[go: up one dir, main page]

WO2010106518A1 - Procédé et système de commande de boîtiers décodeurs distribués - Google Patents

Procédé et système de commande de boîtiers décodeurs distribués Download PDF

Info

Publication number
WO2010106518A1
WO2010106518A1 PCT/IB2010/051185 IB2010051185W WO2010106518A1 WO 2010106518 A1 WO2010106518 A1 WO 2010106518A1 IB 2010051185 W IB2010051185 W IB 2010051185W WO 2010106518 A1 WO2010106518 A1 WO 2010106518A1
Authority
WO
WIPO (PCT)
Prior art keywords
application
application module
devices
module
mutated
Prior art date
Application number
PCT/IB2010/051185
Other languages
English (en)
Inventor
Grant Peter Simms
Original Assignee
Altech Uec (Pty) Limited
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Altech Uec (Pty) Limited filed Critical Altech Uec (Pty) Limited
Publication of WO2010106518A1 publication Critical patent/WO2010106518A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N7/00Television systems
    • H04N7/16Analogue secrecy systems; Analogue subscription systems
    • H04N7/167Systems rendering the television signal unintelligible and subsequently intelligible
    • H04N7/1675Providing digital key or authorisation information for generation or regeneration of the scrambling sequence
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/41Structure of client; Structure of client peripherals
    • H04N21/418External card to be used in combination with the client device, e.g. for conditional access
    • H04N21/4181External card to be used in combination with the client device, e.g. for conditional access for conditional access
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/438Interfacing the downstream path of the transmission network originating from a server, e.g. retrieving encoded video stream packets from an IP network
    • H04N21/4385Multiplex stream processing, e.g. multiplex stream decrypting
    • H04N21/43853Multiplex stream processing, e.g. multiplex stream decrypting involving multiplex stream decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/45Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
    • H04N21/462Content or additional data management, e.g. creating a master electronic program guide from data received from the Internet and a Head-end, controlling the complexity of a video stream by scaling the resolution or bit-rate based on the client capabilities
    • H04N21/4623Processing of entitlement messages, e.g. ECM [Entitlement Control Message] or EMM [Entitlement Management Message]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/45Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
    • H04N21/462Content or additional data management, e.g. creating a master electronic program guide from data received from the Internet and a Head-end, controlling the complexity of a video stream by scaling the resolution or bit-rate based on the client capabilities
    • H04N21/4627Rights management associated to the content

