Method For Authentication On A Subscriber Terminal

US 20080201749A1
Filed: 07/21/2005
Published: 08/21/2008
Est. Priority Date: 07/21/2004
Status: Abandoned Application

First Claim

Patent Images

1. A method for performing authentication on a subscriber terminal, comprising:

reading, by a set top box (STB) in the subscriber terminal, life cycle of a key from key information stored in a subscriber identification module in the subscriber terminal when the STB starts up;

initiating, by the STB, an authentication request to a head end when the life cycle expires, and performing, by the head end, authentication in accordance with the authentication request;

determining, by the head end, whether the authentication is passed, if the authentication is passed, returning a successful response message including new key information, otherwise returning a failed response message;

updating, by the STB, the key information when receiving the successful response message.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An embodiment of the present invention provides a method for performing authentication on a subscriber terminal in a digital television (DTV) network which comprises at least one subscriber terminal and a head end for sending encrypted DTV program data to each subscriber terminal, the subscriber terminal comprising a set top box (STB) and a subscriber identification module for storing key information for decrypting the DTV program data, the method including: reading, by the STB, the life cycle of the key from the subscriber identification module when the STB starts up; initiating, by the STB, an authentication request to the head end when the life cycle expires; performing, by the head end, authentication after receiving the authentication request, and sending a response message to the STB; receiving, by the STB, the response message, and updating the key information when the response message is a response message which indicates successful authentication.

15 Citations

View as Search Results

21 Claims

1. A method for performing authentication on a subscriber terminal, comprising:
- reading, by a set top box (STB) in the subscriber terminal, life cycle of a key from key information stored in a subscriber identification module in the subscriber terminal when the STB starts up;
  
  initiating, by the STB, an authentication request to a head end when the life cycle expires, and performing, by the head end, authentication in accordance with the authentication request;
  
  determining, by the head end, whether the authentication is passed, if the authentication is passed, returning a successful response message including new key information, otherwise returning a failed response message;
  
  updating, by the STB, the key information when receiving the successful response message.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method according to claim 1, further comprising:
    - setting the subscriber terminal to on-line state after the authentication is passed.
  - 3. The method according to claim 1, further comprising:
    - if the life cycle does not expire, determining whether the remaining effective time of the life cycle is less than a threshold value, if so, initiating an authentication request to the head end by the STB, otherwise the procedure ending.
  - 4. The method according to claim 2, further comprising:
    - if the life cycle does not expire, determining whether the remaining effective time of the life cycle is less than a threshold value, if so, initiating an authentication request to the head end by the STB, otherwise the procedure ending.
  - 5. The method according to claim 3, further comprising:
    - waiting for a random time before initiating an authentication request to the head end.
  - 6. The method according to claim 4, further comprising:
    - waiting for a random time before initiating an authentication request to the head end.
  - 7. The method according to claim 1, wherein the process of determining whether the authentication is passed comprises determining whether a unique subscriber ID of the subscriber terminal in the authentication request is legal.
  - 8. The method according to claim 7, further comprising:
    - after authentication is passed, determining whether the subscriber terminal is on-line, if the subscriber is on-line, returning the successful response message including new key information.
  - 9. The method according to claim 1, further comprising:
    - sequentially determining, by the head end, whether the life cycle of the key for each subscriber terminal expires, if so, sending a subscriber roll-call authentication message to the subscriber terminal, otherwise the procedure ending;
      
      sending, by the head end, an updated key information to the subscriber terminal, and setting the subscriber terminal to on-line state when a response message of the subscriber terminal is received in a prescribed time period;
      
      updating, by the subscriber terminal, the key information.
  - 10. The method according to claim 9, further comprising:
    - if the life cycle of the key does not expire, determining whether the remaining effective time of the life cycle is less than a threshold value, if so, sending the subscriber roll-call authentication message to the subscriber terminal, otherwise the procedure ending.
  - 11. The method according to claim 9, further comprising:
    - if the life cycle of the key for the subscriber terminal expires, determining whether the state of the subscriber terminal is on-line; and
      
