System for securely delivering encrypted content on demand with access contrl

US 20020083438A1
Filed: 07/03/2001
Published: 06/27/2002
Est. Priority Date: 10/26/2000
Status: Abandoned Application

First Claim

Patent Images

1. A system for delivering content to a subscriber terminal on-demand through a communication network, the system comprising:

a content preparation module for preencrypting the content offline to form pre-encrypted content;

an on-demand module receiving the pre-encrypted content from the content preparation module, for storing, and transmitting the pre-encrypted content to the subscriber terminal when authorized;

an encryption renewal system interfacing with the on-demand module to generate entitlement control messages allowing the pre-encrypted content to be decryptable for a designated duration; and

a conditional access system for providing a periodical key to the encryption renewal system, to permit generation of the entitlement control messages that convey information required to decrypt the pre-encrypted content including the periodical key to the subscriber terminal.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of delivering content from a head end to subscriber terminals within one or more cable systems. Such content may be video, audio or the like. The method includes the step of encrypting the content offline to form pre-encrypted content, generating an encryption record containing parameters employed for encrypting the content. Based on the encryption record, a control message for permitting access to the pre-encrypted content is generated using a periodical key provided by the first cable system. The pre-encrypted content and associated control message is thereafter forwarded to the first subscriber terminal for decryption of the content. For a second subscriber terminal within a second cable system, the pre-encrypted content is retrofitted with a second control message permitting the pre-encrypted content to be decrypted by the second subscriber terminal. Further, multiple versions of a control message for multiple service tiers within a cable system may be generated, each version for permitting access to a particular service tier within the system.

192 Citations

40 Claims

1. A system for delivering content to a subscriber terminal on-demand through a communication network, the system comprising:
- a content preparation module for preencrypting the content offline to form pre-encrypted content;
  
  an on-demand module receiving the pre-encrypted content from the content preparation module, for storing, and transmitting the pre-encrypted content to the subscriber terminal when authorized;
  
  an encryption renewal system interfacing with the on-demand module to generate entitlement control messages allowing the pre-encrypted content to be decryptable for a designated duration; and
  
  a conditional access system for providing a periodical key to the encryption renewal system, to permit generation of the entitlement control messages that convey information required to decrypt the pre-encrypted content including the periodical key to the subscriber terminal.
- View Dependent Claims (2)
- - 2. The system of claim 1 wherein the communication network is a cable network for distributing audio/video content from a cable central office to all or a subset of subscriber terminals.

3. A method of delivering content from one or more cable systems to subscriber terminals within the cable systems, the cable systems being communicatively coupled to an offline encryption device, the method comprising:
- receiving by a first cable system, a request for the content from a first subscriber terminal of the first cable system;
  
  preencrypting, by the offline encryption device, the content to form pre-encrypted content prior to the step of receiving a request;
  
  generating an encryption record containing parameters employed for encrypting the content;
  
  based on the encryption record and a first key information, generating one or more control messages for permitting access to the pre-encrypted content; and
  
