Patent application number | Description | Published |
20100211798 | Systems and Methods for Signaling Content Rights Through Release Windows Life Cycle - Systems and methods for controlling the use of audio, video and audiovisual content are provided. A data structure includes content usage rights for multiple release windows. The usage rights may be encoded in the content or otherwise bound to the content. Playback devices are configured to access the appropriate usage rights and control usage in accordance with the usage rights. | 08-19-2010 |
20100217985 | Authenticated Communication Between Security Devices - Apparatuses, computer readable media, and methods establishing and maintaining trust between security devices for distributing media content are provided. Two security devices bind to establish an initial trust so that security information can be exchanged. Subsequently, trust is refreshed to verify the source of a message is valid. In an embodiment, the security devices may comprise a security processor and a system on a chip (SoC) in a downloadable conditional access system. Trust may be refreshed by a security device inserting authentication information in a message to another security device, where authentication information may assume different forms, including a digital signature (asymmetric key) or a hash message authentication code (HMAC). Trust may also be refreshed by extracting header information from the message, determining state information from at least one parameter contained in the header information, and acting on message content only when the state information is valid. | 08-26-2010 |
20100269179 | Security Client Translation System and Method - Systems and methods for controlling the use of audio, video and audiovisual content are provided. Usage rights and entitlement translation permit numerous devices to store and view media content. The usage rights may be encoded in the content or otherwise bound to the content. Security packages may be created by mapping Conditional Access System entitlements to DRM in hardware security elements. Playback devices are configured to access the translated usage rights and verify rights prior to the viewing of media. | 10-21-2010 |
20120084806 | Key Derivation for Secure Communications - A security system is disclosed in which a device-specific key value is provided to a security processing device, and then used to derive additional derived keys for use in secured communications. In response to identifying a compromise of the derived keys, the system can be instructed to derive new or replacement derived keys for use in the secured communications. In some embodiments, the security system can be used in a video reception device, to decrypt encrypted video content. | 04-05-2012 |
20130046990 | AUTHENTICATION AND BINDING OF MULTIPLE DEVICES - Systems and methods are described that relate to authentication and/or binding of multiple devices with varying security profiles. In one aspect, a first device with a higher security profile may vouch for the authenticity of a second device with a lower security profile when the second device requests access for content from a content provider. The vouching process may be implemented by allowing the first device to overlay its digital signature on a registration request that has been signed and transmitted by the second device. The second device with the lower security profile may access content from the content provider or source for a predetermined time period, even when the second device does not access content through the first device. | 02-21-2013 |
20130129095 | Key Delivery - A multi-hierarchical key system is provided such that users receive timely key renewals when required so that access to authorized content is not disrupted. Timely renewals of keys may occur continuously for various services while minimizing network traffic. The multi-hierarchical key system may be used in an adaptive streaming environment. | 05-23-2013 |
20130163763 | PC Secure Video Path - A system and method are disclosed for creating a secure video content path, or a protected media content bus, within an unsecure personal computer. A portable security module, or electronic key safe, may be inserted into a personal computer that has different internal components for processing secure and unsecured content. The security module may establish a secure encrypted link with a secure video processor of the personal computer, and may use the personal computer's network interface to request authority to receive secured content. The security module may provide content keys to the secure video processor to access secured content received over an external network. | 06-27-2013 |
20130227293 | Method For Watermarking Content - The disclosure relates to processing content with watermarks to generate watermarked versions. In some aspects, each version may be different. Groups of fragments may be combined to generate a unique stream by pulling fragments from two or more of the groups of fragments. Further, fragmenting may be performed before watermarking, and fragments may be pulled and watermarked upon request. | 08-29-2013 |
20140304516 | Authentication and Binding of Multiple Devices - Systems and methods are described that relate to authentication and/or binding of multiple devices with varying security profiles. In one aspect, a first device with a higher security profile may vouch for the authenticity of a second device with a lower security profile when the second device requests access for content from a content provider. The vouching process may be implemented by allowing the first device to overlay its digital signature on a registration request that has been signed and transmitted by the second device. The second device with the lower security profile may access content from the content provider or source for a predetermined time period, even when the second device does not access content through the first device. | 10-09-2014 |
20140314232 | PC Secure Video Path - A system and method are disclosed for creating a secure video content path, or a protected media content bus, within an unsecure personal computer. A portable security module, or electronic key safe, may be inserted into a personal computer that has different internal components for processing secure and unsecured content. The security module may establish a secure encrypted link with a secure video processor of the personal computer, and may use the personal computer's network interface to request authority to receive secured content. The security module may provide content keys to the secure video processor to access secured content received over an external network. | 10-23-2014 |
Patent application number | Description | Published |
20090052661 | REDUCED HIERARCHY KEY MANAGEMENT SYSTEM AND METHOD - A controller receives an encrypted media stream (“EMS”) and an identifier indicative of a selected content key from a headend. The EMS is encrypted with an encryption key and can be decrypted with a corresponding decryption key which is determinable from the selected content key. The controller receives indexes and content keys from the headend prior to receiving the EMS. Each index respectively corresponds to an identifier with one index corresponding to the identifier indicative of the selected content key. The content keys correspond to the indexes with one content key corresponding to the index corresponding to the identifier indicative of the selected content key. The controller selects the index corresponding to the identifier indicative of the selected content key upon receiving the EMS, determines the selected content key from the selected index, determines the decryption key from the selected content key, and decrypts the EMS with the decryption key. | 02-26-2009 |
20100046752 | System and Method for Security Processing Media Streams - A system for multi-stream security processing and distributing digital media streams includes a headend, a network, and at least one receiver. The headend is generally configured to generate encrypted digital media streams. The network may be coupled to the headend and configured to receive the encrypted digital media streams. The at least one receiver may be coupled to the network and configured to receive the encrypted digital media streams and present a decrypted version of the encrypted digital media streams. At least one of the headend and the at least one receiver include a security processor that may be configured to provide at least one of simultaneous multiple encryption and simultaneous multiple decryption processing of the digital media streams. | 02-25-2010 |
20110145577 | System and Method for a Variable Key Ladder - A method and apparatus is described that may receive a data message and storing configuration data. The method and apparatus may also select between a first device key and a second device key depending upon the configuration data and decrypt at least a portion of the data message using a key ladder that includes the selected first or second device key. | 06-16-2011 |
20110228942 | Reduced Hierarchy Key Management System and Method - A controller receives an encrypted media stream (“EMS”) and an identifier indicative of a selected content key from a headend. The EMS is encrypted with an encryption key and can be decrypted with a corresponding decryption key which is determinable from the selected content key. The controller receives indexes and content keys from the headend prior to receiving the EMS. Each index respectively corresponds to an identifier with one index corresponding to the identifier indicative of the selected content key. The content keys correspond to the indexes with one content key corresponding to the index corresponding to the identifier indicative of the selected content key. The controller selects the index corresponding to the identifier indicative of the selected content key upon receiving the EMS, determines the selected content key from the selected index, determines the decryption key from the selected content key, and decrypts the EMS with the decryption key. | 09-22-2011 |