      if the state of the subscriber terminal is on-line, determining whether on-line time of the subscriber terminal is larger than a preset maximum on-line time, if so, sending the subscriber roll-call authentication message to the subscriber terminal, otherwise the procedure ending.
  - 12. The method according to claim 9, further comprising:
    - receiving, by the subscriber terminal, the roll-call authentication message, and returning a response message including a unique subscriber ID of the subscriber terminal.
  - 13. The method according to claim 1, further comprising:
    - sending a shutdown authentication request when the STB shuts down;
      
      receiving, by the head end, the authentication request, and if the authentication is passed, setting the subscriber terminal to off-line state.
  - 14. The method according to claim 9, further comprising:
    - sending a shutdown authentication request when the STB shuts down;
      
      receiving, by the head end, the authentication request, and if the authentication is passed, setting the subscriber terminal to off-line state.

15. A system for performing authentication on a subscriber terminal in a digital television (DTV) network, comprising:
- at least one subscriber terminal, each comprising a set top box (STB) and a subscriber identification module for storing key information for decrypting DTV program data, the key information including a key and life cycle of the key; and
  
  a head end for sending the encrypted DTV program data to each subscriber terminal;
  
  wherein the STB is configured to read the life cycle of the key from the subscriber identification module when the STB starts up, initiate an authentication request to the head end when the life cycle expires, and update the key information when receiving a successful response message including new key information from the head end; and
  
  the head end is configured to perform authentication in accordance with the authentication request initiated by the STB, and determine whether the authentication is passed, if the authentication is passed, return the successful response message, otherwise return a failed response message.
- View Dependent Claims (16, 17)
- - 16. The system according to claim 15, wherein the head end is further configured to set the subscriber terminal to on-line state after the authentication is passed.
  - 17. The system according to claim 15, wherein the head end is further configured to sequentially determine whether the life cycle of the key for each subscriber terminal expires, if so, send a subscriber roll-call authentication message to the subscriber terminal;
    - send an updated key information to the subscriber terminal, and set the subscriber terminal to on-line state when a response message of the subscriber terminal is received in a prescribed time period.

18. A subscriber terminal, comprising:
- a subscriber identification module configured to store key information for decrypting encrypted digital television (DTV) program data, the key information including a key and life cycle of the key; and
  
  a set top box (STB) configured to read the life cycle of the key from the subscriber identification module when the STB starts up, initiate an authentication request to a head end when the life cycle expires, and update the key information when receiving a successful response message including new key information from the head end.

19. A head end, configured to perform authentication in accordance with an authentication request initiated by a set top box (STB) of a subscriber terminal;
- determine whether the authentication is passed;
  
  return a successful response message including new key information if the authentication is passed, the new key information including a new key and life cycle of the new key; and
  
  return a failed response message if the authentication is not passed.
- View Dependent Claims (20, 21)
- - 20. The head end according to claim 19, further configured to set the subscriber terminal to on-line state after the authentication is passed.
  - 21. The head end according to claim 19, further configured to sequentially determine whether a life cycle of a key for each subscriber terminal expires, if so, send a subscriber roll-call authentication message to the subscriber terminal;
    - send an updated key information to the subscriber terminal and set the subscriber terminal to on-line state, when a response message of the subscriber terminal is received in a prescribed time period.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Huawei Technologies Co., Ltd. (Huawei Investment & Holding Co., Ltd.)
Original Assignee
Huawei Technologies Co., Ltd. (Huawei Investment & Holding Co., Ltd.)
Inventors
Yao, Jun, Hu, Junling, Xu, Yonghong, Liu, Jinming, Ju, Degang

Application Number

US11/572,494
Publication Number

US 20080201749A1
Time in Patent Office

Days
Field of Search
US Class Current

725/100
CPC Class Codes

H04N 21/25816   involving client authentica...

H04N 21/4181   for conditional access

H04N 21/63345   by transmitting keys key di...

H04N 7/1675   Providing digital key or au...

H04N 7/173   with two-way working, e.g. ...

Method For Authentication On A Subscriber Terminal

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

15 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Method For Authentication On A Subscriber Terminal

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

15 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links