WO2016012940A1 - Diffusion en flux continu d'une émission linéaire vers un dispositif de type tablette - Google Patents

Diffusion en flux continu d'une émission linéaire vers un dispositif de type tablette Download PDF

Info

Publication number
WO2016012940A1
WO2016012940A1 PCT/IB2015/055515 IB2015055515W WO2016012940A1 WO 2016012940 A1 WO2016012940 A1 WO 2016012940A1 IB 2015055515 W IB2015055515 W IB 2015055515W WO 2016012940 A1 WO2016012940 A1 WO 2016012940A1
Authority
WO
WIPO (PCT)
Prior art keywords
arrangement
signal
streaming
renderer
receiver
Prior art date
Application number
PCT/IB2015/055515
Other languages
English (en)
Inventor
Alan John Sullivan
Original Assignee
Altech Multimedia (Pty) Limited
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Altech Multimedia (Pty) Limited filed Critical Altech Multimedia (Pty) Limited
Publication of WO2016012940A1 publication Critical patent/WO2016012940A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/44Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs
    • H04N21/4408Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs involving video stream encryption, e.g. re-encrypting a decrypted video stream for redistribution in a home network

Definitions

  • This invention relates to a system for and a method of locally streaming an input signal received from a remote source to a Tenderer device, such as a tablet, a television set or the like.
  • a Tenderer device such as a tablet, a television set or the like.
  • the invention also relates to a kit comprising streaming devices for use in the system and in the method.
  • a system for locally streaming an input signal which is received from a remote source comprising:
  • a local streaming arrangement comprising at least one semiconductor chip comprising a first memory arrangement comprising a first secure zone comprising at least a first sub- zone; a first receiver for receiving the signal from the remote source; a first processor for executing a transmitting part of a streaming application which is stored in the memory arrangement; a first transmitter forming a first part of a local communications link; and a first cryptographic token which is stored in the first sub-zone of the first secure zone; and
  • a local renderer arrangement comprising a second memory arrangement comprising at least one second secure zone; a second processor for executing a receiving part of the streaming application; a second receiver forming a second part of said local communications link; and a second cryptographic token which is stored in the at least one second secure zone;
  • the streaming arrangement being configured to receive the input signal via the first receiver, cryptographically to protect the received signal utilizing the first encryption token and to transmit via the local communications link the protected signal to the renderer arrangement;
  • the renderer arrangement being configured to receive the protected signal and to process the protected signal utilizing the second cryptographic token, to yield the received signal suitable for rendering on a first renderer device.
  • At least one of the first and second secure zones may comprise or form part of an integrated system on chip (SOC) comprising at least one of tamper-detecting and tamper-evident containment, conductive shield layers in the chip that prevent reading of internal signals, controlled execution to prevent timing delays from revealing any secret information, automatic zeroization of secrets in the event of tampering, chain of trust boot-loader which authenticates an operating system before loading it, chain of trust operating system which authenticates application software before loading it and hardware-based capability registers, implementing a one-way privilege separation model.
  • SOC system on chip
  • the first renderer device may be any suitable renderer device including but not limited to a mobile phone, a tablet, a personal computer and a smart television apparatus.
  • the first renderer device may comprise an Android operating system.
  • At least the second receiver and the second memory arrangement may be housed in a first dongle which is attachable to the first renderer device.
  • attachable is not limited to a physical connection but includes within its scope near field communications (NFC).
  • NFC near field communications
  • the first dongle may removeably be connectable to the renderer device, for example via a USB port.
  • the second memory arrangement, the second processor and the second receiver may be integrated in the first renderer device or housed in a housing of the first renderer device.
  • the local communications link may comprise at least one of a cable extending between the first transmitter and the second receiver and a wireless link extending between the first transmitter and the second receiver.
  • the wireless link may be any suitable link including, but not limited to BlueTooth and WiFi.
  • the streaming may be performed according to any one of a Transport Layer Security (TLS) and Secure Sockets Layer (SSL) cryptographic protocol to provide a first level of security. The aforementioned protection utilizing the first cryptographic token then provides a second level of security.
  • TLS Transport Layer Security
  • SSL Secure Sockets Layer
  • the streaming arrangement may be is housed in a first portable housing.
  • the streaming arrangement may comprise a rechargeable battery.
  • the first receiver may comprise one of a DVB-T, DVBT2, DVB-S and a DVB-S2 receiver.
  • the input signal may be one of a broadcast signal and a multicast signal.
  • the input signal may be one of open and secured with a conditional access system.
  • the input signal may be secured with a key of a conditional access (CA) system and a third cryptographic key which is associated with the key of the CA system may be stored in a second secure sub-zone of the first memory arrangement.
  • CA conditional access
  • the at least one semiconductor chip comprising the first memory arrangement, the first receiver and the first processor for executing the transmitting part of the a streaming application may be housed in a set top box, the set top box may be attachable to a second render device and the first transmitter may be housed in a second dongle which is attachable to the set top box, to be in data communication with the first processor.
  • the set top box may comprise a local mass data storage device for storing media data which is carried by the input signal.
