WO2010149161A1 - Access control system - Google Patents

Access control system Download PDF

Info

Publication number
WO2010149161A1
WO2010149161A1 PCT/DK2010/000097 DK2010000097W WO2010149161A1 WO 2010149161 A1 WO2010149161 A1 WO 2010149161A1 DK 2010000097 W DK2010000097 W DK 2010000097W WO 2010149161 A1 WO2010149161 A1 WO 2010149161A1
Authority
WO
WIPO (PCT)
Prior art keywords
unit
verification
authorisation
characterised
data stream
Prior art date
Application number
PCT/DK2010/000097
Other languages
French (fr)
Inventor
Kurt Panduro Olesen
Original Assignee
Smartwi International A/S
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority to DKPA200900778 priority Critical
Priority to DKPA200900778 priority
Application filed by Smartwi International A/S filed Critical Smartwi International A/S
Publication of WO2010149161A1 publication Critical patent/WO2010149161A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N7/00Television systems
    • H04N7/16Analogue secrecy systems; Analogue subscription systems
    • H04N7/162Authorising the user terminal, e.g. by paying; Registering the use of a subscription channel, e.g. billing
    • H04N7/163Authorising the user terminal, e.g. by paying; Registering the use of a subscription channel, e.g. billing by receiver means only
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/41Structure of client; Structure of client peripherals
    • H04N21/418External card to be used in combination with the client device, e.g. for conditional access
    • H04N21/4181External card to be used in combination with the client device, e.g. for conditional access for conditional access

Abstract

A method for controlling the access to a pay-TV channel (19) is suggested, wherein said pay-TV channel (19) is transmitted in an encrypted form and decrypted using an authorisation unit (4, 15), comprising a connection means (9) for the connection with at least one decoding unit (3) for decoding a coded data stream (19), at least one verification means storing at least one decoding key (24), and at least one wireless communication interface (10), containing at least one decryption key (24). The decryption key (24) is only released, after said authorisation unit (4, 15) received a verification signal (25), which is emitted by at least one verification server unit (2, 12, 16).

Description

Access control system

The invention relates to an authorisation unit, comprising at least one connection means for connecting at least one decoding unit for decoding a coded data stream, and at least one storage means for storing at least one decoding key. Additionally, the invention relates to a verification server unit comprising at least one communication interface for communication with at least one authorisation unit. Also, the invention relates to an access control system for controlling the access to a data stream. Furthermore, the invention relates to a method for controlling the access to a data stream, wherein the data stream is transmitted in an encrypted form and decrypted using an authorisation unit containing at least one decryption key.

When the access to a data stream has to be restricted, cryptographic methods (encryption/decryption) are widely used. This way it is possible to transmit a signal without taking precautions to avoid the reception of the signal by unauthorised persons. It is even possible to make the data stream publicly available, since only authorised persons are able to receive the data contained in the data stream in a usable form.

For example, providers of multimedia services use several types of transmission networks such as satellite, cable and digital terrestrial TV networks. These distribute the TV channels to the home of the subscriber, where they are further distributed to the various places in the home where the respective services can be used. While certain services are available to all subscribers of the transmission network, other services (like pay-TV channels, internet connections and so on) are only available to users of the transmission network who have subscribed to that particular service. Since it would be technically too complicated to transmit the respective services only to the home of those persons who have subscribed to the respective services, usually all services are transmitted to all homes that are connected to the transmission network. To restrict the access to the transmissions to the subscribers of the respective services, a digital decoder of some form, containing a decoding functionality, is usually used to decode the transmitted and encrypted signal into one that is usable by the subscriber.

In practical embodiments of such a decoding system, a standardised controller box (commonly known as a "set-top box") is usually used, which contains a variety of electronics (in general also decryption electronics), but does not contain the information necessary for decoding the (encrypted) service in question. This decoding information is generally stored in a separate unit, which can be connected to the controller box ("set-top box"). Usually, the decoding information is stored in a "smart card", which is inserted into the receiving slot of the controller box. By the term "smart card" is meant a pocket-sized card with embedded integrated circuits which can process data. Such a card is also known as a "chip card" or "integrated circuit card" and may be made of plastic. Such a smart card (containing a microprocessor chip) is supplied by the provider of a certain service to the subscriber of this service in return for a subscription payment. The decoding circuits in the controller box read the incoming signals selected by the subscriber, and interact constantly with the smart card to obtain confirmation of entitlement to use those signals (for example in form of a decryption key). When this confirmation has been obtained, the respective encrypted signals are then decrypted and output to the subscriber's equipment for the subscriber to use.