  transmitting the pre-encrypted content associated with the one or more control messages to the first subscriber terminal for decryption of the pre-encrypted content.
- View Dependent Claims (4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 18, 19, 33, 34, 37, 39)
- - 4. The method of claim 3 further comprising receiving, by a second cable system, a request from a second subscriber terminal of the second cable system, and based on the encryption record and a second key information, generating one or more control messages for permitting the second subscriber terminal to access the pre-encrypted content.
  - 5. The method of claim 3 wherein the first key information is provided by a conditional access system that uses the key information to control the first subscriber terminal.
  - 6. The method of claim 5 wherein the key information is for a key that is periodical and valid for a designated duration.
  - 7. The method of claim 6 wherein the designated duration is shortly before, contemporaneous with, or shortly after the first key is changed by the conditional access system.
  - 8. The method of claim 3 wherein the one or more control messages is a first entitlement control message for conveying information to the first subscriber terminal to compute a key.
  - 9. The method of claim 3 further comprising changing the first key information after a designated duration, and reporting the key change by the first cable system.
  - 10. The method of claim 3 further comprising retrofitting a second entitlement control message to the pre-encrypted content for permitting access to the pre-encrypted content after the first key information expires.
  - 11. The method of claim 10 wherein the retrofitting of the second control message employs a second key information.
  - 12. The method of claim 11 wherein the step of retrofitting the second entitlement control message is synchronized with changing of a first key information to the second key information.
  - 13. The method of claim 3 further comprising providing the parameters from an encryption renewal system that generates the one or more entitlement control messages.
  - 14. The method of claim 13 wherein the step of generating an encryption record is by an offline encryption system.
  - 15. The method of claim 4 further comprising providing first and second service tiers in the first cable system to further limit access to the pre-encrypted content.
  - 16. The method of claim 15 further comprising generating a first entitlement control message allowing the first subscriber terminal to access the pre-encrypted content only in the first service tier, and generating a second entitlement message allowing a second subscriber terminal to access the pre-encrypted only in the second service tier.
  - 18. The system of claim 17 further comprising means for generating a third entitlement message.
  - 19. The system of claim 18 wherein the third entitlement message is for permitting access to the first pre-encrypted content after expiration of the first entitlement message.
  - 33. The method of claim 3 wherein the step of pre-encrypting is carried out using a third key, and the encryption record contains information about the third key.
  - 34. The method of claim 33 further comprising translating the third key into the first key information.
  - 37. The system of claim 36 further comprising a second cable system having a second conditional access system and a second video on-demand system each communicably coupled to the encryption renewal system.
  - 39. The method of claim 38 wherein the pre-encrypted content is encrypted prior to transmitting the content to the first and second communication system.

17. A system for delivering first and second content to a subscriber terminal on-demand through a communication network, the system comprising:
- means for pre-encrypting the first and second content offline to form first and second pre-encrypted content, and for generating a first encryption record associated with the first pre-encrypted content, and a second encryption record for the second pre-encrypted content;
  
  means for generating a first and second entitlement messages that allow decryption of the first and second pre-encrypted contents, respectively;
  
  a conditional access system for providing information included in the first and second entitlement messages by the means for generating; and
  
  means for receiving the pre-encrypted content from the means for pre-encrypting, forwarding the first and second encryption records to the means for generating which generates the first and second entitlement messages for forwarding to the subscriber terminal.

20. A method using an encryption renewal system, the method permitting first and second communication systems to control subscriber access to pre-encrypted content that was previously encrypted offline, the method comprising:
- receiving, by the encryption renewal system, a first cryptographic information from the first communication system;
  
  receiving an encryption record containing parameters employed during encryption to form the pre-encrypted content; and
  
  generating for the first communication system, a first control message for providing access to the pre-encrypted content based on the first cryptographic information and the first encryption record.
- View Dependent Claims (21, 22, 23, 25, 26, 27, 28, 29, 30, 31, 32, 35, 36, 40)
- - 21. The method of claim 20 further comprising receiving, by the encryption renewal system, a second cryptographic information from the second communication system;
    - receiving the encryption record containing parameters employed during encryption to form the pre-encrypted content; and
      
      generating for the second communication system, a second control message for providing access to the pre-encrypted content based on the second cryptographic information and the encryption record.
  - 22. The method of claim 20 further comprising generating a third control message upon expiration of the first control message, to provide access to the pre-encrypted content.
  - 23. The method of claim 20 further comprising retrieving entitlement control messages associated with the pre-encrypted content;
    - and specifying a tier to which a subscriber is authorized when the pre-encrypted program is purchased.
  - 25. The system of claim 24 further comprising a conditional access system having software interfacing with a billing system to coordinate subscriber access to the pre-encrypted content based on a subscriber purchase.
  - 26. The system of claim 24 further comprising an interactive system including software having instructions for providing two-way subscriber interaction between the subscriber system and the video on-demand system.
  - 27. The system of claim 24 further comprising one or more service tiers to secure the pre-encrypted content.
  - 28. The system of claim 24 wherein the encryption renewal system generates first and second versions of an entitlement control message, for accessing the pre-encrypted content in a first and a second tier, respectively.
  - 29. The system of claim 24 further comprising retrieving entitlement control messages associated with the pre-encrypted content, and specifying the tier for which a subscriber is authorized when the pre-encrypted program is purchased.
  - 30. The system of claim 24 wherein the encryption renewal system provides a call back mechanism indicating the next time by which the video on-demand system should contact the encryption renewal system.
  - 31. The method of claim 20 further comprising providing a call back mechanism.
  - 32. The method of claim 20 further comprising maintaining a list of first, second and third communication systems and their addressing information.
  - 35. The system of claim 25 wherein the video on-demand system and the conditional access system are decoupled.
  - 36. The system of claim 25 wherein the video on-demand system and the conditional access systems comprise a first cable system, each communicably coupled to the encryption renewal system.
  - 40. The method of claim 20 further comprising assigning subscriber tiers, so that only a designated number of subscribers share each subscriber tier within a fiber node.