  • a method of locally streaming an input signal received from a remote source utilizing a system comprising a streaming arrangement and a renderer arrangement, the streaming arrangement comprising a first memory arrangement comprising a first secure zone comprising at least a first sub-zone; a first receiver for receiving the signal from the remote source; a first processor for executing a transmitting part of a streaming application stored in the first memory arrangement; a first transmitter forming a first part of a local communications link; and a first cryptographic token which is stored in the first sub-zone of the first secure zone; the renderer arrangement comprising a second memory arrangement comprising at least one second secure zone; a second processor for executing a receiving part of the streaming application which is stored in the second memory arrangement; and a second receiver forming a second part of said communications link, and a second cryptographic token stored in the at least one second secure zone, the method comprising the steps of:
  • the renderer arrangement may be integrated in the first renderer device and the method may comprise pre-storing or updated the second encryption token in the at least one second secure zone of the second memory arrangement by: at a backend, protecting the second encryption token with a protection token or secret which is pre-stored in the renderer device, forwarding the protected second encryption token to the renderer device via the streaming arrangement and on the renderer device, causing the protected second encryption token to be unprotected utilizing the pre- stored token or secret and causing the unprotected or clear second token to be stored in the at least one second secure zone of the second memory arrangement.
  • the first encryption token which is stored in the first sub-zone of the first memory arrangement may be updated in a similar manner from the backend.
  • a streaming device comprising a housing which houses at least one semiconductor chip comprising a memory arrangement comprising a secure zone comprising at least a first sub-zone, a first receiver for receiving an input signal from a remote source, a first processor for protecting the received signal with a first cryptographic token which is stored in said first sub-zone, a transmitter providing a first part of a communications link between the streaming device and a renderer device and the first processor being operative to stream the protected signal via the transmitter to the renderer device.
  • the streaming device may comprise a rechargeable battery and may further comprise a suitable connection on its housing, so that the battery may be connected to mains power to be recharged.
  • a device which is attachable to a renderer device, the device comprising a memory arrangement comprising at least one secure zone; a processor for executing a receiving part of a streaming application; a receiver forming a receiving part of a communications link; and a cryptographic token which is stored in the at least one secure zone; the device being configured to receive via the communications link a signal which is protected by a first cryptographic token and to process the protected signal utilizing said stored cryptographic token, to yield the input signal for rendition on the renderer device.
  • the invention also extends to a kit comprising a streaming device as above defined and at least one device as defined above.
  • the invention still further extends to a computer readable medium storing a computer program configured to perform the method defined above.
  • the medium may form part of the streaming device.
  • figure 1 is a high level diagrammatic representation of a first example embodiment of a system for streaming a linear broadcast to a renderer device, such as a tablet;
  • figure 2 is a diagrammatic representation of a second embodiment of the system
  • FIG. 3 is a more detailed block diagram of the system
  • figure 4 is a high level diagrammatic representation of a further example embodiment of the system.
  • FIG. 5 is a more detailed block diagram of the further example embodiment.
  • FIG 6 is a more detailed diagram illustrating processing of a received conditional access (CA) protected input signal.
  • CA conditional access
  • One example embodiment of a system for locally streaming to a renderer device 14 an open, alternatively secure input signal (such as signal 50) received from a remote source is generally designated by the reference numeral 10 in figures 1 to 3.
  • This example embodiment of the system comprises a portable, at least temporarily self-powered and stand-alone streaming device 12 and said renderer device 14, typically a hand-held device, which is separate from the steaming device.
  • the streaming device is a stand-alone device with a local rechargeable battery
  • the renderer device is a tablet comprising a screen 16.
  • the streaming device 12 is in the form of a docking station which may be connectable to mains power and said tablet 14 is removably receivable in the docking station, so that a battery of the tablet 14 may be recharged.
  • the streaming device may be removably fittable in a vehicle, to serve portable renderer devices which are distributed in the vehicle.
  • the streaming device 12 comprises a first housing 20 which houses at least one semiconductor chip or system on chip (SOC) 22 comprising a first processor controlled controller 24 and a first memory arrangement 26 comprising a trusted secure zone 28 comprising at least a first sub-zone 28.1 and a second sub-zone 28.2.
  • the first processor is configured to execute a transmitter part of a streaming application which is stored in the first memory arrangement.
  • a first receiver 30 for receiving a linear broadcast signal 50 is connected to the controller.
  • a wireless transceiver 32 Also connected to the controller 24 is a wireless transceiver 32 providing a first part of a secure bi-directional wireless link 34 between the streaming device 12 and the renderer device 14.
  • the streaming device also comprises the rechargeable battery 35 which is chargeable via a USB port 36, for example.
  • the renderer device 14 comprises a second housing 40 which is different from the first housing 20 and which second housing comprises the screen 16, a second memory arrangement 42 and a second processor 44 for executing a receiving part of the streaming application which is stored in the second memory arrangement.
  • the renderer device may comprise an Android operating system and the streaming application will then be an Android application.
  • At least a first cryptographic token 38.1 associated with the secure wireless link 34 is stored in the first trusted sub-zone 28.1 .
  • Another cryptographic token 38.2 associated with a secure broadcast signal 50 may be stored in the second trusted sub-zone 28.2 of the trusted secure zone 28 of the first memory arrangement 28 of the streaming device 12.
  • a second receiver 46 providing a second part of the wireless link 34 forms part of the renderer device 14.
  • the security for the link is provided by a first dongle 48 which may be attached to the renderer device, by plugging it in or otherwise interfacing with the renderer device such as via NFC.
  • the ⁇ 2 dongle comprises an interface 54 cooperating with interface 52 on the tablet 14.