Definitions

  • This invention relates to a method and system for controlling a receiving device for encrypted broadcast services at a user station. More particularly, the invention relates to a method and system for controlling a set-top box connected to a television monitor at a user station.
  • smart cards for set-top boxes or the like intended to be connected to television (TV) sets and to decode encrypted services broadcasted from one or more head-ends, are cloned by unauthorized parties and the cloned cards are sold to customers. These cloned smart cards may then be used with genuine boxes by pirate viewers. These viewers are then in a position to receive and view the services without paying a subscription or paying a discounted subscription to the unauthorized parties. It will be appreciated that these unauthorized parties and pirate viewers cause serious damage for, amongst others, the service broadcasters.
  • a method of controlling at (east one of a plurality of distributed receiving devices for encrypted broadcast services comprising the steps of: broadcasting to the at least one device an application module comprising an application code part, a business rules part and an application data part; sequentially mutating the application module by changing at least one of the application code part, the business rules part and the application data part;
  • the receiving device may comprise a wireless receiver, which may be a satellite receiver or terrestrial receiver.
  • the receiving device may comprise at least one decoder and a respective key token, such as a smart card, for decoding encrypted service data broadcasted by a broadcasting head-end.
  • the application module is broadcasted to n devices and a first mutation of the application module is executed by m devices selected from the n devices and wherein m ⁇ n.
  • the first mutation may be generated in response to response data received from the selected devices, or users of the selected devices.
  • the first mutation may comprise an application data part which is different from the application data part of the application module.
  • the first mutation may comprise a business rules part which is different from the business rules part of the application module.
  • the response data from each selected device may comprise data relating to a unique address associated with the device.
  • a system for controlling at least one of a plurality of distributed receiving devices for encrypted broadcast services comprising: a broadcast head-end comprising a server, a database and a transmitter; an application module mutating tool connected to the head-end, the tool being configured to generate an application module comprising an application code part, an application data part and a business rule part and the tool further being configured to mutate the application module by changing at least one of the application code part, the application data part and the business rules part; the head end being configured sequentially to broadcast the application module and at least part of the mutated application modules; and the plurality of receiving devices being configured to receive the application module and a processor of each device being configured sequentially to execute the application module and at least one mutated application module and to cause the device to operate in accordance with the application module and the at least one mutated application module.
  • figure 1 is a diagrammatic representation of a broadcasting system comprising a plurality of distributed receiving devices for encrypted broadcast services
  • figure 2 is a diagrammatic representation of relevant parts of the receiving device and an application module hosted on the device
  • figure 3 is a diagrammatic representation of relevant parts of a mutating application which in use is intermittently mutated and broadcasted to the receiving devices
  • figure 4 is a similar diagram of the module in compiled form
  • figures 5 (a) to (c) are diagrammatic representations of the application module communicating with a hardware platform of the receiving device via an operating system running on the hardware platform
  • figures 6(a) and (b) are diagrammatic representations of a display on a screen associated with the receiving device and which is controlled in accordance with the application module
  • figures 7(a> and (b) are similar representations of a display on the screen and which is controlled in accordance with a mutation of the application module
  • figure 8 is a diagrammatic view of relevant parts of
  • a broadcasting system for broadcasting encoded services to a plurality of distributed receiving devices is generally designated by the reference numeral 10 in figurei .
  • the system comprises a plurality of distributed receiving devices 1 2.1 to 12.n for encrypted broadcast services.
  • Each receiving device comprises a wireless receiver connected to a suitable antenna. In the embodiment shown, the receiver is connected to a satellite dish antenna 14.1 to 14.n.
  • Each receiving device 12.1 to 12.n is connected to a respective screen or monitor such as a television screen 16.1 to 16.n.
  • Each receiving device comprises at least one decoder and associated smart card 17.1 to 17.n for decoding encrypted broadcast services which are broadcasted to be received by the receiving devices. Only registered receiving devices registered at an upstream database 36 are normally enabled to decrypt the encrypted services and to cause the services to be played out on the monitor.
  • a return path, such as return path 19.1 may be provided from at least some of the receiving devices.
  • the return path may comprise a modem (not shown) which is connectable to the head-end 30 or may at least in part comprise part of a cellular telephone infrastructure, including a cellular phone 21 .1 at the user station 23.1
  • each receiving device 12.1 comprises a hardware platform 18 comprising a processor.
  • the platform also comprises so-called secure silicon in that a unique ID code for chips or chip sets, forming part of the platform, is embedded in the chips or chip sets upon fabrication thereof.
  • An operating system 20 runs on the platform.
  • Application modules 22 are receivable by the receiving devices and are configured to execute on the hardware in conjunction with the operating system.
  • Each receiving device 12.1 to 12.n is also associated with a unique electronic address which enables a selected device to be addressed individually from the broadcast head-end 30, or as part of a group of a larger population of devices 12.1 to 12.n or as part of the whole population.
  • the range is hence 0.0,0.0 to 255.255.255.255.255.
  • the number 0 may not be bound and may be used to blanket address all devices falling in an address range.
  • the electronic addresses and aforementioned embedded hardware codes may be related.
  • the electronic addresses are generated and stored in the devices at manufacturing of the devices.
  • the electronic address and hardware code as well as a smart card number associated with a respective smart card may be stored in the database 36 (shown in figurei ).
  • a processor on the smart card 17.1 and the processor of the device 12.1 may cooperate and on an instruction from a back-end processor and under guidance of the back-end processor, generate and store on the smart card and/or on the device a unique code or "biometric code" which is derived from data relating to the device on the one hand and data relating to the smart card on the other. Since this generation is performed under control or guidance of the back-end processor, the biometric codes for each back-end registered smart card and device combination, would be known to the back-end processor.
  • the application module 22 comprises an application execution engine part 24 comprising the application code, an application data part 26 and a business rules part 28.
