7)
Country | Link |
---|---|
US (2) | US20080022411A1 (en) |
EP (2) | EP1722564A1 (en) |
CN (1) | CN101199205B (en) |
BR (1) | BRPI0612433A2 (en) |
CA (1) | CA2608650C (en) |
TW (1) | TW200718198A (en) |
WO (1) | WO2006122908A1 (en) |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080066176A1 (en) * | 2006-09-08 | 2008-03-13 | Memory Experts International Inc. | Personal digital rights management with user mobility |
US20080219436A1 (en) * | 2007-03-05 | 2008-09-11 | General Instrument Corporation | Method and apparatus for providing a digital rights management engine |
US20090288151A1 (en) * | 2008-05-19 | 2009-11-19 | General Instrument Corporation | Conditional Access System Switcher |
US20090325576A1 (en) * | 2006-08-02 | 2009-12-31 | Nagravision S.A. | Method of local conditional access for mobile equipment |
US20100299758A1 (en) * | 2007-11-09 | 2010-11-25 | Electronics And Telecommunications Research Institute | Method and data sharing system in peer to peer environment |
US20100332819A1 (en) * | 2009-06-26 | 2010-12-30 | France Telecom | Digital content access control |
US20110077026A1 (en) * | 2009-09-25 | 2011-03-31 | International Business Machines Corporation | Location Restricted Content Delivery Over a Network |
US10728756B2 (en) * | 2016-09-23 | 2020-07-28 | Qualcomm Incorporated | Access stratum security for efficient packet processing |
Families Citing this family (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101193308A (en) * | 2006-11-22 | 2008-06-04 | 上海贝尔阿尔卡特股份有限公司 | Method and device for playing video/audio signals in communication network |
CN101198011B (en) * | 2006-12-07 | 2010-09-29 | 中兴通讯股份有限公司 | Method for transmitting condition receiving information in mobile multimedia broadcasting network |
CN101127596B (en) * | 2007-09-20 | 2012-04-11 | 中兴通讯股份有限公司 | A method and system for program stream secret key encryption in broadcast mobile TV service |
CN101505402B (en) * | 2009-03-06 | 2012-04-18 | 四川长虹电器股份有限公司 | Authentication method for uni-directional network digital television conditional receiving system terminal deciphering module |
EP2348725A1 (en) * | 2010-01-26 | 2011-07-27 | Irdeto Access B.V. | Computational efficiently obtaining a control word in a receiver using transformations |
EP2405650A1 (en) * | 2010-07-09 | 2012-01-11 | Nagravision S.A. | A method for secure transfer of messages |
CN102355598B (en) * | 2011-10-08 | 2014-02-19 | 北京视博数字电视科技有限公司 | Operating system drive layer-based scrambling method and device |
US9332286B2 (en) * | 2011-10-28 | 2016-05-03 | Irdeto B.V. | Constructing a transport stream |
CN105446926B (en) * | 2014-09-09 | 2020-09-22 | 纳瑞塔有限责任公司 | USB interface for performing transport I/O |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030005435A1 (en) * | 2001-06-29 | 2003-01-02 | Rickard Nelger | Conditional access system |
US20030108202A1 (en) * | 2001-12-12 | 2003-06-12 | Clapper Edward O. | Location dependent encryption and/or decryption |
US20030181160A1 (en) * | 2002-03-21 | 2003-09-25 | Hirsch Andrew J. | Authentication and provisioning system for subscriber broadcasts |
US20050013439A1 (en) * | 2001-11-21 | 2005-01-20 | Jean-Francois Collet | Method for controlling access to specific services from a broadcaster |
US20050100162A1 (en) * | 2003-11-11 | 2005-05-12 | Jukka Alve | System and method for using DRM to control conditional access to DVB content |
Family Cites Families (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9032097B2 (en) * | 2001-04-26 | 2015-05-12 | Nokia Corporation | Data communication with remote network node |
US7228439B2 (en) * | 2002-04-19 | 2007-06-05 | Nagravision S.A. | Management method of rights of a content encrypted and stored in a personal digital recorder |
GB0324696D0 (en) * | 2003-10-23 | 2003-11-26 | Koninkl Philips Electronics Nv | Accessing content at a geographical location |
KR100735280B1 (en) * | 2005-06-16 | 2007-07-03 | 삼성전자주식회사 | Digital multimedia broadcastingdmb system and conditional access method for restricting of dmb watching in regional |
EP1885095A1 (en) * | 2006-08-02 | 2008-02-06 | Nagravision S.A. | Local conditional access method for mobile receivers |
-
2005
- 2005-05-13 EP EP05291046A patent/EP1722564A1/en not_active Withdrawn
-
2006
- 2006-05-11 US US11/431,535 patent/US20080022411A1/en not_active Abandoned
- 2006-05-12 WO PCT/EP2006/062265 patent/WO2006122908A1/en not_active Application Discontinuation
- 2006-05-12 EP EP06755176A patent/EP1880547B1/en not_active Not-in-force
- 2006-05-12 CA CA2608650A patent/CA2608650C/en not_active Expired - Fee Related
- 2006-05-12 BR BRPI0612433-0A patent/BRPI0612433A2/en not_active Application Discontinuation
- 2006-05-12 CN CN200680021192.8A patent/CN101199205B/en not_active Expired - Fee Related
- 2006-05-12 TW TW095116979A patent/TW200718198A/en unknown
-
2007
- 2007-11-13 US US11/979,958 patent/US9077856B2/en not_active Expired - Fee Related
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030005435A1 (en) * | 2001-06-29 | 2003-01-02 | Rickard Nelger | Conditional access system |
US20050013439A1 (en) * | 2001-11-21 | 2005-01-20 | Jean-Francois Collet | Method for controlling access to specific services from a broadcaster |
US20030108202A1 (en) * | 2001-12-12 | 2003-06-12 | Clapper Edward O. | Location dependent encryption and/or decryption |
