Time-multiplexed multi-program encryption system

US 20050180568A1
Filed: 03/31/2005
Published: 08/18/2005
Est. Priority Date: 04/21/2003
Status: Active Grant

First Claim

Patent Images

1. A system for time-multiplexed, multi-program encryption, characterized by:

at least one receiver for receiving and decoding at least one multiplex stream;

at least one conditional access unit for encrypting at least one multiplex stream;

at least one multiplexer for directing selected packets of one or more multiplex streams to one or more conditional access units for encryption, receiving encrypted packets from said one or more conditional access units and combining encrypted and non-encrypted packets into one or more output streams;

critical packet identification means for identifying packets to be encrypted;

means for overriding and restoring selected packet parameters; and

means for replacing non-encrypted packets in a stream with encrypted packets.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method are described for greatly increasing the number of services that can be encrypted with existing conditional access equipment. The method is most useful when many digitally compressed programs are encrypted at the same time. Only the most critical components of each compressed video, audio, or data stream are selected and then sequenced into a single stream. Additional formatting causes this sequence of segments from multiple sources to appear as a single continuous stream to the conditional access system. Once this stream has been encrypted, it is demultiplexed and the components are restored and re-sequenced into their respective programs. Messages such as the Entitlement Control Messages that are inserted into the stream by the encryption system, are also adjusted and included with each of the reconstructed programs. The technique not only allows encryption systems to be designed using less encryption hardware, but also simplifies the management of encryption sessions, particularly in on-demand programming applications.

178 Citations

20 Claims

1. A system for time-multiplexed, multi-program encryption, characterized by:
- at least one receiver for receiving and decoding at least one multiplex stream;
  
  at least one conditional access unit for encrypting at least one multiplex stream;
  
  at least one multiplexer for directing selected packets of one or more multiplex streams to one or more conditional access units for encryption, receiving encrypted packets from said one or more conditional access units and combining encrypted and non-encrypted packets into one or more output streams;
  
  critical packet identification means for identifying packets to be encrypted;
  
  means for overriding and restoring selected packet parameters; and
  
  means for replacing non-encrypted packets in a stream with encrypted packets.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. A system according to claim 1, further characterized by:
    - means for reformatting packets sent to and received from one or more CA units.
  - 3. A system according to claim 1, further characterized by:
    - means for combining selected packets from multiple programs into a single stream and tagging said selected packets according to their source program, means for encrypting the single stream under a common tier;
      
      means for separating the encrypted packets according to tag values and replacing corresponding unencrypted packets in the multiple programs with the encrypted packets.
  - 4. A system according to claim 1, further characterized by:
    - means, for transmitting unencrypted critical packets in place of encrypted packets in the event of an encryption failure.
  - 5. A system according to claim 4, further characterized by:
    - means for discarding encrypted packets for which a corresponding unencrypted packet cannot be identified.
  - 6. A system according to claim 4, further characterized by:
    - means for transmitting unencrypted critical packets in place of encrypted packets in the event of an excessive encryption delay; and
      
      means for discarding encrypted packets received after a corresponding unencrypted packet has already been transmitted.
  - 7. A system according to claim 1, further characterized by:
    - means 1100 for sharing a single ECM among multiple programs in the same encryption tier when packets from said multiple programs are combined into a single multiplex stream.
  - 8. A system according to claim 1, further characterized by:
    - for each encryption tier, means for monitoring and indicating a rate at which packets are being encrypted;
      
      means responsive to said rate indication for adjusting critical packet threshold selection criteria to match said rate; and
      
      means for dropping critical packets that cause encryption capacity to be exceeded.
  - 9. A system according to claim 1, further characterized by:
    - for at least one encryption tier, means for monitoring and indicating a rate at which packets are being encrypted;
      
      means responsive to said rate indication for allocating an additional encryption channel on an available CA unit and initializing said additional encryption channel to the encryption tier for which said rate indication is made; and
      
