BROADCAST DEDUPLICATION FOR SATELLITE BROADBAND
First Claim
1. A computer-implemented method, comprising:
- receiving, by a headend gateway, a first data stream to forward to a first client device of a plurality of client devices;
determining that a data block in the first data stream is not known to be stored by the first client device;
generating a block-encryption key for the data block based on a base key for the first client device;
generating an encrypted data block by encrypting the data block using the block-encryption key;
generating a second data stream for the first client device, wherein the second data stream includes an identifier to the data block in place of the encrypted data block;
sending the second data stream to at least the first client device;
generating a block-decryption key for the encrypted data block, which involves deriving the block-decryption key from the base key for the first client device;
storing the encrypted data block along with the block-decryption key; and
responsive to determining that a second computing device needs to decrypt the encrypted data block, sending the block-decryption key to the second client device so that the block-decryption key is encrypted using a base key assigned to the second client device.
1 Assignment
0 Petitions
Accused Products
Abstract
A headend gateway can receive a data stream to forward to a client device of a broadcast network, and can determine whether the data stream includes a data block that has been recently broadcasted to any device of the broadcast network. The system can generate a new data stream that includes an identifier to any data block that has been broadcasted recently, and includes an encrypted block-decryption key that allows the recipient of the data stream to decrypt the data block. A client device of the broadcast network can receive a plurality of encrypted data blocks from the broadcast network, and can cache a subset of these encrypted data block regardless of whether or not they are intended for the local client device. The client device can access a cached data block when it receives an identifier and a block-decryption key for the data block.
56 Citations
26 Claims
-
1. A computer-implemented method, comprising:
-
receiving, by a headend gateway, a first data stream to forward to a first client device of a plurality of client devices; determining that a data block in the first data stream is not known to be stored by the first client device; generating a block-encryption key for the data block based on a base key for the first client device; generating an encrypted data block by encrypting the data block using the block-encryption key; generating a second data stream for the first client device, wherein the second data stream includes an identifier to the data block in place of the encrypted data block; sending the second data stream to at least the first client device; generating a block-decryption key for the encrypted data block, which involves deriving the block-decryption key from the base key for the first client device; storing the encrypted data block along with the block-decryption key; and responsive to determining that a second computing device needs to decrypt the encrypted data block, sending the block-decryption key to the second client device so that the block-decryption key is encrypted using a base key assigned to the second client device. - View Dependent Claims (3, 4, 5, 6, 9, 10, 11, 12, 26)
-
-
2. (canceled)
-
7-8. -8. (canceled)
-
13. A non-transitory computer-readable storage medium storing instructions that when executed by a computer cause the computer to perform a method, the method comprising:
-
receiving a first data stream to forward to a first client device of a plurality of client devices; determining that a data block in the first data stream is not known to be stored by the first client device; generating a block-encryption key for the data block based on a base key for the first client device; generating an encrypted data block by encrypting the data block using the block-encryption key; generating a second data stream for the first client device, wherein the second data stream includes the encrypted data block; sending the second data stream to at least the first client device; generating a block-decryption key for the encrypted data block, which involves deriving the block-decryption key from the base key for the first client device; storing the encrypted data block along with the block-decryption key; and responsive to determining that a second computing device needs to decrypt the encrypted data block, sending the block-decryption key to the second client device so that the block-decryption key is encrypted using a base key assigned to the second client device.
-
-
14. A computer-implemented method, comprising:
-
receiving, by a local computing device, a plurality of data blocks from a broadcast network; storing, from the plurality of data blocks, a first data block that is intended for a remote computing device; receiving a first data stream that includes a first identifier to the first data block in place of the first data block, and includes a block-decryption key that is specific to the first data block; and accessing the first data block from storage using the first identifier, wherein accessing the first data block involves decrypting the first data block using the block-decryption key. - View Dependent Claims (15, 16, 18, 19, 20, 21, 22, 23, 24)
-
-
17. (canceled)
-
25. A computing device, comprising:
-
a communication module to receive a plurality of data blocks from a broadcast network; and a block-processing module to store a first data block from the plurality of data blocks, wherein the first data block is intended for a remote computing device; wherein the communication module is further configured to receive a first data stream that includes a first identifier to the first data block in place of the first data block, and includes a block-decryption key that is specific to the first data block; and wherein the block-processing module is further configured to access the first data block from storage using the first identifier, wherein accessing the first data block involves decrypting the first data block using the block-decryption key.
-
Specification