  • the dongle further comprises a second processor 56 and a second memory arrangement 58 comprising a trusted secure zone 58.1 where a second cryptographic token 60 associated with the secure link and the first token 38.1 is stored, to provide the secure link 34.
  • the streaming device 12 is configured locally to stream a received linear broadcast signal 50 received from a head-end (not shown) in real time to the renderer device 14 utilizing the at least one first token 38.1 in the first sub-zone 28.1 and the second token 60 on the dongle to provide said secure wireless link 34.
  • the tokens 38.1 and 60 may be stored in the secure zones upon manufacture, and if necessary may be updated on line from a central management system, as more fully described in South African patent application 2014/06806 entitled "Set-top box having media player and home management operating domains with respective service keys", the contents of which are incorporated herein by this reference.
  • the renderer device in the example embodiments is a tablet, it may also be any other suitable device, including but not limited to a mobile phone, a personal computer and a smart television apparatus.
  • the wireless link 34 may be any suitable link including, but not limited to BlueTooth and WiFi.
  • the streaming may be performed according to any one of a Transport Layer Security (TLS) and Secure Sockets Layer (SSL) cryptographic protocol to provide communication security.
  • TLS Transport Layer Security
  • SSL Secure Sockets Layer
  • the link may be provided by physical cables between the streaming device and one or more renderer devices.
  • the first receiver 30 may be any one of a DVB-T, DVB-T2, DVB-S and DVB-S2 or similar receivers.
  • the input signal may be broadcast signal 50 such as a satellite broadcast or a digital terrestrial broadcast signal.
  • the input signal may be a multicast signal 102 according to Internet Protocol.
  • the signal may be open, alternatively secured, for example according to any suitable conditional access (CA) system.
  • CA conditional access
  • the above other cryptographic token 38.2 which is stored in the second trusted sub-zone 28.2 of the secure region of the first memory arrangement 28 may be associated with the CA system.
  • FIGS 4 to 6 there is shown another example embodiment of the system for locally streaming an input signal received from a remote source, but designated 100.
  • the input signal may be a linear broadcast signal as stated above and/or a multicast signal 102 received via the internet.
  • the system comprises a streaming arrangement 104 and a renderer arrangement 106. More particularly referring to figure 5, the streaming arrangement 104 comprises at least one semiconductor chip comprising a memory arrangement 128 comprising a secure zone comprising at least a first secure sub-zone 128.1 and a second secure sub-zone 128.2.
  • the arrangement may comprise a first receiver 130 for receiving a broadcast signal from a remote head-end and a first processor controlled controller 124 for executing a transmitting part of the streaming application which is stored in the memory arrangement 128.
  • a first wireless transceiver 132 forms a first part of a local wireless link 134.
  • a receiver part of the first transceiver 132 may also act as a receiver for the multicast signal 102.
  • At least one first cryptographic token 138.1 is stored in the first sub-zone 128.1 of the secure zone of memory arrangement 128.
  • the renderer arrangement 106 comprises a second memory arrangement 158 comprising at least one secure zone 158.1 , a second processor 156 for executing a receiving part of the streaming application, a second wireless transceiver 146 forming a second part of said wireless link 134 and at least one second cryptographic token 160 which is stored in the at least one secure zone 158.1 .
  • the streaming arrangement 104 is configured to receive an input signal 150 or 102, cryptographically to protect the received signal utilizing the at least one first encryption token 128.1 and to transmit via the wireless link 134 the protected signal in real time to the renderer arrangement 106.
  • the renderer arrangement 106 is configured to receive the protected signal and to process the protected signal utilizing the at least one second cryptographic token 160, to yield the received signal suitable for display on a screen 162 of television 164.
  • the controller 124, first memory arrangement 128 and broadcast receiver 130 may form part of a set-top box (STB) 170.
  • the set top box may be connectable to another television set 172 in known manner.
  • the secure part of the memory arrangement may be provided by a SOC and/or a smart card 174 hosted by the STB.
  • the transceiver 132 may be located in a second dongle 176 which may be brought into data communication with the STB.
  • the receiver part of the transceiver 132 may serve as the receiver for the input multicast signal 02.
  • the second processor 156, second transceiver 146 and the second memory arrangement 158 may be housed in the first dongle 178 which first dongle may be brought into data communication with the television 162.
  • the second dongle 178 may for example be plugged into the television 162.
  • the input signal 150 or 102 may be protected in known manner at the remote source by a suitable CA system.
  • Said other token 138.2 which is stored in the second trusted sub-zone 128.2 of the set-top box 170, is used by the controller 124 of the set-top box to process in know manner the CA protected input signal 150 or 102 at 180 to yield plain text media data.
  • the controller may feed the plain text media data in known manner to the television 172 for rendering by the television.
  • the controller may cause the media data to be stored locally on a mass data storage device, such as a hard disc 188 and drive hosted by the STB 170.
  • Hard disc 188 may also comprise other memory arrangements such as but not limited to a solid state drive SSD. Before the data is so stored, it may cryptographically be protected at 190 by encryption utilizing any suitable technology, such as AES or DES, for example. Further alternatively or in addition, at 192, the data may cryptographically be protected utilizing said first encryption token 138.1 which is stored in the first trusted sub-zone 128.1 of the set-top box 170.
  • the protected data is then streamed via transceiver 132 of the second dongle 176 to the Tenderer arrangement 106 as described above.
  • the protected data is processed or decrypted utilizing the second cryptographic token 160, which is stored in the trusted sub-zone 158.1 of the second dongle 178.
  • the processed signal is then fed to the television 164 where it is rendered on screen 162. l be appreciated that media data which is pre-stored on hard drive 188bove described may, after decryption at 194, similarly be protected at and securely streamed at any other suitable time to device 164.

Landscapes

  • Engineering & Computer Science (AREA)
  • Multimedia (AREA)
  • Signal Processing (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)

Abstract

L'invention concerne un système (10) de diffusion en flux continu locale d'un signal d'entrée (50) qui est reçu d'une source distante, le système comprenant un agencement (12) de diffusion en flux continu comprenant une mémoire comprenant une zone sécurisée (28) comprenant une sous-zone (28.1) ; un récepteur (30) pour la réception du signal ; un processeur (24) pour l'exécution d'une partie émettrice d'une application de diffusion en flux continu ; un émetteur (32) formant une première partie d'une liaison de communication locale (34) ; et un jeton cryptographique (38.1) qui est conservé dans la sous-zone (28.1). Un agencement de rendu (14) comprend une mémoire (58) comprenant une zone sécurisée (58.1) ; un processeur (56) pour l'exécution d'une partie réceptrice de ladite application ; un récepteur (46) formant une seconde partie de la liaison ; et un jeton cryptographique (60) qui est conservé dans la seconde zone sécurisée. L'agencement de diffusion en flux continu est configuré pour recevoir le signal par le biais du récepteur (30), pour protéger le signal utilisant le jeton (38.1) et pour émettre par la liaison le signal protégé vers l'agencement de rendu. L'agencement de rendu est configuré pour recevoir le signal protégé et pour traiter le signal protégé au moyen du jeton (60), pour produire le signal reçu.
PCT/IB2015/055515 2014-07-21 2015-07-21 Diffusion en flux continu d'une émission linéaire vers un dispositif de type tablette WO2016012940A1 (fr)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
ZA201405357 2014-07-21
ZA2014/05357 2014-07-21
ZA201407977 2014-10-31
ZA2014/07977 2014-10-31

