Secure packet-based data broadcasting architecture
First Claim
1. Method for processing packets with encrypted data received by a client (3;
-
78-81) from a head-end (1;
4;
74, 83) connected to the client (3;
78-81) through at least one network (2;
77, 82), wherein the data packets comprise at least an encryption header (54, 55;
69) and an encrypted payload (52, 53;
70), comprising extracting the encryption header (54, 55;
69) from a data packet;
extracting and decrypting the encrypted payload (52, 53;
70) to form clear data (71);
generating a clear data packet header (72); and
generating a clear data packet fragment comprising the clear data packet header (72) and the clear data (71);
2 Assignments
0 Petitions
Accused Products
Abstract
A method for processing packets with encrypted data received by a client from a server through at least one network wherein the data packets comprise at least an encryption header (46) and payload (45), extracting the encryption header (54, 55; 69) from a data packet, extracting and decrypting the encrypted payload to form a clear data, generating a clear data packet segment. Secure packet-based transmission of content data from a server to at least one client comprises retrieving a clear data packet comprising an unencrypted payload, dividing the unencrypted payload into one or more segments, applying an encrypted algorithm to each segment to generate encrypted segments (47), generating encryption header for each encrypted segment composing a packet with encrypted data for each encrypted segment comprising the encrypted header (46), a data packet header and transmission of each of the composed packets to the client.
181 Citations
33 Claims
-
1. Method for processing packets with encrypted data received by a client (3;
-
78-81) from a head-end (1;
4;
74, 83) connected to the client (3;
78-81) through at least one network (2;
77, 82), wherein the data packets comprise at least an encryption header (54, 55;
69) and an encrypted payload (52, 53;
70), comprisingextracting the encryption header (54, 55;
69) from a data packet;
extracting and decrypting the encrypted payload (52, 53;
70) to form clear data (71);
generating a clear data packet header (72); and
generating a clear data packet fragment comprising the clear data packet header (72) and the clear data (71);
- View Dependent Claims (2, 3, 4, 5, 6, 7, 20, 33)
-
78-81) from a head-end (1;
-
8. Method for secure packet-based transmission of content data from a head-end (1;
-
4;
74, 83) to at least one client (3;
78-81), through at least one network (2;
77, 82) to which the head-end (1;
4;
74, 83) and the client (3;
78-81) are connected, comprising;
retrieving a clear data packet comprising an unencrypted payload;
dividing the unencrypted payload into one or more fragments (50, 51);
applying an encryption algorithm to each fragment (50, 51) to generate encrypted fragments (52, 53);
generating an encryption header (54, 55) for each encrypted fragment (52, 53);
composing a packet with encrypted data for each encrypted fragment (52, 53), comprising the fragment (52, 53), the encryption header (54, 55) for the fragment (52, 53) and a data packet header (56, 57); and
transmitting each of the thus composed packets to the client (3;
78-81). - View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
4;
-
21. System for secure packet-based transfer of content data, comprising a head-end (1;
-
4;
74, 83) that is connected to a network (2;
77, 82) and comprises a receiver for receiving clear data packets from a source (7;
76), an encryption unit (6) for encrypting at least part of the data packets and generating data packets comprising the encrypted part of the clear data packets and a network interface (25) for sending the data packets through the network (2;
77, 82), which system further comprises at least one client (3;
78-81) connected to the network (2;
77, 82), with a network interface (27) for receiving data packets sent through the network (2;
77, 82), capable of composing data packets from data packet fragments, wherein the client (3;
78-81) comprises a decryption unit (30) for generating clear data (71) by decrypting encrypted data (52, 53;
70) comprised in the received data packets and for generating data packet fragments from the clear data (71).
-
4;
-
22. Client (3;
-
78-81), connected to a head-end (1;
4;
74, 83) through a network (2;
77, 82), comprising;
a data packet receiver (27), capable of receiving data packets transmitted from the head-end (1;
4;
74, 83) through the network (2;
77, 82);
a buffer (29) for storing data packet fragments and composing a data packet from them;
an application program interface (28) for passing data packet fragments to the buffer (29); and
a decryption unit (30), for generating unencrypted data packet fragments by decrypting encrypted data (52, 53;
70) in a data packet, wherein the application program interface (28) is programmed to transfer received data packets comprising encrypted data (52, 53;
70) to the decryption unit (30) and to pass unencrypted data packet fragments to the buffer (29). - View Dependent Claims (23, 24, 25, 26, 27, 28)
-
78-81), connected to a head-end (1;
-
29. Data packet, suitable for transmission over a network (2;
-
77, 82), comprising a first header (56, 57;
67), an encrypted payload (52, 53;
7.0), generated by encrypting a data fragment (50, 51) using an encryption algorithm and a key, and an encryption header (54, 55;
69) comprising information detailing the algorithm and key used to encrypt the payload (52, 53;
70). - View Dependent Claims (30, 31, 32)
-
77, 82), comprising a first header (56, 57;
Specification