To take the example of a television signal, it is possible that the subscriber might possess more than one TV receiver in the household. One problem that arises is of how to allow the subscriber to access the TV signal and view it on more than one receiver at the same time. One possible solution is to split up the signal after decoding, but this restricts all the receivers in the home to viewing the same signal - the signal that is being decoded in collaboration with the smart card. This is not a satisfactory solution, since not all viewers in the home will wish to view the same channel. An improvement to this situation is to supply each TV receiver with a controller box capable of decoding the incoming signal from the distribution network, and to issue one or more extra smart cards to the subscriber which would be used in these control boxes to decode the incoming signal in exactly the same manner as it is done by the "original" controller box. In this way each receiver within the home can decrypt different signals independent of the others. This is often used in practice where the service provider provides such extra smart cards at reduced (or even no additional) rates to the subscriber, provided that they are used by the additional receivers within the subscriber's home. This has the disadvantage that such cards will still function to decode the signals from the service provider in other homes since, for the system, there is no way of detecting whether the receiver in use is located in the home of the subscriber or not. The system is therefore open to abuse since it is possible to access the signal in a controller box which is not situated in the subscriber's home but in the home of a person who has not subscribed to the service.

To make such a fraudulent use of a subscription impossible without restricting the wishes of the legal subscribers, different approaches have already been suggested

In US 7,502,473 B2 a system is disclosed, wherein each control box contains a smart card, and wherein the smart cards are issued as a set. The control boxes have the ability to communicate with each other, and a specific number of control boxes must communicate with each other for the decryption to be allowed. This solution requires the control boxes to have additional hardware to allow communication between control boxes containing the respective smart card of the issued set of smart cards. This is problematic, since it means that current hardware can no longer be used, and subscribers would have to purchase new hardware at considerable expense. This solution also requires that at least some (if not all) of the other cards of the issued set are placed in control boxes which are activated, even if only one TV receiver is in use. This is problematic with respect to "stand-by" energy consumption. CN 101188707 A describes a master/slave system for a digital TV receiving device in which a master chip and a slave chip are inserted into their respective control boxes and a master/slave management module is additionally connected to the respective control boxes, the master/slave management module restricting the distance between the control boxes to within 100 metres. This solution requires the control boxes to have additional hardware and/or software to allow communication with the master/slave management module. This is problematic, since it means that current hardware can no longer be used, and subscribers would have to purchase new hardware at considerable expense.

EP 1 481 548 B1 describes a broadcast network access management system with a master control box (decoding device) containing a smart card, which communicates entitlement messages with slave control boxes also equipped with smart cards. The communication medium is a private network, which could also be the same as that network, in which the broadcast signal is distributed. The slave units operate when the level of signal exchanged between them and the master unit is within certain limits which are dependent upon the cable length, configuration, and number and quality of splitters and connections.

Again, specially adapted control boxes are required for the system to be usable. Hence, a considerable expense for purchasing new hardware would be required by the subscriber.

Another known solution involves the use of a master control box into which the (only) smart card issued by the service provider to the subscriber is placed. Separate slave smart cards replace the smart cards normally inserted into individual control boxes. These slave smart cards are not issued by the service provider and do not contain any decoding information necessary for decrypting the incoming video signal. Instead, the slave smart cards communicate continually via a wireless link with the smart card issued by the provider and placed in the master control box. Every time a decryption key is requested by one of the individual control boxes, the slave smart cards pass the requests on to the provider's smart card in the master control box and receive in return the decoding information required. This is an improvement since the subscriber can purchase the system without any purchase of additional cards from a service provider. On the other hand, there is still a high level of security, because the possible transmitting distances are relatively small. One disadvantage with this system is that it is vulnerable to a high frequency of decryption key requests. As an example, if the provider secures the data stream in a way that frequently seeks verification of the authorisation to receive the channel (i.e. frequently requests a decryption key), there might not be enough time between two consecutive requests to process each request. This will be a particular problem if several different slave smart cards are in use and are requesting such a verification at essentially the same time.

It is therefore the object of the invention to suggest an improved method for controlling the access to the data stream as well as to suggest improved units for performing such a method.

To solve the problem it is suggested to design an authorisation unit, comprising at least one connection means for the connection with at least one decoding unit for decoding a coded data stream at least one verification means comprising at least one storage means for storing at least one decoding key, and at least one wireless communication interface, these being disposed so that the at least one verification means communicates with at least one verification server unit via the at least one wireless communication interface. By this means the distribution of a restricted (encrypted/coded) data stream can be securely restricted to subscribers entitled to view that data stream. Therefore, possibilities for fraudulent use can be diminished. At the same time, the flexibility for entitled subscribers can be very high, i.e. an entitled subscriber may be supplied with an in principle unlimited number of access possibilities at a reduced or no additional charge (depending on the policy of the provider). Since only a verification signal is transmitted between each authorisation unit and the verification server unit, only a relatively low data rate has to be transmitted between them. Therefore, the wireless communication interface can be of a simple design. The frequency at which the verification has to be performed (i.e., how often a verification signal has to be exchanged) can be chosen from an extremely wide range. For example, it is possible to request a verification every second, every 10 seconds, or every minute or so. This way a high level of security against misuse of the system can be achieved. On the other hand, if a verification is only requested occasionally (for example once a day, once a week, once every fortnight or the like), a system can be achieved in which the verification server unit does not always have to be switched on during the periods when a data stream has to be decoded by one or more of the authorisation units/decoding units. Since the verification process only takes place between units provided by the provider (generally the authorisation unit(s) and/or the verification server unit(s)), such a suggested comparatively long time interval between two verification signals is not necessarily a breach of security. Instead, a still high level of security can be achieved by the decoding key(s), stored in the authorisation unit. This is because the frequency of decryption key changes can be essentially independent of the frequency of the verification processes. It has to be noted that the authorisation unit is usually a separate unit, independent of the decoding unit (for example a standard "set-top box"). Therefore, current decoding units can continue to be used in connection with the suggested authorisation unit. The connection between the decoding unit and the authorisation unit can be established by essentially any type of connection means, preferably by a standardised and/or by already established connection means. As an example, an authorisation unit can have a protrusion, designed in a way that this protrusion can be inserted into the receiving slot of the standard set-top box. Since the actual decoding can be performed in the decoding unit, the authorisation unit can be designed in a simpler and cheaper way.