Publications (1)

Publication Number Publication Date
WO2016012940A1 true WO2016012940A1 (fr) 2016-01-28

Family

ID=54197009

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2015/055515 WO2016012940A1 (fr) 2014-07-21 2015-07-21 Diffusion en flux continu d'une émission linéaire vers un dispositif de type tablette

Country Status (1)

Country Link
WO (1) WO2016012940A1 (fr)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5473692A (en) * 1994-09-07 1995-12-05 Intel Corporation Roving software license for a hardware agent
US20030221100A1 (en) * 2002-05-24 2003-11-27 Russ Samuel H. Apparatus for entitling remote client devices
US20080307224A1 (en) * 2006-07-31 2008-12-11 Oberthur Card Systems Sa Removable Secure Portable Electronic Entity Including Means for Authorizing Deferred Retransmission

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5473692A (en) * 1994-09-07 1995-12-05 Intel Corporation Roving software license for a hardware agent
US20030221100A1 (en) * 2002-05-24 2003-11-27 Russ Samuel H. Apparatus for entitling remote client devices
US20080307224A1 (en) * 2006-07-31 2008-12-11 Oberthur Card Systems Sa Removable Secure Portable Electronic Entity Including Means for Authorizing Deferred Retransmission

Similar Documents

Publication Publication Date Title
CN101454783B (zh) 用于芯片上系统器件中数据通路安全的系统和方法
US9479825B2 (en) Terminal based on conditional access technology
JP5773179B2 (ja) 複数の暗号解読モードを有するtv受信機装置
US9344747B2 (en) Mobile payTV DRM architecture
US8856515B2 (en) Implementation of robust and secure content protection in a system-on-a-chip apparatus
US11259065B2 (en) Securely paired delivery of activation codes between removable and integrated security processors
CN105409234A (zh) 用于执行输送i/o的系统及方法
RU2016140477A (ru) Способ авторизации актуализации программного обеспечения в транспортном средстве и транспортное средство
US20110099591A1 (en) Secure wireless pairing of digital tv short-range transmitter and receiver
CN104951706B (zh) 用于存储内容的方法和装置
KR20140019846A (ko) 보호 컨텐츠로의 액세스를 제어하는 시스템 및 방법
CN109690537A (zh) 用于解密和呈现内容的系统
CN103004219A (zh) 用于防止传送的视频数据的篡改的系统和方法
US11308242B2 (en) Method for protecting encrypted control word, hardware security module, main chip and terminal
EP3560212B1 (fr) Sécurisation de la transmission d'un contenu, d'une carte à puce d'un récepteur de télévision hôte à un récepteur de télévision client
KR102100456B1 (ko) 전자장치에서 디지털 저작권 관리 서비스를 제공하기 위한 장치 및 방법
KR101280740B1 (ko) 디코딩 유닛 내의 오디오/비디오 컨텐츠에 대한 액세스를 보호하는 방법
US8306222B2 (en) Removable secure portable electronic entity including means for authorizing deferred retransmission
WO2016012940A1 (fr) Diffusion en flux continu d'une émission linéaire vers un dispositif de type tablette
WO2015008252A1 (fr) Système de réception et de décryptage de contenu multimédia
DE102014203050B4 (de) Mobil-Bezahlfernsehen-DRM-Architektur
CN202679539U (zh) 一种数字电视信号转发装置及数字电视收看系统
KR20120064764A (ko) 원격 자격처리모듈 통합처리 장치
KR20080050060A (ko) 방송수신장치 및 그의 보안방법
CN201967025U (zh) 带内容保护的数字广播电视接收装置

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15770642

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15770642

Country of ref document: EP

Kind code of ref document: A1