Processing device revocation and reinvocation

US 20070174621A1
Filed: 01/24/2006
Published: 07/26/2007
Est. Priority Date: 01/24/2006
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

storing, at a storage location of a system, a first security value;

utilizing, at the system, a first security certificate compatible with the first security value and incompatible with at least a second security value, wherein the first security certificate enables one or more processing features of the system in conjunction with the first security value;

receiving, at the system, a certificate revocation stimulus;

modifying a value at a first bit position of the storage location so as to convert the first security value stored at the storage location to the second security value.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method includes storing, at a storage location of a system, a first security value and utilizing, at the system, a first security certificate compatible with the first security value and incompatible with at least a second security value, wherein the first security certificate enables one or more processing features of the system in conjunction with the first security value. The method also includes receiving a certificate revocation stimulus and modifying a value at a first bit position of the storage location so as to convert the first security value stored at the storage location to the second security value. Another method includes receiving multimedia data at a system, wherein the multimedia data is representative of multimedia content including a digital watermark representing one or more system identifiers, and disabling at least one processing feature if the system identifiers includes a unique identifier associated with the system.

135 Citations

View as Search Results

50 Claims

1. A method comprising:
- storing, at a storage location of a system, a first security value;
  
  utilizing, at the system, a first security certificate compatible with the first security value and incompatible with at least a second security value, wherein the first security certificate enables one or more processing features of the system in conjunction with the first security value;
  
  receiving, at the system, a certificate revocation stimulus;
  
  modifying a value at a first bit position of the storage location so as to convert the first security value stored at the storage location to the second security value.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. The method of claim 1, further comprising:
    - receiving, at the system, a second security certificate compatible with the second security value and incompatible with at least a third security value; and
      
      utilizing, at the system, the second security certificate, wherein the second security certificate enables one or more processing features of the system in conjunction with the second security value.
  - 3. The method of claim 2, further comprising:
    - transmitting a request for the second security certificate to a certificate authority in response to the conversion of the first security value to the second security value at the storage location; and
      
      wherein the second security certificate is received in response to the request for the second security certificate.
  - 4. The method of claim 2, wherein:
    - the second security certificate is received as an encrypted security certificate; and
      
      the method further comprises decrypting, at the system, the encrypted security certificate to generate the second security certificate.
  - 5. The method of claim 2, further comprising:
    - receiving, at the system, a second certificate revocation stimulus subsequent to receiving the first certificate revocation stimulus. modifying a value at a second bit position of the storage location so as to convert the second security value stored at the storage location to the third security value.
  - 6. The method of claim 1, wherein utilizing the first security certificate comprises:
    - enabling the one or more processing features of the system when the first security value is accessible from the storage location; and
      
      disabling the one or more processing features of the system when the first security value is not accessible from the storage location.
  - 7. The method of claim 1, wherein the one or more processing features comprises at least one of an encryption processing feature, a decryption processing feature, a multimedia decoding processing feature, a multimedia encoding processing feature, a multimedia transcoding processing feature, a multiple data stream processing feature, a mass storage system access processing feature, or a display control processing feature.
  - 8. The method of claim 1, wherein the certificate revocation stimulus comprises a revocation command issued by an entity including or in association with at least one of a certificate authority, a multimedia content provider or a manufacturer of the system.
  - 9. The method of claim 1, further comprising:
    - receiving, at the system, a representation of one or more unique identifiers identifying systems to be revoked; and
      
      wherein the certificate revocation stimulus comprises a determination that the one or more unique identifiers includes a unique identifier of the system.
  - 10. The method of claim 9, wherein receiving the representation of the one or more unique identifiers comprises receiving multimedia data at the system, wherein the representation of the one or more unique identifiers is embedded in the multimedia data.
  - 11. The method of claim 1, further comprising:
    - receiving, at the system, a second certificate revocation stimulus subsequent to receiving the first certificate revocation stimulus; and
      