The use of a wireless communication interface means that the connection between the authorisation unit and the verification server unit can be very simple, and in particular no set-up of any cables is necessary. Therefore, such an authorisation unit can be particularly user-friendly. Also, the authorisation unit can be made particularly compact. Of course, it is also possible to (additionally) provide for a cable-based transmission. Such cable-based transmission may be conducted by telephone cabling, twisted pair cables, coaxial cables, or by any other appropriate cabling technologies known in the art.

The use of a wireless communication interface means that the connection between the authorisation unit and the verification server has a limited range. In this simple way the authorisation unit is restricted to be used within the range of the wireless communication interface which can easily be made to be of the order of the size of a family dwelling. Thus the disadvantages of issuing additional smart cards of the traditional type as described above with the possibility of fraudulent use is avoided.

According to a preferred embodiment of the invention, said authorisation unit is at least in part designed as a transponder card and/or a chip card and/or a smart card. Since such physical formats are at present the standard formats for authorisation devices used in connection with set-top boxes, a particularly high compatibility with existing systems can be achieved. In particular, a protrusion of the authorisation unit can be provided having a shape in form of a chip card, transponder card and/or a smart card so that it can be simply inserted into the receiving slot of a set-top box. It is even more beneficial if the authorisation unit is provided in a form factor conforming to that of a standard smart card as defined in international standards such as ISO 7810 ID-1 and/or ISO 7816-1. By this means the authorisation unit can be used in standard set-top boxes without the need to accommodate any additional deviations from the standard form factor, such as protrusions.

Such a form factor enhances the benefit to typical service providers who are already used to issuing smart cards conforming to international standard form factors. Issuing cards conforming to the present invention will enable operators to avoid the loss of income inherent in the fraudulent use of the one or more extra cards issued to subscribers. Preferably, the authorisation unit is designed in a way that it is suitable for insertion into a set-top box.

Preferably the authorisation unit is designed and arranged in a way that said at 5 least one decoding key is only released after an appropriate signal is received by said verification means. In particular, such an appropriate signal can be required every time the authorisation unit is switched on and/or an appropriate request is transmitted via the signal to be decoded. This way, a very high level of security can be achieved. As already mentioned, the time intervals betweeno two consecutive verification processes can be selected from a wide range (and it is not even necessary to define a specified interval, since external events can be used for triggering a verification request).

Even more preferred, at least one of said wireless communication interfaces is5 designed as an electronic network interface, in particular as a WLAN interface and/or as a Bluetooth interface and/or as an Ethernet interface. Such interfaces are as such well known in the art. This way, presently available computer network protocols can be used and, in particular, already available wiring can be used. However, it is also possible to use different forms of communication, o for example a type of communication which runs over standard power cables.

It is also possible to provide said authorisation unit with at least one verification server module. By this is meant that the functionality of the verification server unit, as detailed above, is included in the authorisation unit itself. In this way, no5 (additional and/or exclusive) verification server unit is necessary. Instead, one (or several) authorisation units of the system's set-up can comprise the functionality of a verification server unit. In this way, the necessary amount of hardware (in particular of specialised hardware) can be reduced. In particular, the decision on whether the authorisation unit (additionally) works as a o verification server can be dependent on the programming of the authorisation unit by the provider of the data stream. According to another preferred embodiment, said data stream is at least in part and/or at least at times a video data stream, in particular a TV signal. Such a data stream requires in particular a flexibility of a type that the presently suggested device(s) and/or method(s) can fulfil, at least to a large extent.

Furthermore, a verification server unit, comprising at least one communication interface for communication with at least one authorisation unit, is suggested, which is provided with at least one storage means for storing at least one verification key, authorising the release of at least one decoding key in at least one authorisation unit. Using such a verification server unit, the features and advantages, already described in connection with the authorisation unit, can also be achieved analogously by the verification server unit. Preferably, the suggested verification server unit will be used in combination with at least one of the already proposed authorisation units. Moreover, the verification server unit can be modified in the sense of the previous description.

Preferably, said verification server unit is designed as a stand-alone unit. This way, the verification server unit can be specifically designed to fulfil its specific task. In particular, the verification server unit can be designed with particularly low power consumption so that the verification server unit can be kept switched on essentially permanently, without causing any undue waste of electrical energy. As already mentioned, it is also possible to integrate the verification server with one (or several) authorisation units. In the present context, the stand-alone unit cannot only comprise the verification server unit as such, but also additional parts like antennas, amplifiers, power supplies, housings or the like.

Furthermore, an access control system for controlling the access to a data stream is suggested, wherein the access control system comprises at least one authorisation unit and/or at least one verification server unit of the previously described type. This way, the access control system can show the already described features and advantages by analogy. Finally, a method for controlling the access to a data stream is suggested, wherein said data stream is transmitted in an encrypted form and decrypted using an authorisation unit, containing at least one decryption key, wherein said decryption key is only released, after said authorisation unit receives a verification signal, preferably emitted by at least one verification server unit. The method for controlling the access to data stream can show the same features and advantages of the previously described authorisation unit and/or verification server unit and/or access control system by analogy. Furthermore, it can be modified in the above described sense. In particular, the data stream can be a video signal.

Preferably, said method is performed in a way that said authorisation unit and/or said verification server unit, used for performing the method, is of a previously described design.

The present invention and its advantages will become more apparent, when looking at the following description of possible embodiments of the invention, which will be described with reference to the accompanying figures, which are showing:

Fig. 1: a first embodiment of an access control system in a schematic view; Fig. 2: a second embodiment of an access control system in a schematic view; Fig. 3: a possible embodiment of a decryption method for pay TV channels.

In Fig. 1 , a first possible embodiment of an access control system 1 , comprising one verification key server 2 and three set-top boxes 3, each provided with a smart card 4 is depicted. The access control system 1 is arranged in the house a subscriber of a TV channel, as an example. The data stream 19 comes in from an external cable network 5 and is distributed inside the house via an in- house antenna cable 6. The in-house antenna cable 6 distributes the data stream 19 to altogether three TV receivers 7 in the presently depicted embodiment. Additionally and/or alternatively, the signal of a satellite antenna or the like could be used and/or a different number of TV receivers 7 could be used.

The data stream 19 on the cable network 5, as well as on the in-house antenna cable 6 is transmitted in encoded/encrypted form, using cryptographic methods (at least some of the transmitted channels, generally the pay-TV channels, are encrypted, while other channels might be transmitted in an "open" format).

Therefore, the three TV receivers cannot be directly connected to the in-house antenna cable 6. Instead, the incoming data signal has to be first decrypted using set-top boxes 3. Standard set-top boxes 3, as they are currently available on the market, are used for the access control system 1. The set-top boxes 3 as such are only able to convert a (non-encrypted) digital signal to a signal suitable for the respective TV receiver 7. They are, however, unable to perform the actual cryptographic decryption. This is due to the fact that the set-top boxes 3 do not contain the necessary decryption keys 24 for doing so. As usual, the decryption keys 24 are provided by inserting a smart card 4 into a receiving slot, provided within the set-top box 3. The smart cards 4 comprise a digital memory 8, in which a set of decryption keys 24 is stored. The exchange of the decryption keys 24 between the smart card 4 and the set-top box 3 is performed via an array of electrical contacts 9 (for example, a contact pad). The electrical contacts 9 can even be a part of an electronic chip, presumably even of the digital memory chip 8. As usual with current pay-TV channels, the decryption keys 24 are dynamic and change frequently, perhaps every 10 seconds or so. Usually, a new decryption key 24 is demanded by including an appropriate signal in the data stream 19 (see also Fig. 3).

The presently shown smart cards 4, however, are set up in a way that a decryption key 24 is not automatically delivered to the set-top box 3 after such a request has been made. Instead, decryption keys 24 are only released after a verification key 29 has been received via the built-in antenna 10. The antenna 10 is a bidirectional antenna, i.e. it can both receive and transmit a signal. The wireless signal is transmitted between the built-in antenna 10 of the smart card 4 and the antenna 11 of the verification key server 2. A single verification key server 2 can serve a plurality of smart cards 4. Thus, communication is established between each of the smart cards 4 and the verification key server 2.

In the presently depicted embodiment, the verification key server 2 is designed as a separate unit, independent of the set-top boxes 3. For practical applications, this is usually a device which needs to be bought separately, and which is - at least at the time of writing - not generally present in a normal household. However, the verification key server 2 can be designed to be independent of the provider of the external cable network 5 and/or of the pay- TV channel. For this, the verification key server 2 provides a receiving slot, into which a verification smart card 12 can be inserted. The verification smart card 12 contains another digital memory 13, in which a plurality of verification keys is stored. The bidirectional communication 25 between the verification smart card 12 and the verification key server 2 can be established by a pad of electrical contacts 9, similar to the pad of electrical contacts 9 on the smart card 4.

If the channel to be received has to be decrypted and the set-top box 3 interrogates its associated smart card 4 to deliver a decryption key 24, the request is initially suspended. Instead, the respective smart card 4 transmits via antennas 10, 11 the request to the verification key server 2, asking for a verification key 29. The verification key 29 will be delivered from the digital memory 13 of the verification smart card 12 and sent back to the smart card 4. After the smart card 4 has received the verification key 29, the release of decryption keys 24 from the digital memory 8 will be allowed for a certain, preset time (or until a time when an external event occurs, for example an appropriate signal in the data stream 19 and/or when the set-top box 3 is switched off). The time interval between consecutive requests for the release of verification keys 29 from the digital memory 13 of the verification smart card 12, will usually be essentially longer than the time interval between consecutive requests for decryption keys 24 from the smart card 4 by the set-top box 3. As a typical example, the time interval between consecutive requests for verification keys 29 can be in the order of hours, days or even weeks. This way, the communication between the smart cards 4 and the verification key server 2 can be significantly diminished. This is, however, not necessarily a breach of the security, since a quite elaborate communication protocol involving even highly elaborate cryptographic algorithms can be used for this purpose. In particular, the decryption keys 24 stored in the digital memory 8 of the smart cards 4 and the verification keys 29 stored in the digital memory 13 of the verification smart card 12 can be completely different. More particularly, a verification key 29 might only be released after a "secure request", using a decryption key 24 from the digital memory 8 of the smart card 4 has been received.

Depending on the time interval between two consecutive requests for verification keys 29, it is even possible that the verification key server 2 can be switched off for relatively long periods.

Additionally or alternatively, a verification request can be made whenever a communication between the smart card 4 and the verification key server 2 can be established (in practical applications, a verification request is performed with a defined frequency), independent of a request for decryption keys 24 from the set-top box 3 to the smart card 4. Such an embodiment can prove to be useful if the verification key server 2 is intended to be switched off relatively often and/or for relatively long periods.

In Fig. 2, another possible embodiment of an access control system 14 is shown in a schematic drawing. The setup of the access control system 14 is quite similar to the setup of the access control system 1 , shown in Fig. 1. Therefore identical reference signs are used for similar parts.

The significant difference between the two access control systems 1 , 14 is that the smart cards 4, 15, as well as the verification smart card 12, 16 are designed differently. Essentially, the antennas 10, 11 are replaced by a data communication link, which uses the normal electrical power wiring of a house. For this, an electric cable 17 extends from each of the smart cards 15 and the verification smart card 16, respectively, and leads to a standard electrical plug 18, which can be plugged into a standard electrical socket (not shown). This electrical connection via cable 17 and plug 18 can be even used for supplying the smart card 15 with electrical power, if necessary. Although the presently shown access control system 14 according to Fig. 2 is based on cable links, no special wiring is necessary for the setup of the access control system 14.

Finally, in Fig. 3 the access control method, used by the access control systems 1, 14 according to Fig. 1 and Fig. 2 (and presumably further varieties of access control systems) is shown in a schematic way. The incoming data stream 19 is first fed into a tuner/demodulator 20, where a certain frequency range is selected from the raw broadband data stream 19. This filtered video stream 21 (which may still be encrypted) is fed to a demultiplexer 22, where the "correct" channel is selected. If the demultiplexer 22 notices that the respective channel is encrypted, a request 23 for supplying a decryption key 24 is sent to the smart card 4 (or 15). The smart card 4 (or 15) will only release a decryption key 24, if it is properly authorised to do so via the verification smart card 12 (or 16). For this, a bidirectional communication 25 is established between the smart card 4 (or 15) and the verification smart card 12.

At the same time, the "correct" TV channel 26 chosen by the demultiplexer 22 is handed over to the decoder 27 . If the decoder 27 is supplied with a correct decryption key (and if the TV channel 26 is encrypted), the output video signal 28 will be converted into an open form by the decoder 27. If1 however, no (or a wrong) decryption key 24 is delivered by the smart card 4, the output video signal 28 will still be encrypted, and therefore not viewable. 1. access control system

2. verification key server

3. set-top box

4. smart card 5. external cable network

6. in-house antenna cable

7. TV receiver

8. digital memory

9. electrical contacts 10. built-in antenna

11. antenna

12. verification smart card

13. digital memory

14. access control system 15. smart card

16. verification smart card

17. electric cable

18. electric plug

19. data stream 20. tuner/demodulator

21. filtered video stream

22. demultiplexer

23. request

24. decryption key 25. bidirectional communication

26. "correct" TV channel

27. decoder

28. output video signal

29. verification key

Claims

C l a i m s
1. Authorisation unit (4), comprising at least one connection means (9) for the connection with at least one decoding unit (3) for decoding a coded data stream (19), at least one verification means comprising at least one storage means (8) for storing at least one decoding key (24), and at least one wireless communication interface (10), characterised by that the at least one verification means communicates with at least one verification server unit (2, 12) via the at least one wireless communication interface
(10).
2. Authorisation unit (4) as claimed in claim 1 , characterised in that said authorisation unit (4) is at least in part designed as a transponder card and/or a chip card and/or a smart card.
3. Authorisation unit (4) as claimed in any of the preceding claims, characterised in that said authorisation unit (4) is suitable for insertion into a set-top box
4. Authorisation unit (4) as claimed in any of the preceding claims, characterised in that said authorisation unit (4) is designed and arranged in a way that said at least one decoding key (24) is only released after an appropriate signal (25) is received by said verification means (8).
5. Authorisation unit (4) as claimed in any of the preceding claims, characterised in that at least one of said wireless communication interfaces (10) is designed as an electronic network interface, in particular as a WLAN interface and/or as a Bluetooth interface and/or as an Ethernet interface.
6. Authorisation unit (4) as claimed in any of the preceding claims, characterised in that it further comprises at least one verification server module (12).
7. Authorisation unit (4) as claimed in any of the preceding claims, characterised in that said data stream (19) is at least in part and/or at least at times a video data stream (19), in particular a pay-TV signal (19).
8. Verification server unit (2, 12), comprising at least one communication interface (11) for communication with at least one authorisation unit (4), more particularly for communication with at least one authorisation unit (4) as claimed in any of the preceding claims, characterised by at least one storage means (13) for storing at least one verification key (29), authorising the release of at least one decoding key (24) in at least one authorisation unit (4).
9. Verification server unit (2, 12) according to claim 8, characterised in that said verification server unit (2, 12) is designed as a stand-alone unit (2).
10. Access control system (1) for controlling the access to a data stream
(19), characterised by at least one authorisation unit (4) according to any of claims 1 to 7 and/or by at least one verification server unit (2, 12) according to claim 8 or 9.
11. Method for controlling the access to a data stream (19), in particular to a video signal (19), wherein said data stream (19) is transmitted in an encrypted form and decrypted using an authorisation unit (4), containing at least one decryption key (24), characterised in that said decryption key (24) is only released, after said authorisation unit (4) receives a verification signal (25), preferably emitted by at least one verification server unit (2, 12).
12. Method according to claim 11, characterised in that said authorisation unit (4) is of a type, as claimed in any of claims 1 to 7 and/or said verification server unit (2, 12) is of a type, as claimed in claim 8 or 9.
PCT/DK2010/000097 2009-06-24 2010-06-19 Access control system WO2010149161A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
DKPA200900778 2009-06-24
DKPA200900778 2009-06-24

Publications (1)

Publication Number Publication Date
WO2010149161A1 true WO2010149161A1 (en) 2010-12-29

Family

ID=42669820

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/DK2010/000097 WO2010149161A1 (en) 2009-06-24 2010-06-19 Access control system

Country Status (1)

Country Link
WO (1) WO2010149161A1 (en)

Cited By (25)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2012103239A3 (en) * 2011-01-27 2012-11-22 Echostar Technologies L.L.C. Determining fraudulent use of electronic devices utilizing matrix codes
WO2012146973A3 (en) * 2011-04-29 2013-01-03 Sky Italia S.R.L. Processing device and method for the generation of a verification code
US8511540B2 (en) 2011-02-18 2013-08-20 Echostar Technologies L.L.C. Matrix code for use in verification of data card swap
US8534540B2 (en) 2011-01-14 2013-09-17 Echostar Technologies L.L.C. 3-D matrix barcode presentation
US8553146B2 (en) 2011-01-26 2013-10-08 Echostar Technologies L.L.C. Visually imperceptible matrix codes utilizing interlacing
US8640956B2 (en) 2010-12-17 2014-02-04 Echostar Technologies L.L.C. Accessing content via a matrix code
US8746554B2 (en) 2011-01-07 2014-06-10 Echostar Technologies L.L.C. Performing social networking functions using matrix codes
US8786410B2 (en) 2011-01-20 2014-07-22 Echostar Technologies L.L.C. Configuring remote control devices utilizing matrix codes
US8833640B2 (en) 2011-02-28 2014-09-16 Echostar Technologies L.L.C. Utilizing matrix codes during installation of components of a distribution system
US8856853B2 (en) 2010-12-29 2014-10-07 Echostar Technologies L.L.C. Network media device with code recognition
US8875173B2 (en) 2010-12-10 2014-10-28 Echostar Technologies L.L.C. Mining of advertisement viewer information using matrix code
US8886172B2 (en) 2010-12-06 2014-11-11 Echostar Technologies L.L.C. Providing location information using matrix code
US8931031B2 (en) 2011-02-24 2015-01-06 Echostar Technologies L.L.C. Matrix code-based accessibility
US9148686B2 (en) 2010-12-20 2015-09-29 Echostar Technologies, Llc Matrix code-based user interface
US9280515B2 (en) 2010-12-03 2016-03-08 Echostar Technologies L.L.C. Provision of alternate content in response to QR code
US9329966B2 (en) 2010-11-23 2016-05-03 Echostar Technologies L.L.C. Facilitating user support of electronic devices using matrix codes
US9367669B2 (en) 2011-02-25 2016-06-14 Echostar Technologies L.L.C. Content source identification using matrix barcode
US9571888B2 (en) 2011-02-15 2017-02-14 Echostar Technologies L.L.C. Selection graphics overlay of matrix code
US9596500B2 (en) 2010-12-17 2017-03-14 Echostar Technologies L.L.C. Accessing content via a matrix code
US9652108B2 (en) 2011-05-20 2017-05-16 Echostar Uk Holdings Limited Progress bar
CN106846555A (en) * 2016-12-12 2017-06-13 国网北京市电力公司 Password input method and device, and smart lock
US9686584B2 (en) 2011-02-28 2017-06-20 Echostar Technologies L.L.C. Facilitating placeshifting using matrix codes
US9736469B2 (en) 2011-02-28 2017-08-15 Echostar Technologies L.L.C. Set top box health and configuration
US9781465B2 (en) 2010-11-24 2017-10-03 Echostar Technologies L.L.C. Tracking user interaction from a receiving device
US9792612B2 (en) 2010-11-23 2017-10-17 Echostar Technologies L.L.C. Facilitating user support of electronic devices using dynamic matrix code generation

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060101526A1 (en) * 2002-06-05 2006-05-11 Jean-Claude Sachot Method, system and terminal for receiving content with authorized access
WO2007037672A1 (en) * 2005-09-30 2007-04-05 Keng Fei Wong A conditional access device
CN101188707A (en) 2007-12-06 2008-05-28 四川长虹电器股份有限公司 Master/slave system and management method for digital TV receiving device
US20080134274A1 (en) * 2004-08-31 2008-06-05 Mike Arthur Derrenberger Configuration Management for Co-Located Network Systems
US20080271107A1 (en) * 2007-04-24 2008-10-30 Matsushita Electric Industrial Co., Ltd. In-home receiving terminal system
US20080301437A1 (en) * 2005-12-13 2008-12-04 Vaccess Method of Controlling Access to a Scrambled Content
US7502473B2 (en) 2004-02-25 2009-03-10 Nagravision S.A. Process for managing the handling of conditional access data by at least two decoders
EP1481548B1 (en) 2002-03-06 2009-03-25 Advanced Digital Broadcast Polska Sp. zo.o. Broadcast network access-management system and method for management of receivers operating within broadcast network

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1481548B1 (en) 2002-03-06 2009-03-25 Advanced Digital Broadcast Polska Sp. zo.o. Broadcast network access-management system and method for management of receivers operating within broadcast network
US20060101526A1 (en) * 2002-06-05 2006-05-11 Jean-Claude Sachot Method, system and terminal for receiving content with authorized access
US7502473B2 (en) 2004-02-25 2009-03-10 Nagravision S.A. Process for managing the handling of conditional access data by at least two decoders
US20080134274A1 (en) * 2004-08-31 2008-06-05 Mike Arthur Derrenberger Configuration Management for Co-Located Network Systems
WO2007037672A1 (en) * 2005-09-30 2007-04-05 Keng Fei Wong A conditional access device
US20080301437A1 (en) * 2005-12-13 2008-12-04 Vaccess Method of Controlling Access to a Scrambled Content
US20080271107A1 (en) * 2007-04-24 2008-10-30 Matsushita Electric Industrial Co., Ltd. In-home receiving terminal system
CN101188707A (en) 2007-12-06 2008-05-28 四川长虹电器股份有限公司 Master/slave system and management method for digital TV receiving device