US20030181160A1 (en) * | 2002-03-21 | 2003-09-25 | Hirsch Andrew J. | Authentication and provisioning system for subscriber broadcasts |
US20050100162A1 (en) * | 2003-11-11 | 2005-05-12 | Jukka Alve | System and method for using DRM to control conditional access to DVB content |
US20050100167A1 (en) * | 2003-11-11 | 2005-05-12 | Jukka Alve | System and method for using DRM to control conditional access to broadband digital content |
Cited By (16)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8737990B2 (en) * | 2006-08-02 | 2014-05-27 | Nagravision S.A. | Method of local conditional access for mobile equipment |
US20090325576A1 (en) * | 2006-08-02 | 2009-12-31 | Nagravision S.A. | Method of local conditional access for mobile equipment |
US20080066176A1 (en) * | 2006-09-08 | 2008-03-13 | Memory Experts International Inc. | Personal digital rights management with user mobility |
US20080219436A1 (en) * | 2007-03-05 | 2008-09-11 | General Instrument Corporation | Method and apparatus for providing a digital rights management engine |
US20100299758A1 (en) * | 2007-11-09 | 2010-11-25 | Electronics And Telecommunications Research Institute | Method and data sharing system in peer to peer environment |
US20090288151A1 (en) * | 2008-05-19 | 2009-11-19 | General Instrument Corporation | Conditional Access System Switcher |
US8813254B2 (en) * | 2008-05-19 | 2014-08-19 | Motorola Mobility Llc | Conditional access system switcher |
US20100332819A1 (en) * | 2009-06-26 | 2010-12-30 | France Telecom | Digital content access control |
US8966239B2 (en) * | 2009-06-26 | 2015-02-24 | Orange | Digital content access control having improved transmission bandwidth |
US20150163204A1 (en) * | 2009-06-26 | 2015-06-11 | Orange | Digital content access control |
US20110077026A1 (en) * | 2009-09-25 | 2011-03-31 | International Business Machines Corporation | Location Restricted Content Delivery Over a Network |
US20120195427A1 (en) * | 2009-09-25 | 2012-08-02 | International Business Machines Corporation | Location Restricted Content Deliver over a Network |
US8744488B2 (en) * | 2009-09-25 | 2014-06-03 | International Business Machines Corporation | Location restricted content delivery over a network |
US8744486B2 (en) * | 2009-09-25 | 2014-06-03 | International Business Machines Corporation | Location restricted content delivery over a network |
US10728756B2 (en) * | 2016-09-23 | 2020-07-28 | Qualcomm Incorporated | Access stratum security for efficient packet processing |
US11528603B2 (en) | 2016-09-23 | 2022-12-13 | Qualcomm Incorporated | Access stratum security for efficient packet processing |
Also Published As
Publication number | Publication date |
---|---|
WO2006122908A1 (en) | 2006-11-23 |
CN101199205B (en) | 2010-11-03 |
US20080144822A1 (en) | 2008-06-19 |
US9077856B2 (en) | 2015-07-07 |
TW200718198A (en) | 2007-05-01 |
CN101199205A (en) | 2008-06-11 |
EP1722564A1 (en) | 2006-11-15 |
EP1880547A1 (en) | 2008-01-23 |
CA2608650A1 (en) | 2006-11-23 |
CA2608650C (en) | 2014-04-22 |
BRPI0612433A2 (en) | 2012-07-17 |
EP1880547B1 (en) | 2012-08-08 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CA2608650C (en) | Local conditional access method for mobile equipment | |
US8737990B2 (en) | Method of local conditional access for mobile equipment | |
US8135825B2 (en) | Method for loading and managing an application on mobile equipment | |
EP2351318B1 (en) | Method and apparatus for billing and security architecture for venue-cast services | |
US7698568B2 (en) | System and method for using DRM to control conditional access to broadband digital content | |
CN101141246B (en) | Service key obtaining method and subscription management server | |
GB2453924A (en) | Encrypted Mobile TV broadcast with encrypted content key while key encryption key is delivered over phone network | |
KR20040066901A (en) | Method and system for conditional access | |
WO2005045554A2 (en) | System and method for using drm to control conditional access to broadband digital content | |
KR20060105862A (en) | Method protecting contents supported broadcast service between service provider and several terminals | |
US20100106648A1 (en) | Method and apparatus for acquiring encryption key to provide pay channel | |
KR100966413B1 (en) | Method for controlling access to specific services from a broadcaster | |
KR100695082B1 (en) | Conditional Access System and Method Using Position Information of Mobile Communication Terminal and Mobile Communication Terminal therefor | |
EP3308481B1 (en) | Receiver apparatus and method for controlling the access to contents broadcasted via satellite | |
US20220385987A1 (en) | Multimedia content secure access | |
Wright | Security considerations for broadcast systems | |
Yang et al. | Authentication scheme and simplified CAS in mobile multimedia broadcast | |
KR20110107008A (en) | Apparatus and method for supporting smartcard profile in mobile broadcating system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: NAGRA FRANCE SAS, FRANCE Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:WENDLING, BETRAND;LANDIER, OLIVIER;REEL/FRAME:017886/0614 Effective date: 20060404 |
|
AS | Assignment |
Owner name: NAGRA FRANCE SAS,FRANCE Free format text: CORRECTION OF INVENTORS NAME;ASSIGNORS:WENDLING, BERTRAND;LANDIER, OLIVIER;REEL/FRAME:024279/0460 Effective date: 20100414 |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |