WO2016016840A1 - Media player device serving as hub or gateway for home automation - Google Patents

Media player device serving as hub or gateway for home automation Download PDF

Info

Publication number
WO2016016840A1
WO2016016840A1 PCT/IB2015/055774 IB2015055774W WO2016016840A1 WO 2016016840 A1 WO2016016840 A1 WO 2016016840A1 IB 2015055774 W IB2015055774 W IB 2015055774W WO 2016016840 A1 WO2016016840 A1 WO 2016016840A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
communications path
backend
actuator
master device
Prior art date
Application number
PCT/IB2015/055774
Other languages
French (fr)
Inventor
Alan John Sullivan
Shirley Elspeth SCHWIKKARD
Marius Marais
Original Assignee
Altech Multimedia (Pty) Limited
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Altech Multimedia (Pty) Limited filed Critical Altech Multimedia (Pty) Limited
Publication of WO2016016840A1 publication Critical patent/WO2016016840A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/2803Home automation networks
    • H04L12/283Processing of data at an internetworking point of a home automation network
    • H04L12/2834Switching of information between an external network and a home network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/41Structure of client; Structure of client peripherals
    • H04N21/4104Peripherals receiving signals from specially adapted client devices
    • H04N21/4131Peripherals receiving signals from specially adapted client devices home appliance, e.g. lighting, air conditioning system, metering devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/41Structure of client; Structure of client peripherals
    • H04N21/422Input-only peripherals, i.e. input devices connected to specially adapted client devices, e.g. global positioning system [GPS]
    • H04N21/4227Providing Remote input by a user located remotely from the client device, e.g. at work
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/436Interfacing a local distribution network, e.g. communicating with another STB or one or more peripheral devices inside the home
    • H04N21/43615Interfacing a Home Network, e.g. for connecting the client to a plurality of peripherals
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/44Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream, rendering scenes according to MPEG-4 scene graphs
    • H04N21/4405Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream, rendering scenes according to MPEG-4 scene graphs involving video stream decryption