  • the engine 24 is configured to interoperate the application data part 26.
  • the business rules part 28 dictates how the application module behaves on a hosting receiving device 12.1 to 12.n.
  • the module is compiled at a head-end 30 (shown in figure 1 ) utilizing a special tool 32.
  • 12.1 to 12.n comprises the steps of broadcasting from the head-end 30 via a satellite communication path 34 to the distributed devices 12.1 to 12.n, the application module 22 comprising the application code part 24, the application data part 26 and the business rules part 28.
  • the application 22 is sequentially mutated 22', 22", 22'"....by changing at least one of the application code part, the business rules part and the application data part.
  • the application module 22 interrogates the hardware platform 18 via the operating system 20 regarding the embedded code. If the module 22 determines that the embedded code is not a code registered in the aforementioned upstream database, the business rules part causes the receiving device, as shown in figure 5(c), to operate in a predetermined manner.
  • a first application module 22 is broadcast to all or a group of devices 12.1 to 1 2.n.
  • the application module 22, when hosted on the devices, is configured to read the aforementioned unique code or biometric code and to compare on the device the code read and the code, which according to the back-end processor, should be the code for a particular combination of device and associated smart card. If the compared codes of a device 12.k do not match, a first version of the business rules part 28 of the application module 22 is configured to cause the device 12.k to display on the associated monitor 16.k a message, such as that shown in figure 6(b).
  • the message comprises an encrypted number 60 comprising the aforementioned electronic address of the device 12.k.
  • Genuine and properly registered devices such as device 12.1 connected to screen 16.1 shown in figure 6(a), continues to operate normally.
  • the aforementioned displayed message requests the user to return via return path 19.k, the encrypted number 60.
  • the returned number is processed at the back-end to update a list of electronic addresses associated with unregistered smart cards hosted in the database 36.
  • the user may be given an opportunity, within a specified time window, to register the unregistered card. If done, the services may not be interrupted.
  • the first mutation comprises the electronic address of the unregistered device 1 2.k, typically as part of the application data part 26. Therefore at least the application data part 26 of the first mutation 22' is different from the application data part of the original application module 22.
  • the business rules part 28 of the first mutation 22' may also differ from the first version of the business rules part of original application module 22.
  • the business rules part in the first mutation 22' may dictate that device 12.k be switched from the normal operating state as shown in figure 7(a) to a stand-by or disabled state, wherein the device 12.k is disabled from playing out the content on the screen
  • the generation of mutations of the application module 22 may be triggered by a response comprising response data received from a selected device or devices, or, from users of such devices.
  • at least one of the application data part 26 and the business rules part 28 is changed.
  • the entire mutated module 22' may be broadcasted from the head end and in other forms, only the changed parts may be so broadcasted.
  • the mutations are automatically generated intermittently, to stay ahead of hackers, imitators and copiers.
  • At least one mutation application module 22' is generated and executed, but it will be appreciated that any suitable number of mutation modules 22", 22'" may sequentially be generated and executed.
  • a system 100 comprising backend server 132 and a client or user devices 1 12.1 is shown in figure 8.
  • a suite of software algorithms ( ⁇ 1 , ⁇ 2, ⁇ 3 and ⁇ 4) for the compression and manipulation of digital interactive information is executed by the system 100.
  • the suite of software algorithms is used for the interactive synchronization and management of broadcast data for digital program content.
  • the result output of the system gives a user of the device 1 12.1 a two-way interactive perception on the user play-out device 1 12.1 , although the transmission/broadcast may only one-way, from back-end 132 to device 1 12.1 .
  • the backend server 132 executes several algorithms and software modules that produce compressed interactive epsilon ( ⁇ ) binary flow code that may either be broadcast directly to client devices 1 12.1 (Set Top Boxes, kiosks, mobile phones etc) or further interpreted for play- out to third party devices using specific proprietary applications.
  • These modules provide several tool sets that allow the integration of interactive menus and special objects called “gadgets” for the enhanced user experience of viewing and interacting with broadcast or streamed digital content.
  • the content management system comprises the following main modules Epsilon Designer, Epsilon Broadcast Automation, Epsilon
  • Epsilon Designer is a Rapid Interactive TV Application Development (RAD) tool for developing application for several different output devices such as Set Top Box's (STBs) and kiosks.
  • STBs Set Top Box's
  • kiosks for developing application for several different output devices such as Set Top Box's (STBs) and kiosks.
  • the automation engine allows system critical data flow processes for interactive applications. It enables real-time data updates to be multicast with intrinsic binary data.
  • the synchronization engine allows the interactive play-out of interactive content with program and advertising information.
  • Interactive application play-out allows targeted advertising for interactive view of products.
  • the first algorithm ⁇ 1 interprets any vector graphic input into an efficient and compressed data block.
  • the data is further processed through a special interactive engine that allows the integration of interactive objects with the vector produced data. These may include dialogue boxes, buttons, action items, triggers and events.
  • the algorithm then takes this data block and using a second encoding algorithm ⁇ 3 to produce an efficient and compressed Extensible Mark-up Language (XML) file with embedded content and interactive objects, called gadgets. These objects and gadgets may be encrypted and encapsulated with a unique algorithm.
  • XML Extensible Mark-up Language
  • the XML file is a generic output of the first set of unique algorithms that may then be further encoded for a specific target device.
  • the target device may run software (middleware).
  • the resultant output of the third encoding ⁇ 3 is a binary source flow file that may be played using the Epsilon broadcast server and synchronisation engine to the target devices.
  • the Epsilon client application ⁇ 4 that resides in each user device 14 is agnostic to the mechanism used to play-out the source binary file to the device.
  • the source binary file may be streamed by the broadcaster or it may be streamed using any TCP/IP or broadband connectivity.
  • the Epsilon client module ⁇ 4 interprets the received binary source file and places the necessary objects and gadgets on the receiving device screen.
  • the algorithm used in the client module ⁇ 4 offers the intelligence required to interpret the interactive reactions of each unique user to the gadgets and objects displayed on the screen, offering a seamless interactive experience.
  • the epsilon playback on the receiving device 1 12.1 may be used for several applications for interactive advertising, games, education programs and even a form of unique mutating conditional access.
  • the system according to the invention may also be used selectively to disable or switch off remote devices 1 12.1 as hereinbefore described.