Cited By (30)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9329966B2 (en) 2010-11-23 2016-05-03 Echostar Technologies L.L.C. Facilitating user support of electronic devices using matrix codes
US9792612B2 (en) 2010-11-23 2017-10-17 Echostar Technologies L.L.C. Facilitating user support of electronic devices using dynamic matrix code generation
US9781465B2 (en) 2010-11-24 2017-10-03 Echostar Technologies L.L.C. Tracking user interaction from a receiving device
US9280515B2 (en) 2010-12-03 2016-03-08 Echostar Technologies L.L.C. Provision of alternate content in response to QR code
US8886172B2 (en) 2010-12-06 2014-11-11 Echostar Technologies L.L.C. Providing location information using matrix code
US8875173B2 (en) 2010-12-10 2014-10-28 Echostar Technologies L.L.C. Mining of advertisement viewer information using matrix code
US9596500B2 (en) 2010-12-17 2017-03-14 Echostar Technologies L.L.C. Accessing content via a matrix code
US8640956B2 (en) 2010-12-17 2014-02-04 Echostar Technologies L.L.C. Accessing content via a matrix code
US9148686B2 (en) 2010-12-20 2015-09-29 Echostar Technologies, Llc Matrix code-based user interface
US10015550B2 (en) 2010-12-20 2018-07-03 DISH Technologies L.L.C. Matrix code-based user interface
US8856853B2 (en) 2010-12-29 2014-10-07 Echostar Technologies L.L.C. Network media device with code recognition
US9092830B2 (en) 2011-01-07 2015-07-28 Echostar Technologies L.L.C. Performing social networking functions using matrix codes
US8746554B2 (en) 2011-01-07 2014-06-10 Echostar Technologies L.L.C. Performing social networking functions using matrix codes
US8827150B2 (en) 2011-01-14 2014-09-09 Echostar Technologies L.L.C. 3-D matrix barcode presentation
US8534540B2 (en) 2011-01-14 2013-09-17 Echostar Technologies L.L.C. 3-D matrix barcode presentation
US8786410B2 (en) 2011-01-20 2014-07-22 Echostar Technologies L.L.C. Configuring remote control devices utilizing matrix codes
US8553146B2 (en) 2011-01-26 2013-10-08 Echostar Technologies L.L.C. Visually imperceptible matrix codes utilizing interlacing
WO2012103239A3 (en) * 2011-01-27 2012-11-22 Echostar Technologies L.L.C. Determining fraudulent use of electronic devices utilizing matrix codes
US9571888B2 (en) 2011-02-15 2017-02-14 Echostar Technologies L.L.C. Selection graphics overlay of matrix code
US8511540B2 (en) 2011-02-18 2013-08-20 Echostar Technologies L.L.C. Matrix code for use in verification of data card swap
US8931031B2 (en) 2011-02-24 2015-01-06 Echostar Technologies L.L.C. Matrix code-based accessibility
US9367669B2 (en) 2011-02-25 2016-06-14 Echostar Technologies L.L.C. Content source identification using matrix barcode
US10015483B2 (en) 2011-02-28 2018-07-03 DISH Technologies LLC. Set top box health and configuration
US9686584B2 (en) 2011-02-28 2017-06-20 Echostar Technologies L.L.C. Facilitating placeshifting using matrix codes
US9736469B2 (en) 2011-02-28 2017-08-15 Echostar Technologies L.L.C. Set top box health and configuration
US8833640B2 (en) 2011-02-28 2014-09-16 Echostar Technologies L.L.C. Utilizing matrix codes during installation of components of a distribution system
US10165321B2 (en) 2011-02-28 2018-12-25 DISH Technologies L.L.C. Facilitating placeshifting using matrix codes
WO2012146973A3 (en) * 2011-04-29 2013-01-03 Sky Italia S.R.L. Processing device and method for the generation of a verification code
US9652108B2 (en) 2011-05-20 2017-05-16 Echostar Uk Holdings Limited Progress bar
CN106846555A (en) * 2016-12-12 2017-06-13 国网北京市电力公司 Password input method and device, and smart lock

Similar Documents

Publication Publication Date Title
US7239704B1 (en) Method and apparatus for recording of encrypted digital data
KR100788629B1 (en) Intelligent transceiving method, device and system
US8213613B2 (en) Device pairing
US7401232B2 (en) Content playback apparatus method and program and key management apparatus and system
US7296162B2 (en) Time validation system
JP4358226B2 (en) Mechanism for remotely controlling the client devices
US7383561B2 (en) Conditional access system
KR100673199B1 (en) Portable digital tv receiving device and method of conditional access
CN100361529C (en) Method and apparatus for securing control words
US20020126844A1 (en) Method for providing a secure communication between two devices and application of this method
CN1171454C (en) Method and apparatus for encrypted data stream transmission
EP1169856B1 (en) A global copy protection system for digital home networks
US6725459B2 (en) Descrambling device for use in a conditional access system
US5029207A (en) External security module for a television signal decoder
EP1097589B1 (en) A conditional access system for broadcast digital television
US20030196113A1 (en) System and method for providing a secure environment for performing conditional access functions for a set top box
KR100838892B1 (en) Method and system for conditional access
US20060031873A1 (en) System and method for reduced hierarchy key management
CN100477782C (en) Method and apparatus for encrypted transmission
EP1449370B1 (en) System and method for hybrid conditional access for receivers of encrypted transmissions
US20050100162A1 (en) System and method for using DRM to control conditional access to DVB content
AU751436B2 (en) Mechanism for matching a receiver with a security module
US7903815B2 (en) Method of identifying multiple digital streams within a multiplexed signal
US7305555B2 (en) Smart card mating protocol
US5627892A (en) Data security scheme for point-to-point communication sessions

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 10728589

Country of ref document: EP

Kind code of ref document: A1

122 Ep: pct application non-entry in european phase

Ref document number: 10728589

Country of ref document: EP

Kind code of ref document: A1