Definitions

  • This invention relates to a user station automation system, a master device for the user station and a method of exchanging data with the user station.
  • asset or “assets” shall mean content in the form of media including but not limited to audio, still images, text, animation, video, and multimedia which may be a combination of any of the aforementioned such as audio visual and interactivity content forms.
  • a user station automation system comprising:
  • a master device comprising:
  • a receiver for receiving from a remote central backend via a first communications path assets which are protected with a first cryptographic token
  • processor connected to the first transceiver and configured to utilize the second cryptographic token to decrypt the selected asset for play-out on a renderer device, which is connected or connectable to the master device;
  • a second transceiver which is connectable via a local communications path to the at least one of a sensor device and an actuator device.
  • the first communications path may comprise one of a multicast link and a broadcast link, such as a satellite link and a digital terrestrial link and the second communications path preferably supports Internet Protocol.
  • the first communications path and the second communications paths may be different.
  • the local communications path may comprise one of a cable and a wireless link.
  • Each of the second communications path and the local communications path may be a secure path.
  • the security for the local communications path may be provided by a third cryptographic token which is associated with and stored in the master device and an associated fourth cryptographic token which is stored in the at least one of a sensor device and actuator device and data communications via the local may be protected utilizing one of the third and fourth cryptographic tokens.
  • the master device may be associated with a user interface.
  • the user interface may comprise at least one of a) a monitor of the renderer device and an input device and b) a mobile device comprising a monitor and an input device.
  • the mobile device and the at least one of a sensor device and an actuator device may be paired or otherwise associated with the master device and registered as such at the backend.
  • a command intended for the at least one of a sensor device and an actuator device may be generated at the mobile device and transmitted to the at least one of a sensor device and an actuator device via a secure path between the mobile device and the backend, the secure second communications path, master device and the secure local communications path.
  • the security for the path between the mobile device and the backend may also be provided by encryption tokens, as herein described.
  • a master device for a user station automation system comprising: - a receiver for receiving from a remote central backend via a first communications path assets which are protected with a respective first cryptographic token;
  • processor connected to the first transceiver and configured to utilize the received second cryptographic token to decrypt the selected asset for play-out on a renderer device, which is connected or connectable to the master device;
  • a second transceiver which is connectable via a local communications path to at least one of a sensor device and an actuator device which forms part of the automation system at the user station.
  • the master device may comprise a controller which is connected to the receiver, the first transceiver, the second transceiver and the mass data storage device.
  • the controller may be one of a central controller and a controller distributed in the master device.
  • the receiver may be a broad bandwidth receiver for cooperating with the first communications path, which may comprise a broad bandwidth link and which may be one of a multicast link and a broadcast link, such as a satellite link and a digital terrestrial link.
  • the first transceiver may comprise a narrower bandwidth receiver for cooperating with the second communications path, which may comprise a narrower bandwidth link to the backend.
  • the second communications path may comprise any one of, but not limited to, an Asymmetric Digital Subscriber Line (ADSL), Global System for Mobile (GSM) communications link, 3G, 4G and LTE preferably utilizing Internet Protocol (IP).
  • ADSL Asymmetric Digital Subscriber Line
  • GSM Global System for Mobile
  • 3G, 4G and LTE preferably utilizing Internet Protocol (IP).
  • IP Internet Protocol
  • the mass data storage device may comprise a hard disc and drive and/or a solid-state drive.
  • a method of exchanging data with a user station comprising a master device comprising a local data storage device and at least one of a sensor device and an actuator device which is connected to the master device, the master device being associated with a user interface and being in communication with a backend via a first communications path and a second communications path and being connected to the at least one of a sensor device and an actuator device by a local communications path, the method comprising, at the backend:
  • the first data may be received from the at least one of a sensor device and an actuator device and the second data may comprise the first data and may be forwarded to the user interface.
  • the at least one of a sensor device and an actuator device may comprise a camera
  • the first data may comprise image data captured by the camera
  • the second data may be caused to be displayed on a monitor of the user interface.
  • the first data may be received from the user interface and the second data may comprise response data to the first data which may be received by the backend from another source and wherein the second data may then be forwarded to the master device or the at least one of a sensor device and an actuator device.
  • the at least one of a sensor device and an actuator device may comprise a switch, the first data may be received from the user interface and may comprise command data to change a state of the switch and the second data may be forwarded to the actuator device and may comprise the command data.
  • At least one of the first data and the second data may be caused to be forwarded in cryptographic protected form between at least one of a) the backend and the master device, b) the master device and at least one of a sensor device and an actuator device and c) the mobile user interface and the backend.
  • the invention also includes within its scope a method of exchanging data with a user station comp sing a master device and at least one of a sensor device and an actuator device which is connected to the master device, the master device being associated with a mobile user interface (Ul) and being in communication with a backend via a communications path and being connected to the at least one of a sensor device and an actuator device by a local communications path, the method comprising, at the backend:
  • a computer program stored on a medium and configured, when executed by a processor or processors at the backend, to perform any of the above methods.
  • an automation system 1 1 for a user station such as a home 12.
  • the automation system 1 1 comprises at least one of a sensor device 54.1 to 54. n and an actuator device 56.1 to 56. n at the user station 12.
  • a local master device 10 at the user station comprises a receiver 16 for receiving from a remote central backend 18 via a first communications path 20 assets which are protected with a first cryptographic token and a mass storage device 22 for storing the protected assets in the received protected form.
  • a first transceiver 24 is provided for receiving from the backend via a second communications path 26 a second cryptographic token which is required to decrypt a user selected one of the pre-stored protected assets.
  • a decrypter 28 is connected to the first transceiver and is configured to utilize the second cryptographic token to decrypt the selected asset for play-out on a Tenderer device 14, which is connected or connectable to the master device.
  • a second transceiver 50 is connectable via a local communications path 51 to the at least one of a sensor device and an actuator device.
  • the master device 10 forms part of a local asset rendering system 13, also comprising the renderer device, such as a television apparatus 14 comprising a monitor, for making secure assets available at the user station.
  • the renderer device 14 may also comprise any one or more of, but not limited to, a tablet, a personal computer, a laptop computer and a smart hand held device, such as a smart mobile phone.
  • the master device 10 comprises the receiver 16 for receiving from the central backend 18 via the first and broad bandwidth communications path 20 files comprising the protected assets.
  • the master device further comprises the mass data storage device 22, for example a hard disc and drive and/or solid-state drive, for pre-storing in bulk the received protected assets, before they are rendered as herein described.
  • Each protected asset may be cryptographicaiiy protected or encrypted by a respective key or token, such as, but not limited to, a Digital Rights Management (DRM) key.
  • DRM Digital Rights Management
  • the master device 10 further comprises the first transceiver 24 for receiving from the backend 18 via the second communications path 26, which in the example embodiment is different from the first communications path 20, a decryption key or token required to decrypt a user selected one of the pre-stored protected assets.
  • the second path preferably is secure path.
  • Cryptographic tokens stored at the backend and the master device may be used to provide at least part of the security.
  • the master device further comprises the decrypter 28 connected to the first transceiver 24 via a controller 15 and configured to utilize the received token to decrypt the selected pre-stored asset for play-out on the renderer device 14.
  • the master device is in the form of a set-top box.
  • a device similar to master device 10 and the sensor and actuator devices connected thereto may be located at each of a plurality of distributed user stations and so that the remote backend functions as a central backend serving all the user stations, as herein described.
  • the first communications path 20 is a broad bandwidth path (typically faster than 10 Mbits/s) and may comprise a satellite link and/or digital terrestrial link.
  • the receiver 16 is configured to cooperate with the link to receive files with the protected assets
  • the second communications path 20 may be a smaller bandwidth path and may be provided by a narrower bandwidth link, including but not limited to any one of an Asymmetric Digital Subscriber Line (ADSL), a Global System for Mobile (GSM) communications link, 3G, 4G and LTE, preferably utilizing Internet Protocol (IP).
  • the transceiver 24 is configured to transmit data from the master device 10 via this second communications path to the backend 18 and to receive via this second communications path data from the backend 18.
  • the master device 10 is preferably permanently connected to the backend via the second communications path or at least intermittently connectable as and when data is to be transmitted or received.
  • the master device 10 is associated with a user interface (Ul) comprising an input device 30, such as an infrared or radio frequency remote control unit (RCU), comprising an alphanumeric keypad 32, and a graphical component (GUI) which may be provided on the monitor 34 of the renderer device 14.
  • an input device 30 such as an infrared or radio frequency remote control unit (RCU)
  • RCU radio frequency remote control unit
  • GUI graphical component
  • the user is enabled to select one of the pre-stored assets.
  • the user is prompted to enter data relating to her selection, including transaction data, via the keypad and that data is transmitted by transceiver 24 via second communications path to the backend 18.
  • the data received is processed and if the data received comply with certain rules, the backend forwards via the second communications path 26 to the master device 10, the decryption key or token required to decrypt the selected asset.
  • the received key is utilized by decrypter 28 to decrypt the selected asset and to render same on device 14.
  • the assets may be protected according to a Digital Rights Management (DRM) system or technology.
  • the DRM system or technology may be Microsoft (MS) PlayReady and standard MS PlayReady decryption software may be used at the decrypter 28 to decrypt the protected asset.
  • the master device 10 comprises a second transceiver 50 which is in data communication via a local communications path 51 with the at least one of a sensor device 54.1 to 54. n and an actuator device 56.1 to 56. n.
  • the local communications path may be provided by cable
  • the second transceiver comprises a radio frequency transceiver and the path is a wireless path.
  • the transceiver may support the ZigBee specification, which is based on the IEEE 802.15 standard.
  • the second transceiver 50 and path 51 hence may form part of a local network 52 at the user station supporting user station or home automation.
  • the network may be a meshed network.
  • the sensor device 54.1 may be installed at the user station to cooperate with utility meter 58, such as an electricity meter, to sense metering by the latter and configured to transmit the sensed data via the network 52 to the second transceiver 50 of the master device 10.
  • Other sensor devices 54.2 to 54. n may cooperate with other suitable sensors, such as mounted security camera 68 and movement, heat, sound, magnetic, proximity sensors, etc (not shown).
  • the sensed data may be processed locally by controller 15 and data, such as data relating to present rate of utility consumption and/or total consumption over a predetermined period and/or utility units left for a predetermined period, may be rendered in human perceivable form and in real time on renderer device 14.
  • data may at the user's request, which is entered via the Ul, be displayed in a window on the monitor 34, while the above protected asset is rendered.
  • the master device operates in the aforementioned manners in parallel to other concurrent tasks, such as the receiving and/or rendering of assets as aforesaid and is hence configured to multi-task.
  • the master device 10 may operate as a gateway and first data comprising the sensed data or user generated data may be transmitted by the master device 10 via first transceiver 24 and the second communications path 26, which may be secure, to the backend 18 for central processing and/or storage. Second data comprising the centrally processed data or response data to the first data may be transmitted by the backend via the second communications path 26 to the master device for display in a human perceivable form. Again the data may be displayed in a window on the monitor 34, while the above protected asset is rendered.
  • the actuator devices 56.1 to 56. n cooperate with controllable devices such as electrically operable locks, switches or relays for temperature and/or air flow and/or lighting systems, valves, motors including for pumps, water heaters etc.
  • the controller 1 5 may be configured, upon a command being entered by the user via the RCU and the GUI on monitor 34 to transmit a signal to an addressed actuator device 56.1 to operate its associated switch 60 to switch off or on a pump 62 for a swimming pool, for example.
  • the controller may be configured in response to locally processed sense data or centrally processed sense data to operate the switch 64 via actuator device 56. n for water heater 66 or any other switch or relay.
  • each of the sensor devices 54.1 to 54. n and each of the actuator devices 56.1 to 56. n is issued with a respective unique cryptographic token which is stored locally on the sensor device and actuator device, as the case may be.
  • the devices may be paired or otherwise associated with the master device 10 which also has at least one unique token for communications on the network 52 with the devices.
  • the sensor and actuator devices, master device and their associated tokens are associated with one another and/or the user and/or the user station, and are so registered at the backend 18. This feature enables the backend 18 to test the authenticity of the sensor and actuator devices and also the master device. Furthermore, it enables the backend 18 and/or the master device 10 to address any selected sensor or actuator device securely.
  • the system may further comprise one or more mobile devices, such as the smart mobile phone 70, for example, which may serve as a remote Ul.
  • the mobile device 70 may be used to receive data and/or to transmit data to the user station from a location remote from the user station.
  • the mobile device 70 may be paired or otherwise associated with the local master device 10 and so registered at the backend 18, so that the backend knows that the mobile device 70 is an authorized mobile device in respect of master device 10 and/or the user station.
  • the user is enabled to communicate with the backend 18 and local master device 10 via a real-time communications path.
  • the path between the mobile device and the backend may also be a secure path and the security may at least be provided by cryptographic tokens as explained above in respect of the local communications path and the second communications path.
  • the mobile device 70 may be used to enable the user, from a location remote from the user station 10, selectively to view data which is sensed by any one of sensor devices 54.1 to 54. n.
  • the user may use an application executing on the device 70 to generate a request to be provided on the monitor of device 70 with images that are captured by a security camera 68 at the user station.
  • the request is forwarded via the backend 18 to the master device.
  • the master device obtains the image data from the relevant sensor device.
  • the data preferably relating to moving images, is fed via sensor device 54. n and secure network 52 to the second transceiver 50. From the master device 10 the data is forwarded securely via transceiver 24 and second communications path 26 to the backend 18.
  • the backend can determine from the above registration data that the mobile device 70 is an authorized device which is associated with user station 12 and/or master device 10, the backend causes the requested data to be forwarded in secure manner to the mobile device 70, where it is rendered in real time on a monitor of the device.
  • the above registration and secure data transmission and associated tokens are used to ensure that the data is not sent to an unauthorized device or susceptible to interception and or interference with by unauthorized parties.
  • the mobile device 70 may enable the user to operate any one of actuator device 56.1 to 56. n from a location remote from the user station 12.
  • the user may use the application executing on the device 70 to generate a command to operate a switch 60 or 64 at the user station.
  • the command is forwarded securely to the backend 18.
  • the backend based on the above registration data, is in a position to authenticate that the switch is at the user station 10 and connected to the master device 10, which are associated with the device 70.
  • the command is then forwarded securely via the second communications path to the master device 10 and via transceiver 50 and the secure local path 51 of secure network 52 to the actuator device 56.1 or 56. n.
  • the actuator device operates the switch in accordance with the command.
  • the backend 18 need not be involved in data communications between the master device and the Ul.
  • the backend 18 is preferably involved at least as an authentication mechanism, to supplement the security provided by the secure communications paths 26 and 51 .

Abstract

An automation system 1 1 comprises at least one of a sensor device 54.1 to 54. n and an actuator device 56.1 to 56. n at the user station 12. A master device 10 comprises a receiver 16 for receiving from a remote backend 18 via a first communications path 20 assets which are protected with a first cryptographic token and a mass data storage device 22 for storing the protected assets. A first transceiver 24 is provided for receiving from the backend via a second communications path 26 a second cryptographic token which is required to decrypt a user selected one of the pre- stored assets. A decrypter 28 is connected to the first transceiver and is configured to utilize the second cryptographic token to decrypt the selected asset for play-out on a renderer device 14. A second transceiver 50 is connectable via a local communications path 51 to the at least one of the sensor devices and actuator devices.

Description

MEDIA PLAYER DEVICE SERVING AS HUB OR GATEWAY FOR HOME AUTOMATION
INTRODUCTION AND BACKGROUND
This invention relates to a user station automation system, a master device for the user station and a method of exchanging data with the user station.
User station or home automation systems are known. However, it may be required by the user of such a system to be able, at locations which are remote from the home, to send command data to or to receive monitoring data from the home. In at least these situations or applications, reliability and security are problematic. Furthermore, systems for making media data available at a user station are also known. However, in regions of the world where there is poor internet connectivity, access to premium content on demand is problematic, both in terms of bandwidth and security. OBJECT OF THE INVENTION
Accordingly, it is an object of the present invention to provide an automation system for a user station, a master device for the user station and a method of exchanging data with the user station with which the applicant believes the aforementioned disadvantages and/or shortcomings may at least be alleviated or which may provide a useful alternative for the known systems, devices and methods. SUMMARY OF THE INVENTION
In this specification, unless the context otherwise indicates, the terms "asset" or "assets" shall mean content in the form of media including but not limited to audio, still images, text, animation, video, and multimedia which may be a combination of any of the aforementioned such as audio visual and interactivity content forms.
According to the invention there is provided a user station automation system comprising:
- at least one of a sensor device and an actuator device at the user station;
- a master device comprising:
- a receiver for receiving from a remote central backend via a first communications path assets which are protected with a first cryptographic token;
- a mass data storage device for storing the received protected assets in the received protected form;
- a first transceiver for receiving from the backend via a second communications path a second cryptographic token which is required to decrypt a selected one of the protected assets;
- a processor connected to the first transceiver and configured to utilize the second cryptographic token to decrypt the selected asset for play-out on a renderer device, which is connected or connectable to the master device; and
- a second transceiver which is connectable via a local communications path to the at least one of a sensor device and an actuator device.
The first communications path may comprise one of a multicast link and a broadcast link, such as a satellite link and a digital terrestrial link and the second communications path preferably supports Internet Protocol.
The first communications path and the second communications paths may be different.
The local communications path may comprise one of a cable and a wireless link.
Each of the second communications path and the local communications path may be a secure path.
The security for the local communications path may be provided by a third cryptographic token which is associated with and stored in the master device and an associated fourth cryptographic token which is stored in the at least one of a sensor device and actuator device and data communications via the local may be protected utilizing one of the third and fourth cryptographic tokens. The master device may be associated with a user interface. The user interface may comprise at least one of a) a monitor of the renderer device and an input device and b) a mobile device comprising a monitor and an input device. The mobile device and the at least one of a sensor device and an actuator device may be paired or otherwise associated with the master device and registered as such at the backend.
A command intended for the at least one of a sensor device and an actuator device may be generated at the mobile device and transmitted to the at least one of a sensor device and an actuator device via a secure path between the mobile device and the backend, the secure second communications path, master device and the secure local communications path. The security for the path between the mobile device and the backend may also be provided by encryption tokens, as herein described.
Also included within the scope of the invention is a master device for a user station automation system, the master device comprising: - a receiver for receiving from a remote central backend via a first communications path assets which are protected with a respective first cryptographic token;
- a mass data storage device for storing the received protected assets in the received protected form;
- a first transceiver for receiving from the backend via a second communications path a second cryptographic token which is required to decrypt a selected one of the protected assets;
- a processor connected to the first transceiver and configured to utilize the received second cryptographic token to decrypt the selected asset for play-out on a renderer device, which is connected or connectable to the master device; and
- a second transceiver which is connectable via a local communications path to at least one of a sensor device and an actuator device which forms part of the automation system at the user station.
The master device may comprise a controller which is connected to the receiver, the first transceiver, the second transceiver and the mass data storage device.
The controller may be one of a central controller and a controller distributed in the master device. The receiver may be a broad bandwidth receiver for cooperating with the first communications path, which may comprise a broad bandwidth link and which may be one of a multicast link and a broadcast link, such as a satellite link and a digital terrestrial link.
The first transceiver may comprise a narrower bandwidth receiver for cooperating with the second communications path, which may comprise a narrower bandwidth link to the backend. The second communications path may comprise any one of, but not limited to, an Asymmetric Digital Subscriber Line (ADSL), Global System for Mobile (GSM) communications link, 3G, 4G and LTE preferably utilizing Internet Protocol (IP).
The mass data storage device may comprise a hard disc and drive and/or a solid-state drive.
According to another aspect of the invention there is provided a method of exchanging data with a user station comprising a master device comprising a local data storage device and at least one of a sensor device and an actuator device which is connected to the master device, the master device being associated with a user interface and being in communication with a backend via a first communications path and a second communications path and being connected to the at least one of a sensor device and an actuator device by a local communications path, the method comprising, at the backend:
- broadcasting or multicasting to the master device protected assets via the first communications path, to be stored in the local data storage device;
- receiving first data from one of a) the user interface and b) the at least one of a sensor device and an actuator device; and
- forwarding second data to the other of a) the user interface and b) the at least one of a sensor device and an actuator device.
The first data may be received from the at least one of a sensor device and an actuator device and the second data may comprise the first data and may be forwarded to the user interface.