Landscapes

  • Engineering & Computer Science (AREA)
  • Multimedia (AREA)
  • Signal Processing (AREA)
  • Databases & Information Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)

Abstract

L'invention porte sur un procédé de commande d'au moins l'un d'une pluralité de dispositifs récepteurs distribués pour des services de radiodiffusion cryptés comprenant les étapes consistant à radiodiffuser vers l'au moins un dispositif (12.1 à 12.n) un module d'application 22 comprenant une partie code d'application, une partie règles commerciales et une partie données d'application. Le module est fait séquentiellement muter 22', 22'' par changement d'au moins l'une de la partie code d'application, de la partie règles commerciales et de la partie données d'application. Les modules d'application mutés 22, 22', 22''… sont séquentiellement exécutés par le dispositif et le dispositif est amené à fonctionner selon les modules d'application mutés.
PCT/IB2010/051185 2009-03-18 2010-03-18 Procédé et système de commande de boîtiers décodeurs distribués WO2010106518A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
ZA2009/01905 2009-03-18
ZA200901905 2009-03-18

Publications (1)

Publication Number Publication Date
WO2010106518A1 true WO2010106518A1 (fr) 2010-09-23

Family

ID=42229291

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2010/051185 WO2010106518A1 (fr) 2009-03-18 2010-03-18 Procédé et système de commande de boîtiers décodeurs distribués

Country Status (1)

Country Link
WO (1) WO2010106518A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013056622A1 (fr) * 2011-10-18 2013-04-25 华为终端有限公司 Procédé permettant de vérifier l'identité d'accès d'un boîtier décodeur et d'un serveur d'authentification