24. A system for delivering content to a subscriber terminal on-demand through a point-to-point communication network, the system comprising:
- an offline encryption system having software containing one or more instructions for pre-encrypting the content to form pre-encrypted content before a content request is received from the subscriber terminal;
  
  a video on-demand system including software having one or more instructions for receiving the pre-encrypted content from the offline encryption system, and forwarding the pre-encrypted content to the subscriber terminal; and
  
  an encryption renewal system interfacing with the offline encryption system to provide encryption parameters for encrypting the content, and interfacing with the video on-demand system to generate entitlement control messages allowing the pre-encrypted content to be decryptable for a designated duration, wherein the entitlement control messages are generated by using a periodical key.

38. A method of delivering pre-encrypted content to subscribers from a first and a second communication system the method comprising:
- preencrypting the content once at a centralized facility, and prior to distribution to the first and second communication systems;
  
  if the first communication is authorized to receive the content, transmitting the content to the first communication system;
  
  storing the content by the first communication system;
  
  if the second communication system is authorized to receive the content, transmitting the conent to the second communication system; and
  
  storing the content by the second communication system, wherein the content is distributable by the first communication system to a first subscriber within the first communication system upon request from the first subscriber, and the content is distributable by the second communication system to a second subscriber within the second communication system upon request.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google Technology Holdings LLC (Alphabet Inc.), General Instrument Corporation (CommScope Holding Company, Inc.)
Original Assignee
Google Technology Holdings LLC (Alphabet Inc.)
Inventors
Wakabayashi, Akiko, So, Nicol Chung Pang, Tang, Lawrence W., Okimoto, John I., Cochran, Keith R., Chen, Annie On-Yee

Application Number

US09/898,184
Publication Number

US 20020083438A1
Time in Patent Office

Days
Field of Search
US Class Current

725/31
CPC Class Codes

H04N 21/2225   Local VOD servers

H04N 21/23106   involving caching operation...

H04N 21/2347   involving video stream encr...

H04N 21/23473   by pre-encrypting

H04N 21/2541   Rights Management protectin...

H04N 21/2543   Billing , e.g. for subscrip...

H04N 21/26606   for generating or managing ...

H04N 21/26609   using retrofitting techniqu...

H04N 21/4143   embedded in a Personal Comp...

H04N 21/4405   involving video stream decr...

H04N 21/44204   Monitoring of content usage...

H04N 21/4627   Rights management associate...

H04N 21/47202   for requesting content on d...

H04N 21/47211   for requesting pay-per-view...

H04N 21/63345   by transmitting keys key di...

H04N 21/63775   for uploading keys, e.g. fo...

H04N 21/6405   Multicasting data broadcast...

H04N 21/6587   Control parameters, e.g. tr...

H04N 21/8355   involving usage data, e.g. ...

H04N 21/8549   Creating video summaries, e...

H04N 7/165 : Centralised control of user...

H04N 7/1675 : Providing digital key or au...

H04N 7/17336 : Handling of requests in hea...

View All

System for securely delivering encrypted content on demand with access contrl

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

192 Citations

40 Claims

Specification

Solutions

Use Cases

Quick Links

System for securely delivering encrypted content on demand with access contrl

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

192 Citations

40 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links