For example, the at least one of a sensor device and an actuator device may comprise a camera, the first data may comprise image data captured by the camera and the second data may be caused to be displayed on a monitor of the user interface.
In another example, the first data may be received from the user interface and the second data may comprise response data to the first data which may be received by the backend from another source and wherein the second data may then be forwarded to the master device or the at least one of a sensor device and an actuator device. The at least one of a sensor device and an actuator device may comprise a switch, the first data may be received from the user interface and may comprise command data to change a state of the switch and the second data may be forwarded to the actuator device and may comprise the command data.
At least one of the first data and the second data may be caused to be forwarded in cryptographic protected form between at least one of a) the backend and the master device, b) the master device and at least one of a sensor device and an actuator device and c) the mobile user interface and the backend.
It will be appreciated that the invention also extends to a system, master device and method without the asset receiving, storage and rendering aspects referred to above.
Accordingly and as an example, the invention also includes within its scope a method of exchanging data with a user station comp sing a master device and at least one of a sensor device and an actuator device which is connected to the master device, the master device being associated with a mobile user interface (Ul) and being in communication with a backend via a communications path and being connected to the at least one of a sensor device and an actuator device by a local communications path, the method comprising, at the backend:
- receiving cryptographically protected first data from one of a) that at least one of a sensor device and an actuator device via the local communications path and the communications path and b) the mobile Ul via another path between the Ul and the backend; and
- forwarding cryptographically protected second data to one of a) the mobile Ul via the other path and b) the at least one of a sensor device and an actuator device via the communications path and the local communications path.
Further according to the invention there is provided a computer program stored on a medium and configured, when executed by a processor or processors at the backend, to perform any of the above methods.
BRIEF DESCRIPTION OF THE ACCOMPANYING DIAGRAMS
The invention will now further be described, by way of example only, with reference to the accompanying diagram which is a high level block diagram of an example embodiment of an automation system for a user station, such as a home. DESCRIPTION OF A PREFERRED EMBODIMENT OF THE INVENTION
In the figure there is illustrated an example embodiment of an automation system 1 1 for a user station, such as a home 12.
The automation system 1 1 comprises at least one of a sensor device 54.1 to 54. n and an actuator device 56.1 to 56. n at the user station 12. A local master device 10 at the user station comprises a receiver 16 for receiving from a remote central backend 18 via a first communications path 20 assets which are protected with a first cryptographic token and a mass storage device 22 for storing the protected assets in the received protected form. A first transceiver 24 is provided for receiving from the backend via a second communications path 26 a second cryptographic token which is required to decrypt a user selected one of the pre-stored protected assets. A decrypter 28 is connected to the first transceiver and is configured to utilize the second cryptographic token to decrypt the selected asset for play-out on a Tenderer device 14, which is connected or connectable to the master device. A second transceiver 50 is connectable via a local communications path 51 to the at least one of a sensor device and an actuator device.
Hence, in one example embodiment, the master device 10 forms part of a local asset rendering system 13, also comprising the renderer device, such as a television apparatus 14 comprising a monitor, for making secure assets available at the user station. It will be appreciated that the renderer device 14 may also comprise any one or more of, but not limited to, a tablet, a personal computer, a laptop computer and a smart hand held device, such as a smart mobile phone.
The master device 10 comprises the receiver 16 for receiving from the central backend 18 via the first and broad bandwidth communications path 20 files comprising the protected assets. The master device further comprises the mass data storage device 22, for example a hard disc and drive and/or solid-state drive, for pre-storing in bulk the received protected assets, before they are rendered as herein described. Each protected asset may be cryptographicaiiy protected or encrypted by a respective key or token, such as, but not limited to, a Digital Rights Management (DRM) key.
The master device 10 further comprises the first transceiver 24 for receiving from the backend 18 via the second communications path 26, which in the example embodiment is different from the first communications path 20, a decryption key or token required to decrypt a user selected one of the pre-stored protected assets. The second path preferably is secure path. Cryptographic tokens stored at the backend and the master device may be used to provide at least part of the security. The master device further comprises the decrypter 28 connected to the first transceiver 24 via a controller 15 and configured to utilize the received token to decrypt the selected pre-stored asset for play-out on the renderer device 14. In an example embodiment, the master device is in the form of a set-top box.
It will be appreciated that in a practical system, a device similar to master device 10 and the sensor and actuator devices connected thereto may be located at each of a plurality of distributed user stations and so that the remote backend functions as a central backend serving all the user stations, as herein described.
The first communications path 20 is a broad bandwidth path (typically faster than 10 Mbits/s) and may comprise a satellite link and/or digital terrestrial link. The receiver 16 is configured to cooperate with the link to receive files with the protected assets
The second communications path 20 may be a smaller bandwidth path and may be provided by a narrower bandwidth link, including but not limited to any one of an Asymmetric Digital Subscriber Line (ADSL), a Global System for Mobile (GSM) communications link, 3G, 4G and LTE, preferably utilizing Internet Protocol (IP). The transceiver 24 is configured to transmit data from the master device 10 via this second communications path to the backend 18 and to receive via this second communications path data from the backend 18. The master device 10 is preferably permanently connected to the backend via the second communications path or at least intermittently connectable as and when data is to be transmitted or received.
The master device 10 is associated with a user interface (Ul) comprising an input device 30, such as an infrared or radio frequency remote control unit (RCU), comprising an alphanumeric keypad 32, and a graphical component (GUI) which may be provided on the monitor 34 of the renderer device 14. Utilizing the device 30 and GUI, the user is enabled to select one of the pre-stored assets. The user is prompted to enter data relating to her selection, including transaction data, via the keypad and that data is transmitted by transceiver 24 via second communications path to the backend 18.
At the backend 18, the data received is processed and if the data received comply with certain rules, the backend forwards via the second communications path 26 to the master device 10, the decryption key or token required to decrypt the selected asset. At the master device 10, the received key is utilized by decrypter 28 to decrypt the selected asset and to render same on device 14. In an example embodiment the assets may be protected according to a Digital Rights Management (DRM) system or technology. The DRM system or technology may be Microsoft (MS) PlayReady and standard MS PlayReady decryption software may be used at the decrypter 28 to decrypt the protected asset. Such an example embodiment is described in more detail in the applicant's co-pending international application PCT/IB2015/054516 entitled "Delivery of DRM protected content to distributed user stations" and the contents thereof is by this reference incorporated herein as if repeated herein.
As stated above, the master device 10 comprises a second transceiver 50 which is in data communication via a local communications path 51 with the at least one of a sensor device 54.1 to 54. n and an actuator device 56.1 to 56. n. Although the local communications path may be provided by cable, in the example embodiment, the second transceiver comprises a radio frequency transceiver and the path is a wireless path. The transceiver may support the ZigBee specification, which is based on the IEEE 802.15 standard.
The second transceiver 50 and path 51 hence may form part of a local network 52 at the user station supporting user station or home automation. The network may be a meshed network. Preferably, also forming part of the network are a plurality of sensor devices 54.1 to 54. n each comprising a respective controller and radio frequency transceiver, typically a ZigBee transceiver, and/or a plurality of actuator devices 56.1 to 56. n each comprising a respective controller and radio frequency transceiver, typically a ZigBee transceiver.
The sensor device 54.1 may be installed at the user station to cooperate with utility meter 58, such as an electricity meter, to sense metering by the latter and configured to transmit the sensed data via the network 52 to the second transceiver 50 of the master device 10. Other sensor devices 54.2 to 54. n may cooperate with other suitable sensors, such as mounted security camera 68 and movement, heat, sound, magnetic, proximity sensors, etc (not shown).
The sensed data may be processed locally by controller 15 and data, such as data relating to present rate of utility consumption and/or total consumption over a predetermined period and/or utility units left for a predetermined period, may be rendered in human perceivable form and in real time on renderer device 14. For example, the data may at the user's request, which is entered via the Ul, be displayed in a window on the monitor 34, while the above protected asset is rendered. It will be appreciated that the master device operates in the aforementioned manners in parallel to other concurrent tasks, such as the receiving and/or rendering of assets as aforesaid and is hence configured to multi-task. Alternatively and/or in addition, the master device 10 may operate as a gateway and first data comprising the sensed data or user generated data may be transmitted by the master device 10 via first transceiver 24 and the second communications path 26, which may be secure, to the backend 18 for central processing and/or storage. Second data comprising the centrally processed data or response data to the first data may be transmitted by the backend via the second communications path 26 to the master device for display in a human perceivable form. Again the data may be displayed in a window on the monitor 34, while the above protected asset is rendered.
The actuator devices 56.1 to 56. n cooperate with controllable devices such as electrically operable locks, switches or relays for temperature and/or air flow and/or lighting systems, valves, motors including for pumps, water heaters etc.
The controller 1 5 may be configured, upon a command being entered by the user via the RCU and the GUI on monitor 34 to transmit a signal to an addressed actuator device 56.1 to operate its associated switch 60 to switch off or on a pump 62 for a swimming pool, for example. Alternatively and/or in addition, the controller may be configured in response to locally processed sense data or centrally processed sense data to operate the switch 64 via actuator device 56. n for water heater 66 or any other switch or relay.
In an example embodiment, each of the sensor devices 54.1 to 54. n and each of the actuator devices 56.1 to 56. n is issued with a respective unique cryptographic token which is stored locally on the sensor device and actuator device, as the case may be. The devices may be paired or otherwise associated with the master device 10 which also has at least one unique token for communications on the network 52 with the devices. The sensor and actuator devices, master device and their associated tokens are associated with one another and/or the user and/or the user station, and are so registered at the backend 18. This feature enables the backend 18 to test the authenticity of the sensor and actuator devices and also the master device. Furthermore, it enables the backend 18 and/or the master device 10 to address any selected sensor or actuator device securely.
The system may further comprise one or more mobile devices, such as the smart mobile phone 70, for example, which may serve as a remote Ul. Hence, the mobile device 70 may be used to receive data and/or to transmit data to the user station from a location remote from the user station. The mobile device 70 may be paired or otherwise associated with the local master device 10 and so registered at the backend 18, so that the backend knows that the mobile device 70 is an authorized mobile device in respect of master device 10 and/or the user station.
Utilizing the mobile device 70 and a GUI displayed on a screen of device 70, the user is enabled to communicate with the backend 18 and local master device 10 via a real-time communications path. The path between the mobile device and the backend may also be a secure path and the security may at least be provided by cryptographic tokens as explained above in respect of the local communications path and the second communications path.
The mobile device 70 may be used to enable the user, from a location remote from the user station 10, selectively to view data which is sensed by any one of sensor devices 54.1 to 54. n. For example, the user may use an application executing on the device 70 to generate a request to be provided on the monitor of device 70 with images that are captured by a security camera 68 at the user station. The request is forwarded via the backend 18 to the master device. The master device obtains the image data from the relevant sensor device. The data, preferably relating to moving images, is fed via sensor device 54. n and secure network 52 to the second transceiver 50. From the master device 10 the data is forwarded securely via transceiver 24 and second communications path 26 to the backend 18. Because the backend can determine from the above registration data that the mobile device 70 is an authorized device which is associated with user station 12 and/or master device 10, the backend causes the requested data to be forwarded in secure manner to the mobile device 70, where it is rendered in real time on a monitor of the device. The above registration and secure data transmission and associated tokens are used to ensure that the data is not sent to an unauthorized device or susceptible to interception and or interference with by unauthorized parties.
Similarly, the mobile device 70 may enable the user to operate any one of actuator device 56.1 to 56. n from a location remote from the user station 12. For example, the user may use the application executing on the device 70 to generate a command to operate a switch 60 or 64 at the user station. The command is forwarded securely to the backend 18. The backend, based on the above registration data, is in a position to authenticate that the switch is at the user station 10 and connected to the master device 10, which are associated with the device 70. The command is then forwarded securely via the second communications path to the master device 10 and via transceiver 50 and the secure local path 51 of secure network 52 to the actuator device 56.1 or 56. n. In response to the command the actuator device operates the switch in accordance with the command. Hence, where the user uses a Ul 32. 34 in close proximity of the master device, the backend 18 need not be involved in data communications between the master device and the Ul. However, in situations where the Ul 70 is remote from the master device 10, the backend 18 is preferably involved at least as an authentication mechanism, to supplement the security provided by the secure communications paths 26 and 51 .