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020031224A1 (en) * 1998-09-08 2002-03-14 On Command Corporation Secure multimedia communications system
US6550008B1 (en) * 1999-02-26 2003-04-15 Intel Corporation Protection of information transmitted over communications channels
FR2865592A1 (fr) * 2004-01-28 2005-07-29 Noel Vogt Procede de diffusion securisee de programmes de television, systeme de diffusion, decodeur et support de donnees correspondants.
US20080008321A1 (en) * 2006-07-10 2008-01-10 Syphermedia International, Inc. Conditional access enhancements using an always-on satellite backchannel link

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020031224A1 (en) * 1998-09-08 2002-03-14 On Command Corporation Secure multimedia communications system
US6550008B1 (en) * 1999-02-26 2003-04-15 Intel Corporation Protection of information transmitted over communications channels
FR2865592A1 (fr) * 2004-01-28 2005-07-29 Noel Vogt Procede de diffusion securisee de programmes de television, systeme de diffusion, decodeur et support de donnees correspondants.
US20080008321A1 (en) * 2006-07-10 2008-01-10 Syphermedia International, Inc. Conditional access enhancements using an always-on satellite backchannel link

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013056622A1 (fr) * 2011-10-18 2013-04-25 华为终端有限公司 Procédé permettant de vérifier l'identité d'accès d'un boîtier décodeur et d'un serveur d'authentification
US8832727B2 (en) 2011-10-18 2014-09-09 Huawei Device Co., Ltd. Method and authentication server for verifying access identity of set-top box

Similar Documents

Publication Publication Date Title
US7716662B2 (en) System and method for generating a set top box code download step sequence
US8817095B2 (en) Locally originated IPTV programming
KR101995425B1 (ko) 영상 표시 장치, 단말 장치 및 그 동작 방법
US20040163134A1 (en) Digital television set with gaming system emulating a set top box
JP2006005897A (ja) 端末装置、コンテンツ配信システム、情報出力方法、情報出力プログラム
WO2006129404A1 (fr) Dispositif de reproduction des contenus, méthode pour fournir des informations en relation avec un service, dispositif fournissant des informations en relation avec un service et système fournissant un service
US8850590B2 (en) Systems and methods for using transport stream splicing for programming information security
EP3560212A1 (fr) Sécurisation de la transmission d'un contenu, d'une carte à puce d'un récepteur de télévision hôte à un récepteur de télévision client
CN113891162A (zh) 直播间加载方法、装置及计算机设备
US20090293082A1 (en) Video processing system with key table and methods for use therewith
WO2010106518A1 (fr) Procédé et système de commande de boîtiers décodeurs distribués
US9674306B2 (en) Method and system for communicating from a client device to a server device in a centralized content distribution system
JP7381690B2 (ja) 映像表示システム
US20090193450A1 (en) Signal receiver security apparatus and methods
JP6855193B2 (ja) 放送受信システム
JP6920569B2 (ja) 放送受信装置およびコンテンツ保護処理方法
KR100611370B1 (ko) 아바타를 통한 방송프로그램 참여 및 이를 위한 지원 시스템
JP6855196B2 (ja) 放送受信システム
US9621961B1 (en) Method and system for controlling a centralized content distribution system with a remote control
JP7062114B2 (ja) 放送受信システム
JP7418647B1 (ja) 放送受信装置およびコンテンツ保護処理方法
JP6923727B2 (ja) 放送番組のコンテンツのコピー制御方法
JP6928130B2 (ja) 放送番組の出力方法
US20100057758A1 (en) Alpha numeric media program stream selection
CN103518378A (zh) 确定电子装置的异常行为的方法以及能够实现这种方法的电子装置

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 10713518

Country of ref document: EP

Kind code of ref document: A1

DPE1 Request for preliminary examination filed after expiration of 19th month from priority date (pct application filed from 20040101)
NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 10713518

Country of ref document: EP

Kind code of ref document: A1