Access control of media services over an open network

US 20090019468A1
Filed: 01/10/2006
Published: 01/15/2009
Est. Priority Date: 03/09/2005
Status: Abandoned Application

First Claim

Patent Images

1. A method of providing media services over a network, the method comprising:

receiving a request from one of a plurality of boxes (hereinafter “

ordering box”

), the request including an order of a title;

communicating with the ordering box directly to determine whether the ordering box has been hacked;

If the ordering box has not been hacked,ensuring that the ordering box has a master key; and

identifying one or more of the boxes other than the ordering box to provide distributed segments pertaining to the title to the ordering box, wherein the ordering box proceeds with downloading the distributed segments, and a playback of the title based on the distributed segments together with residing segments, if any, is started or continued, wherein the master key is used to decrypt the distributed segments and the residing segments;

If the ordering box has been hacked,logging an identifier of the ordering box into a database; and

revoking any services to the ordering box till the ordering box is updated.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

To ensure that media services are only provided to those authorized users or receiving devices, various conditional access mechanisms are provided to secure that media services are only received in those authorized. Different from a prior art conditional access system, an entitlement control message containing a master key can be sent directly to an ordering box. Depending on implementation, a secure session may be established between a server and an ordering box, such that all secured information including a master key may be transported. Further an ordering box does not need to possess a key or keys needed to decrypt an entitlement control message, such key(s) may be transported from time to time in a secure session established between the server and the ordering box.

145 Citations

View as Search Results

27 Claims

1. A method of providing media services over a network, the method comprising:
- receiving a request from one of a plurality of boxes (hereinafter “
  
  ordering box”
  
  ), the request including an order of a title;
  
  communicating with the ordering box directly to determine whether the ordering box has been hacked;
  
  If the ordering box has not been hacked,ensuring that the ordering box has a master key; and
  
  identifying one or more of the boxes other than the ordering box to provide distributed segments pertaining to the title to the ordering box, wherein the ordering box proceeds with downloading the distributed segments, and a playback of the title based on the distributed segments together with residing segments, if any, is started or continued, wherein the master key is used to decrypt the distributed segments and the residing segments;
  
  If the ordering box has been hacked,logging an identifier of the ordering box into a database; and
  
  revoking any services to the ordering box till the ordering box is updated.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. The method of claim 1, further comprising:
    - verifying whether the order is authorized upon receiving the request; and
      
      determining, in accordance with a scheme, the one or more boxes designated to supply the distributed segments to the ordering box, after the order is authorized.
  - 3. The method of claim 2, wherein the master key is embedded in a smartcard associated with the ordering box.
  - 4. The method of claim 3, wherein the master key is updated whenever the ordering box is directly coupled to a server providing the media services.
  - 5. The method of claim 2, wherein the master key is delivered to the ordering box in a secure session when the ordering box is coupled to a server providing the media services.
  - 6. The method of claim 3, further comprising uploading data to the ordering box upon authenticating information from the smartcard, wherein the data includes various parameters pertaining to a user associated with the smartcard such that the ordering box becomes customized to the user, wherein the data does not include a complete copy of a title previously purchased or ordered by the user.
  - 7. The method of claim 6, wherein the ordering box is not a primary one that the user has been using.
  - 8. The method of claim 5, wherein the server is also configured to provide directly streaming pertaining to a program to one or more of the boxes when needed.
  - 9. The system of claim 8, wherein the streaming is multicast to the one or more boxes.
  - 10. The system of claim 8, wherein the server is also configured to provide an entire program in streaming to one of the boxes by a unicast protocol.
  - 11. The method of claim 1, wherein the identifying of the one or more boxes to provide distributed segments pertaining to the title comprises identifying a set of backup boxes, each backup box designated to support at least one of the one or more boxes should the one of the one or more boxes insufficiently supply one of the distributed segments.
  - 12. The method of claim 11, further comprising providing authentication information to facilitate secured communications between the ordering box and the one or more boxes.
  - 13. The method of claim 12, wherein the authentication information further includes security information to decipher the residing segments and the distributed segments.
  - 14. The method of claim 1, wherein the distributed segments are concurrently fetched into the ordering box from the one or more boxes.
  - 15. The method of claim 14, wherein data from the distributed objects being concurrently fetched from the one or more boxes is multiplexed with data from the residing segments to continue or start a playback of the title.
  - 16. The method of claim 1, wherein none of the distributed segments are provided by a server providing the media service to fulfill an order of the title so that a considerable computational requirement on the server is distributed among the one or more boxes.
  - 17. The method of claim 1, wherein each of the boxes is offering a library with a substantial number of titles available for selection, but each box storing less than a complete file for each of the titles.