Claims

A user station automation system comprising:
- at least one of a sensor device and an actuator device at the user station;
- a master device comprising:
- a receiver for receiving from a remote central backend via a first communications path assets which are protected with a first cryptographic token;
- a mass data storage device for storing the received protected assets in the received protected form;
- a first transceiver for receiving from the backend via a second communications path a second cryptographic token which is required to decrypt a selected one of the protected assets;
- a processor connected to the first transceiver and configured to utilize the second cryptographic token to decrypt the selected asset for play-out on a renderer device, which is connected or connectable to the master device; and
- a second transceiver which is connectable via a local communications path to the at least one of a sensor device and an actuator device.
2. The system as claimed in claim 1 wherein the first communications path and the second communications paths are different.
3. The system as claimed in claim 2 wherein the first communications path comprises one of a satellite link and a digital terrestrial link and the second communications path supports Internet protocol.
4. The system as claimed in any one of claims 1 and 2 wherein the local communications path comprises one of a cable and a wireless link.
5. The system as claimed in any one of claims 1 to 4 wherein the local communications path is a secure path.
6. The system as claimed in claim 5 wherein security for the local communications path is provided by a third cryptographic token which is associated with and stored in the master device and an associated fourth cryptographic token which is stored in the at least one of a sensor device and an actuator device and wherein data communications between the master device and the at least one of a sensor device and an actuator device is protected utilizing one of the third and fourth cryptographic tokens.
7. The system as claimed in any one of claims 1 to 6 wherein the master device is associated with a user interface.
8. The system as claimed in claim 7 wherein the user interface comprises at least one of a) a monitor of the renderer device and an input device and b) a mobile device comprising a monitor and an input device.
9. The system as claimed in claim 8 wherein the master device, the at least one of a sensor device and an actuator device and the mobile device are registered in association with one another at the backend.
10. The system as claimed in claim 8 or claim 9 wherein a command intended for the at least one of a sensor device and an actuator device is generated at the mobile device and transmitted to the at least one of a sensor device and an actuator device via the backend, the master device and the secure local communications path.
1 1 . A master device for an automation system at a user station, the master device comprising:
- a receiver for receiving from a remote central backend via a first communications path assets which are protected with a respective first cryptographic token;
- a mass data storage device for storing the received protected assets in the received protected form; - a first transceiver for receiving from the backend via a second communications path a second cryptographic token which is required to decrypt a selected one of the protected assets;
- a processor connected to the first transceiver and configured to utilize the received second cryptographic token to decrypt the selected asset for play-out on a Tenderer device, which is connected or connectable to the master device; and
- a second transceiver which is connectable via a local communications path to at least one of a sensor device and an actuator device which forms part of the automation system at the user station.
12. A method of exchanging data with a user station comprising a master device comprising a local data storage device and at least one of a sensor device and an actuator device which is connected to the master device, the master device being associated with a user interface and being in communication with a backend via a first communications path and a second communications path and being connected to the at least one of a sensor device and an actuator device by a local communications path, the method comprising, at the backend: - broadcasting or multicasting to the master device protected assets via the first communications path, to be stored in the local data storage device;
- receiving first data from one of a) the user interface and b) the at least one of a sensor device and an actuator device; and
- forwarding second data to the other of a) the user interface and b) the at least one of a sensor device and an actuator device.
13. A method as claimed in claim 12 wherein the first data is received from the at least one of a sensor device and an actuator device and wherein the second data comprises the first data and is forwarded to the user interface.
14. A method as claimed in claim 13 wherein the at least one of a sensor device and an actuator device comprises a camera, wherein the first data comprises image data captured by the camera and wherein the second data is caused to be displayed on a monitor of the user interface. 5. A method as claimed in claim 12 wherein the first data is received from the user interface and the second data comprises response data to the first data which is received by the backend from another source and wherein the second data is then forwarded to the at least one of a sensor device and an actuator device.
16. A method as claimed in claim 12 wherein the at least one of a sensor device and an actuator device comprises a switch and wherein the first data is received from the user interface and comprises command data to change a state of the switch and wherein the second data is forwarded to the actuator device and comprises the command data.
17. A method as claimed in any one of claims 12 to 16 wherein at least one of the first data and the second data is caused to be forwarded in cryptographic protected form between at least one of a) the backend and the master device, b) the master device and the at least one of a sensor device and an actuator device and c) the mobile user interface and the backend.
18. A user station automation system comprising:
- at least one of a sensor device and an actuator device at the user station;
- a master device at the user station and which master device comprises a first transceiver that is in secure data communication with a remote backend; and a second transceiver which is in data communications with the at least one of a sensor device and an actuator device via a secure local data communications path; and - a mobile user interface (Ul) that is associated with the master device and which is in secure data communication with the backend via another path.
19. A master device for an automation system at a user station, the master device comprising a first transceiver that is in secure data communication with a remote backend; and a second transceiver which is in data communication via a secure local data communications path with at least one of a sensor device and an actuator device at the user station.
20. A method of exchanging data with a user station comprising a master device and at least one of a sensor device and an actuator device which is connected to the master device, the master device being associated with a mobile user interface (Ul) and being in communication with a backend via a communications path and being connected to the at least one of a sensor device and an actuator device by a local communications path, the method comprising, at the backend:
- receiving cryptographically protected first data from one of a) the at least one of a sensor device and an actuator device via the local communications path and the communications path and b) the mobile Ul via another path between the Ul and the backend; and
- forwarding cryptographically protected second data to one of a) the mobile Ul via the other path and b) the at least one of a sensor device and an actuator device via the communications path and the local communications path.
PCT/IB2015/055774 2014-07-30 2015-07-30 Media player device serving as hub or gateway for home automation WO2016016840A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
ZA201405641 2014-07-30
ZA2014/05641 2014-07-30

