Preventing Unauthorized Poaching of Set Top Box Assets
First Claim
1. A method for maintaining control over a set-top-box (STB) asset, comprising:
- authenticating, using a hardware-based authentication process, a first software application, the first software application having been generated by a first party, wherein the STB asset is operated by a second party;
once authenticated, using the first software application to authenticate a public key received with a second software application that was generated by a third party and is intended to be run on the STB asset;
once authenticated, using the public key of the third party to authenticate the second software application generated by the third party; and
confirming that the second software application is authorized to be run on the STB asset by consulting a list of authorized third parties, wherein the list of authorized third parties is itself authenticated by the first software application.
9 Assignments
0 Petitions
Accused Products
Abstract
To prevent poaching of an Internet Protocol (IP) set top box (STB) asset or similar network computing device from one system operator to another, code executing in the IP STB not only authenticates downloaded software images using a public key provided in a serial-number assigned digital certificate, but also confirms that the serial number appears on a signed whitelist, or does not appear on a signed blacklist. The code executing in the STB further preferably enforces a rule that only the authority that signed the already-loaded whitelist/blacklist may replace it with a new list. Such a “sticky whitelist/blacklist” ensures that if the STB boots or resets in a new network, the existing authentication list will not be replaced by a list that is valid for a new or different network, and, as a result, that new software code images will not be authenticated.
-
Citations
23 Claims
-
1. A method for maintaining control over a set-top-box (STB) asset, comprising:
-
authenticating, using a hardware-based authentication process, a first software application, the first software application having been generated by a first party, wherein the STB asset is operated by a second party; once authenticated, using the first software application to authenticate a public key received with a second software application that was generated by a third party and is intended to be run on the STB asset; once authenticated, using the public key of the third party to authenticate the second software application generated by the third party; and confirming that the second software application is authorized to be run on the STB asset by consulting a list of authorized third parties, wherein the list of authorized third parties is itself authenticated by the first software application. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method, comprising:
-
storing a first digitally signed list on an electronic device, the first digitally signed list including identification data for a plurality of software vendors authorized to load and run software on the electronic device; receiving, at the electronic device, a second digitally signed list, the second digitally signed list also including identification data for a plurality of software vendors authorized to load and run software on the electronic device; and replacing the first digitally signed list with the second digitally signed list when it is determined that a signing authority that signed the second digitally signed list is the same as a signing authority that signed the first digitally signed list. - View Dependent Claims (14, 15, 16)
-
-
17. A method comprising:
-
receiving at a set top box a signed list of serial numbers, wherein the serial numbers respectively identify authorized digital certificates, and a digital certificate includes a public key associated with a developer of a code image; storing the list of serial numbers in a memory of the set top box; receiving at the set top box a signed replacement list of serial numbers; and replacing the list of serial numbers with the list of serial numbers from the signed replacement list of serial numbers if a signing authority that signed the signed replacement list of serial numbers is the same as a signing authority that signed the list of serial numbers.
-
- 18. The method of claim 18, wherein the same signing authority is a system operator for the set top box.
-
20. A set-top-box (STB), comprising:
-
a public key embedded in a hardware device in the STB; and software code stored and operable on the STB to authenticate, based at least in part on the public key embedded in the hardware device and a stored list of authorized software vendors, a software image downloaded from a server and prepared by one of a plurality of software vendors, the software code further operable to replace the stored list of authorized software vendors only when a new list of authorized software vendors is signed by a same signing authority that signed the stored list of authorized software vendors. - View Dependent Claims (21, 22, 23)
-
Specification