18. A system of providing media services over a network, the system comprising:
- a server coupled to a network and configured to manage the medial services;
  
  a plurality of boxes coupled to the network, wherein one of the boxes (hereinafter “
  
  ordering box”
  
  ) initiating a request including an order of a title communicates directly with the server configured to proceed with determining whether the ordering box has been hacked;
  
  If the ordering box has not been hacked,the server ensuring that the ordering box has a master key; and
  
  identifying one or more of the boxes other than the ordering box to provide distributed segments pertaining to the title to the ordering box, wherein the ordering box proceeds with downloading the distributed segments, and a playback of the title based on the distributed segments together with residing segments, if any, is started or continued, wherein the master key is used to decrypt the distributed segments and the residing segments;
  
  If the ordering box has been hacked,the server logging an identifier of the ordering box into a database; and
  
  revoking any services to the ordering box till the ordering box is updated.
- View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27)
- - 19. The system of claim 18, wherein the server is further configured to:
    - verify whether the order is authorized upon receiving the request; and
      
      determine, in accordance with a scheme, the one or more boxes designated to supply the distributed segments to the ordering box, after the order is authorized.
  - 20. The system of claim 19, wherein the master key is embedded in a smartcard associated with the ordering box.
  - 21. The system of claim 20, wherein the master key is updated whenever there is a secure communication session is established between the ordering box and the server.
  - 22. The system of claim 18, wherein the server is also configured to provide directly streaming pertaining to a program to one or more of the boxes when needed.
  - 23. The system of claim 22, wherein the streaming is multicast to the one or more boxes.
  - 24. The system of claim 18, wherein the server is also configured to provide an entire program in streaming to one of the boxes by a unicast protocol.
  - 25. The system of claim 18, wherein data from the distributed objects being concurrently fetched from the one or more boxes is multiplexed with data from the residing segments to continue or start a playback of the title.
  - 26. The system of claim 18, wherein none of the distributed segments are provided by the server providing the media service to fulfill an order of the title so that a considerable computational requirement on the server is distributed among the one or more boxes.
  - 27. The system of claim 18, wherein each of the boxes is offering a library with a substantial number of titles available for selection, but each box storing less than a complete file for each of the titles.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Vudu Incorporated (Comcast Corporation)
Original Assignee
Vvond, LLC (Comcast Corporation)
Inventors
Goodman, Andrew M., Ganesan, Prasanna, Hodzic, Edin

Application Number

US11/331,113
Publication Number

US 20090019468A1
Time in Patent Office

Days
Field of Search
US Class Current

725/25
CPC Class Codes

G06F 16/40   of multimedia data, e.g. sl...

H04L 63/065   for group communications cr...

H04N 21/2585   Generation of a revocation ...

H04N 21/25875   involving end-user authenti...

H04N 21/42684   Client identification by a ...

H04N 21/4331   Caching operations, e.g. of...

H04N 21/632   using a connection between ...

H04N 21/63345   by transmitting keys key di...

H04N 21/8456   by decomposing the content ...

H04N 7/1675   Providing digital key or au...

H04N 7/17318   Direct or substantially dir...

Access control of media services over an open network

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

145 Citations

27 Claims

Specification

Use Cases

Quick Links

Others

Access control of media services over an open network

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

145 Citations

27 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others