Publications (1)

Publication Number Publication Date
WO2016016840A1 true WO2016016840A1 (en) 2016-02-04

Family

ID=54007936

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2015/055774 WO2016016840A1 (en) 2014-07-30 2015-07-30 Media player device serving as hub or gateway for home automation

Country Status (1)

Country Link
WO (1) WO2016016840A1 (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020080827A1 (en) * 2000-12-22 2002-06-27 Lee Steven K. Buried data stream in a wireless home network
WO2003096669A2 (en) * 2002-05-10 2003-11-20 Reisman Richard R Method and apparatus for browsing using multiple coordinated device
EP2388724A1 (en) * 2010-05-17 2011-11-23 ST-Ericsson SA Method and device for communicating digital content

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020080827A1 (en) * 2000-12-22 2002-06-27 Lee Steven K. Buried data stream in a wireless home network
WO2003096669A2 (en) * 2002-05-10 2003-11-20 Reisman Richard R Method and apparatus for browsing using multiple coordinated device
EP2388724A1 (en) * 2010-05-17 2011-11-23 ST-Ericsson SA Method and device for communicating digital content

Similar Documents

Publication Publication Date Title
US10701072B2 (en) Apparatus and method for secure provisioning of a communication device
US10567553B2 (en) Apparatus and method for secure over the air programming of a communication device
US10122534B2 (en) Apparatus and method for managing use of secure tokens
US20210136431A1 (en) Secure Bridging of Third-Party Digital Rights Management to Local Security
KR101502249B1 (en) Device communication
CN101079696B (en) A stream media encryption system and method for industrial monitoring system
KR101641915B1 (en) Methods and systems for dynamic media content output for mobile devices
CN109711117B (en) Apparatus and method for distributing digital content
US9306744B2 (en) Video cryptography system and method
CN105893454A (en) Method and system for selectively providing content to users located within virtual perimeter
CN106603226B (en) Message transmission encryption and authentication method, sender device and receiver device
CN106203147B (en) Private social networking platform for real-time content sharing
US10165229B2 (en) Network communication system and method thereof
US11895346B2 (en) Techniques for secure video frame management
CN106131008B (en) Video and audio monitoring equipment, security authentication method thereof and video and audio display equipment
WO2016016840A1 (en) Media player device serving as hub or gateway for home automation
CN115174672A (en) Terminal, display device and data transmission method
CN103098482A (en) Secure remote control for audio/video receiver/decoder
EP4022933A1 (en) Methods, systems, and media for presenting media content items using multiple devices
Alsaffar et al. IPTV service framework based on secure authentication and lightweight content encryption for screen-migration in Cloud computing
CN202261390U (en) System capable of remotely watching multimedia programs
JP2014135681A (en) Stream processing device, remote control system, communication control method, remote control method and communication control program
CN105703899A (en) Data transmission and reception methods and apparatuses
KR20160036254A (en) Apparatus and system for providing contents

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15754295

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15754295

Country of ref document: EP

Kind code of ref document: A1