      means for transitioning one or more programs to said additional encryption channel.
  - 10. A system according to claim 1, further characterized by:
    - for at least one encryption tier, means for monitoring and indicating a rate at which packets are being encrypted, where at least two encryption channels are active for the same encryption tier;
      
      means, responsive to a low rate indication for transitioning programs from at least one of said encryption channels to combine them onto another encryption channel active for the same encryption tier; and
      
      means for making the encryption channel from which programs were transitioned available for reallocation to another encryption tier.
  - 11. A system according to claim 1, further characterized by:
    - for each encryption tier for which two or more encryption channels are active, means for monitoring critical packet selection rates for each of said channels and transitioning programs between encryption channels to maintain a utilization balance therebetween.
  - 12. A system according to claim 1, further characterized by:
    - for each CA unit;
      
      means for monitoring and indicating a critical packet selection rate; and
      
      means responsive to said rate indication for adjusting critical packet selection criteria to maintain a desired critical packet selection rate.
  - 13. A system according to claim 1, further characterized by:
    - means for communicating between said conditional access units and multiplexers via a common network.

14. A method for time-multiplexed, multi-program encryption, comprising:
- receiving and processing streams corresponding to multiple programs;
  
  selecting critical packets from the multiple programs and combining them into at least one encryption stream;
  
  providing said encryption stream to a conditional access unit for encryption, said conditional access unit producing a corresponding encrypted stream; and
  
  separating packets in said encrypted stream and replacing corresponding packets of said multiple programs with said encrypted packets.
- View Dependent Claims (15, 16)
- - 15. A method according to claim 14, further comprising:
    - detecting encryption failures and delays, and transmitting corresponding unencrypted packets in place of encrypted packets when such failures and delays occur.
  - 16. A method according to claim 14, further comprising:
    - discarding encrypted packets for which an association with a corresponding unencrypted packet cannot be confirmed.

17. A method for time-multiplexed, multi-program encryption, comprising:
- receiving and processing streams corresponding to multiple programs;
  
  selecting and tagging critical packets from the multiple programs and combining them into at least one encryption stream;
  
  providing said encryption stream to a conditional access unit for encryption, said conditional access unit producing a corresponding encrypted stream;
  
  separating packets in said encrypted stream according to tag values and replacing corresponding packets of said multiple programs with said encrypted packets;
  
  for at least one encryption tier, monitoring a critical packet generation rate and generating an indication thereof; and
  
  transitioning programs from one encryption channel to another in response to said packet generation rate indication.
- View Dependent Claims (18, 19, 20)
- - 18. A method according to claim 17, further comprising:
    - in response to a high critical packet generation rate, initializing an additional encryption channel for encryption on the same encryption tier and transitioning critical packets for one or more programs to the additional encryption channel.
  - 19. A method according to claim 17 wherein:
    - at least two encryption channels are active at the same encryption tier, said method further comprising;
      
      in response to a low critical packet generation rate, transitioning all programs from a first encryption channel to a second encryption channel active at the same encryption tier; and
      
      making the first encryption channel available for reallocation to another tier.
  - 20. A method according to claim 17 wherein:
    - at least two encryption channels are active at the same encryption tier;
      
      said method further comprising;
      
      adjusting critical packet threshold selection criteria to maintain a balance in encryption rates between the at least two encryption channels.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Imagine Communications Limited (Gores Broadcast Holdings LLC)
Original Assignee
RGB Networks, Inc. (Gores Broadcast Holdings LLC)
Inventors
Krause, Edward A.

Granted Patent

US 7,590,237 B2
Time in Patent Office

Days
Field of Search
US Class Current

380/212
CPC Class Codes

H04N 21/23608   Remultiplexing multiplex st...

H04N 21/23897   by partially encrypting, e....

H04N 21/4181   for conditional access

H04N 21/4405   involving video stream decr...

H04N 21/4623   Processing of entitlement m...

H04N 21/47202   for requesting content on d...

Time-multiplexed multi-program encryption system

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

178 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Time-multiplexed multi-program encryption system

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

178 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links