      permanently disabling one or more processing features of the system in response to receiving the second revocation stimulus.
  - 12. The method of claim 11, wherein permanently disabling the one or more processing features of the system comprises modifying a value at a second bit position of the storage location associated with at least one processing feature of the system, wherein the at least one processing feature of the multimedia system is disabled when the modified value is present at the second bit position of the storage location.
  - 13. The method of claim 11, wherein permanently disabling the one or more processing features of the system comprises at least one of blowing one or more fuses of the system associated with the one or more processing features or modifying a unique value stored at a storage location of the system.
  - 14. The method of claim 1, wherein the storage location comprises a one-time programmable storage location.
  - 15. The method of claim 1, wherein the system comprises a multimedia system.
  - 16. The method of claim 15, wherein the multimedia system comprises at least one of:
    - a television, a computer, a set-top box, a video-enable portable phone or a personal digital assistant.
  - 17. The method of claim 1, wherein the system comprises an integrated circuit device.

18. A method comprising:
- receiving multimedia data at a system, wherein the multimedia data is representative of multimedia content and wherein the multimedia content includes a digital watermark representing one or more system identifiers; and
  
  disabling at least one processing feature of the system if the one or more system identifiers includes a unique identifier associated with the system.
- View Dependent Claims (19, 20, 21, 22, 23, 24, 25)
- - 19. The method of claim 18, wherein:
    - the digital watermark comprises an encrypted representation of the one or more system identifiers; and
      
      the method further comprises decrypting the digital watermark to obtain an unencrypted representation of the one or more system identifiers.
  - 20. The method of claim 19, wherein the digital watermark is decrypted using a decryption key value stored at a memory location of the system that is accessible only internal to the system.
  - 21. The method of claim 20, wherein disabling at least one processing feature comprises disabling access to the decryption key value by the system.
  - 22. The method of claim 21, wherein:
    - the memory location comprises a one-time-programmable memory location; and
      
      wherein disabling access to the decryption key valve comprises modifying a value at a bit position of the one-time-programmable memory location so as to convert the decryption key value to the alternate value.
  - 23. The method of claim 18, wherein the system comprises a multimedia system.
  - 24. The method of claim 23, wherein the multimedia system comprises at least one of:
    - a television, a computer, a set-top box, a video-enable portable phone or a personal digital assistant.
  - 25. The method of claim 18, wherein the system comprises an integrated circuit device.

26. A system comprising:
- a storage location to store a security value;
  
  a certificate storage component to store one or more security certificates;
  
  a multimedia processing module to process multimedia data; and
  
  a security module operably coupled to the storage location and the multimedia processing module, wherein the security module is to;
  
  disable one or more processing features of the multimedia processing module in response to determining an incompatibility between a selected security certificate stored at the certificate storage module and the security value stored at the storage location; and
  
  modify the security value by modifying a value at an identified bit position in response to a certificate revocation stimulus.
- View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
- - 27. The system of claim 26, further comprising:
    - an encryption module to decrypt encrypted data.
  - 28. The system of claim 27, wherein the security module further is to disable one or more processing features of the encryption module in response to determining the incompatibility between the selected security certificate and the security value.
  - 29. The system of claim 27, wherein:
    - the encrypted data comprises an encrypted security certificate compatible with the modified security value; and
      
      wherein a decrypted version of the encrypted security certificate is stored as the selected security certificate at the certificate storage component.
  - 30. The system of claim 26, wherein the security module further is to permanently disable one or more processing features of the system in response to a second certificate revocation stimulus.
  - 31. The system of claim 26, wherein:
    - the multimedia data includes a representation of one or more unique identifiers; and
      
      the first certificate revocation stimulus comprises a determination that one or more unique identifiers includes a unique identifier of the system.
  - 32. The system of claim 31, wherein the representation of the one or more unique identifiers is embedded in the multimedia data as digital watermark data.
  - 33. The system of claim 26, wherein the storage location comprises a one-time programmable storage location.
  - 34. The system of claim 26, wherein the system comprises a multimedia system.
  - 35. The system of claim 34, wherein the multimedia system comprises at least one of:
    - a television, a computer, a set-top box, a video-enable portable phone or a personal digital assistant.
  - 36. The system of claim 26, wherein the system comprises an integrated circuit device.

37. A system comprising:
- an input to receive multimedia data representative of multimedia content, wherein the multimedia content includes digital watermark data representative of one or more system unique identifiers; and
  
  a security module to disable at least one processing feature of the system if the one or more system unique identifiers includes a unique identifier associated with the system.
- View Dependent Claims (38)
- - 38. The system of claim 37, wherein the security module permanently disables the at least one processing feature.

39. A method comprising:
- receiving a request to reinvoke one or more processing features of a system, the request comprising a first security value;
  
  generating a first security certificate based on the first security value, wherein the first security certificate enables the one or more processing features of the system in conjunction with the first security value; and
  
  transmitting the first security certificate to the system.
- View Dependent Claims (40, 41, 42)
- - 40. The method of claim 39, wherein the first security value comprises a modified version of a second security value that, in conjunction with a second security certificate, enables the one or more processing features of the system.
  - 41. The method of claim 40, wherein the second security value comprises a unique system identifier.
  - 42. The method of claim 39, wherein the first security value comprises an encryption key portion.

43. A method comprising:
- issuing a first security certificate from a certificate authority to a processing device, wherein the first security certificate is compatible with a first security value stored at the processing device and wherein the first security certificate, in conjunction with the first security value, enables one or more processing features of the processing device;
  
  modifying, at the processing device, the stored first security value to generate a second security value in response to a certificate revocation stimulus;
  
  providing, via a communications link, a reinvocation request from the processing device to the certificate authority in response to modifying the stored first security value;
  
  issuing a second security certificate from the certificate authority to the processing device, wherein the second security certificate is compatible with the second security value stored at the processing device and wherein the second security certificate, in conjunction with the second security value, enables the one or more processing features of the processing device.
- View Dependent Claims (44, 45, 46, 47)
- - 44. The method of claim 43, wherein issuing the first security certificate comprises storing the first security certificate at the processing device.
  - 45. The method of claim 43, wherein modifying the stored first security value comprises modifying a value at a first bit position of a storage location of the processing device that stores the first security value so as to convert the first security value to the second security value.
  - 46. The method of claim 45, wherein the storage location comprises a one-time-programmable storage location.
  - 47. The method of claim 45, further comprising:
    - providing a list of one or more unique identifiers from the certificate authority to the processing device; and
      
      wherein the certificate revocation stimulus comprises a presence of a unique identifier of the processing device in the list of one or more unique identifiers.

48. A system comprising:
- a processing device comprising;
  
  a storage location to store a security value;
  
  a certificate storage component to store one or more security certificates; and
  
  a security module operably coupled to the storage location, wherein the security module is to;
  
  modify the security value in response to a certificate revocation stimulus to generate a modified security value;
  
  disable one or more processing features of the processing device in response to determining an incompatibility between a selected first security certificate stored at the certificate storage module and the security value stored at the storage location; and
  
  transmit, via a communications link, a reinvocation request in response to disabling the one or more processing features;
  
  a certificate authority coupled to the processing device via the communications link, wherein the certificate authority is to;
  
  generate a second security certificate in response to the reinvocation request, wherein the second security certificate is compatible with the modified security value; and
  
  issue the second security certificate to the processing device for implementation at the processing device.
- View Dependent Claims (49, 50)
- - 49. The system of claim 48, wherein the reinvocation request includes a representation of the modified security value.
  - 50. The system of claim 49, wherein the certificate authority further is to:
    - generate a list of one or more unique identifiers;
      
      provide a representation of the list to the programming device; and
      
      wherein the certificate revocation stimulus comprises a presence of a unique identifier associated with the processing device in the list of the one or more unique identifiers.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
VIXS Systems Incorporated (Pixelworks Incorporated)
Original Assignee
VIXS Systems Incorporated (Pixelworks Incorporated)
Inventors
Ducharme, Paul

Granted Patent

US 8,131,995 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/176
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G06F 21/16   Program or content traceabi...

G06F 21/6209   to a single file or object,...

G06F 2221/2141   Access rights, e.g. capabil...

Processing device revocation and reinvocation

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

135 Citations

50 Claims

Specification

Solutions

Use Cases

Quick Links

Processing device revocation and reinvocation

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

135 Citations

50 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links