Conditional access data decrypting system
First Claim
1. Conditional access data decryption system, this system comprising:
- a diffusion centre arranged to diffuse data encrypted by at least one control word, at least one management centre arranged to diffuse personal messages related to the management of access means to encrypted data, an operating device intended to render usable said encrypted data, and a decoder (arranged to decrypt at least one part of the encrypted data, placed between the diffusion centre (and the operating device, and comprising a module for the reception and decryption of encrypted data, and a module for the management of access rights to this data, these modules being physically different, the reception module being connected to the operating device and the management module being arranged to communicate with the reception module, the management module including a security module comprising a unique identification number and data allowing securing the connection between said management centre and the security module, the security module being arranged to verify the content of the personal messages IC and to allow or prevent the decryption of the control-word(s) according to the content of the personal messages, wherein the reception module receives the encrypted data originating from the diffusion centre via a first communication line, and the management module receives the personal messages through the management centre via a second communication line, and wherein the management module comprises data pertaining to the management centres with which these modules are authorized to communicate.
1 Assignment
0 Petitions
Accused Products
Abstract
This invention relates to a conditional access data decryption system, in particular used in the domain of digital pay television.
This system includes a diffusion centre (10) arranged to diffuse data encrypted by control-words (cw), at least one management centre (11) arranged to diffuse personal messages (ECM, EMM) related to the management of access means to encrypted data, an operating device (12) intended to render usable said encrypted data, and a decoder (13) arranged to decrypt at least one part of the encrypted data. This decoder is placed between the diffusion centre (10) and the operating device (12). This decoder (13) comprises a module (14) for the reception and decryption of encrypted data and a module (15) for the management of access rights to this data. The reception module (14) is connected or integrated into the operating device (12) and the management module (15) is arranged to communicate with the reception module. The management module (15) includes a security module (16) arranged to verify the content of the personal messages (ECM, EMM) and to allow or prevent the decryption of the control words (cw) according to the content of the personal messages. The reception module receives the encrypted data originating from the diffusion centre (10) and the management module receives the authorization messages (EMM) from the management centre (11).
14 Citations
20 Claims
-
1. Conditional access data decryption system, this system comprising:
-
a diffusion centre arranged to diffuse data encrypted by at least one control word, at least one management centre arranged to diffuse personal messages related to the management of access means to encrypted data, an operating device intended to render usable said encrypted data, and a decoder (arranged to decrypt at least one part of the encrypted data, placed between the diffusion centre (and the operating device, and comprising a module for the reception and decryption of encrypted data, and a module for the management of access rights to this data, these modules being physically different, the reception module being connected to the operating device and the management module being arranged to communicate with the reception module, the management module including a security module comprising a unique identification number and data allowing securing the connection between said management centre and the security module, the security module being arranged to verify the content of the personal messages IC and to allow or prevent the decryption of the control-word(s) according to the content of the personal messages, wherein the reception module receives the encrypted data originating from the diffusion centre via a first communication line, and the management module receives the personal messages through the management centre via a second communication line, and wherein the management module comprises data pertaining to the management centres with which these modules are authorized to communicate. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification