System and method for transmitting and receiving variable length authorization control for digital services

US 5,506,904 A
Filed: 12/03/1993
Issued: 04/09/1996
Est. Priority Date: 08/04/1993
Status: Expired due to Term

First Claim

Patent Images

1. In a receiver of a communication system for receiving digital data streams defining a plurality of services, said digital data streams being multiplexed in each of a sequence of frames and said sequence of multiplex frames being divided into a plurality of sessions, wherein the multiplex frames further include first authorization control information for authorizing the plurality of services defined by said digital data streams and second authorization control information for providing additional authorization control, and wherein said first authorization control information is included in the multiplex frames of each session, and said second authorization control information comprises a plurality of portions distributed over the multiplex frames of more than one session, wherein said second authorization control information included in any one session is insufficient to authorize a service for any receiver in said communication system, an apparatus for determining authorization of said services defined by at least one of said digital data streams comprising:

a selector for selecting a service defined by at least one of said digital data streams;

extracting means, responsive to said selector, for extracting the first and second authorization control information corresponding to said at least one digital data stream from the multiplex frames of more than one session; and

a security element for determining whether the selected service is authorized using the first authorization control information and the second authorization control information extracted from the frames of more than one session.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Authorization information, such as blackout and spotlight regions, circular blackout and spotlight regions, and tier pointers, may be transmitted from an encoder to a decoder in a plurality of sessions of data frames. By spreading the authorization information over a plurality of sessions, more space may be allocated for the provision of services. In addition, the authorization information may be framed by START and STOP fields so that the length of authorization information may be variable. Calculation of a circular blackout/spotlight region can be simplified by transmitting a distortion factor from the encoder to the decoder. Accordingly, complex calculations need not be performed at a microprocessor in the decoder.

179 Citations

34 Claims

1. In a receiver of a communication system for receiving digital data streams defining a plurality of services, said digital data streams being multiplexed in each of a sequence of frames and said sequence of multiplex frames being divided into a plurality of sessions, wherein the multiplex frames further include first authorization control information for authorizing the plurality of services defined by said digital data streams and second authorization control information for providing additional authorization control, and wherein said first authorization control information is included in the multiplex frames of each session, and said second authorization control information comprises a plurality of portions distributed over the multiplex frames of more than one session, wherein said second authorization control information included in any one session is insufficient to authorize a service for any receiver in said communication system, an apparatus for determining authorization of said services defined by at least one of said digital data streams comprising:
- a selector for selecting a service defined by at least one of said digital data streams;
  
  extracting means, responsive to said selector, for extracting the first and second authorization control information corresponding to said at least one digital data stream from the multiplex frames of more than one session; and
  
  a security element for determining whether the selected service is authorized using the first authorization control information and the second authorization control information extracted from the frames of more than one session.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
- - 2. An apparatus according to claim 1, wherein said security element, using said extracted second authorization control information, implements a plurality of authorization modes to determine whether the selected service is authorized.
  - 3. An apparatus according to claim 2, wherein the second authorization control information comprises authorization commands and authorization data specific to one of said plurality of the authorization modes implemented by said security element.
  - 4. An apparatus according to claim 3, wherein the authorization commands and authorization data specify a circular blackout region and wherein said security element implements a circular blackout authorization mode.
  - 5. An apparatus according to claim 3, wherein the authorization commands and authorization data specify a circular spotlight region and wherein said security element implements a circular spotlight authorization mode.
  - 6. An apparatus according to claim 3, wherein the authorization commands and authorization data specify a blackout group and wherein said security element implements a blackout group authorization mode.
  - 7. An apparatus according to claim 3, wherein the authorization commands and authorization data specify a spotlight group and wherein said security element implements a spotlight group authorization mode.
  - 8. An apparatus according to claim 3, wherein the authorization commands and authorization data specify a tier authorization field and wherein said security element implements a tier authorization mode.
  - 9. An apparatus according to claim 8, wherein:
    - said security element comprises memory for storing a string of values, wherein each value corresponds either to a first or a second state; and
      
      the authorization data comprises a tier pointer that indexes a value of said string of values stored in said memory, wherein said security element determines that the selected service is authorized if the value indexed by the tier pointer corresponds to the first state and determines that the selected service is not authorized if the value indexed by the tier pointer corresponds to the second state.
  - 10. An apparatus according to claim 8 wherein:
    - said security element comprises memory for storing a string of values, wherein each value corresponds either to a first or a second state; and
      
      the authorization data comprises a plurality of tier pointers that each index a value in the string of values stored in said memory, wherein said security element determines that the selected service is authorized if any value indexed by the plurality of tier pointers corresponds to the first state and determines that the selected service is not authorized if each of the tier pointers index values corresponding to the second state.
  - 11. An apparatus according to claim 3, the length of said authorization data being variable in the number of bytes.
  - 12. An apparatus according to claim 11, wherein the variable-byte length authorization data is preceded by a START authorization command in a first session and is followed by a STOP authorization command in a succeeding session.
  - 13. An apparatus according to claim 1, wherein each of the sequence of frames includes packets data, medium speed data, and high speed data, the first and second control authorization information being contained in the packets data and the digital data streams being contained in at least the medium speed data and the high speed data.
  - 14. An apparatus according to claim 13, wherein the second control authorization information is included in distinct packets of said packets data.
  - 15. An apparatus according to claim 14, wherein the distinct packets are of fixed length and said second control authorization information is contained in the distinct packets of frames in a variable number of sessions.
  - 16. An apparatus according to claim 1, wherein said access information output by said security element comprises location information concerning the location of a portion of said at least one data stream in each frame.
  - 17. An apparatus according to claim 1, wherein said at least one digital data stream is encrypted and wherein:
    - said security element comprises means for providing decryption information corresponding to said at least one digital data stream to said extracting means if the selected service is authorized; and
      
      said extracting means comprises decrypting means for decrypting said at least one digital data stream defining said selected service using said decryption information.
  - 18. An apparatus according to claim 1, wherein said at least one digital data stream is encrypted and wherein:
    - said security element comprises means for providing decryption information corresponding to said at least one digital data service to said extracting means if the selected service is authorized; and
      
      said extracting means comprises decrypting means for decrypting said at least one digital data stream using said decryption information.
  - 19. An apparatus according to claim 1, wherein the second authorization control information comprises information defining a circular region including a location of a center point and a radial distance from the center point and wherein said security element comprises:
    - storing means for storing information defining a location of the receiver and a geographic distortion factor; and
      
      computing means for computing whether the receiver location is within the circular region on the basis of the center point, the radial distance, the location of the receiver, and the geographic distortion factor; and
      
      wherein said security element determines whether the selected service is authorized based upon whether the receiver location is within the circular region.
  - 20. An apparatus according to claim 19, wherein the second authorization control information defines a blackout circular region and wherein said security element determines that the selected channel is not authorized if the receiver location is computed to be inside of the blackout circular region.
  - 21. An apparatus according to claim 19, wherein the second authorization control information defines a spotlight circular region and wherein said security element determines that the selected channels is not authorized if the receiver location is computed to be outside of the spotlight circular region.
  - 22. An apparatus according to claim 19, wherein said computing means computes that the receiver location is within the circular region if:
    - space="preserve" listing-type="equation">r.sup.2 >
      
      cos.sup.2 (B)*(A-X).sup.2 +(B-Y).sup.2
      where;
      
      r is the radial distance;
      
      (A,B) define the location of the receiver;
      
      (X,Y) define the center point; and
      
      cos² (B) is the geographic distortion factor.
  - 23. An apparatus according to claim 1, wherein said selector comprises a channel selector.
  - 24. An apparatus according to claim 15, wherein the distinct packet in the first frame containing second authorization control information includes a START command and the distinct packet of the last frame containing second authorization control information includes a STOP command.
  - 25. An apparatus according to claim 1, the length of said second authorization control information being variable in the number of bytes.
  - 26. An apparatus according to claim 25, wherein said security element determines whether the selected service is authorized only after said second control authorization information is received in its entirety.
  - 27. An apparatus according to claim 26, wherein the variable-length second authorization control information comprises a START authorization command in a first session and a STOP authorization command in a last session.

28. A method for operating a receiver in a communication system, comprising:
- receiving information defining a receiver location and a geographic distortion factor;
  
  receiving signals representative of service signals;
  
  receiving information defining a circular region including a location of a center point and a radial distance from the center point;
  
  determining whether the receiver is located within the circular region using the receiver location, the geographic distortion factor, the center point, and the radial distance; and
  
  outputting said service signals depending on whether the receiver is determined to be located within the circular region.
- View Dependent Claims (29, 30, 31, 32, 33, 34)
- - 29. A method according to claim 28, wherein said service signals are output only if the receiver is located outside of the circular region.
  - 30. A method according to claim 28, wherein said service signals are not output unless the receiver is located inside of the circular region.
  - 31. A method according to claim 28, wherein the receiver is determined to be located within the circular region if:
    - space="preserve" listing-type="equation">r.sup.2 >
      
      cos.sup.2 (B)*(A-X).sup.2 +(B-Y).sup.2
      where;
      
      r is the radial distance;
      
      (A,B) define the location of the receiver;
      
      (X,Y) define the center point; and
      
      cos² (B) is the geographic distortion factor.
  - 32. A method according to claim 28, wherein said received signals representative of service signals are encrypted and further comprising the steps of:
    - decrypting said received signals depending on whether the receiver is determined to be located within the circular region.
  - 33. A method according to claim 28, wherein said received signals are included in a multiplex of signals and further comprising the step of:
    - extracting said received signals from said multiplex of signals depending on whether the receiver is determined to be located within the circular region.
  - 34. A method according to claim 33, wherein said received signals representative of service signals are encrypted and further comprising the step of:
    - decrypting said received signals depending on whether the receiver is determined to be located within the circular region.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Scientific-Atlanta Incorporated (Cisco Systems, Inc.)
Inventors
Gammie, Keith B., Sheldrick, Wayne S., Chan, Gary W. C., Woo, Arthur S.
Primary Examiner(s)
Gregory, Bernarr E.

Application Number

US08/160,830
Time in Patent Office

858 Days
Field of Search

380/9, 380/10, 380/20, 380/23, 380/25, 380/49, 380/50
US Class Current

380/212
CPC Class Codes

H04B 7/2041   Spot beam multiple access

H04H 20/28   Arrangements for simultaneo...

H04N 21/2347   involving video stream encr...

H04N 21/4405   involving video stream decr...

H04N 21/4524   involving the geographical ...

H04N 21/4627   Rights management associate...

H04N 21/8355   involving usage data, e.g. ...

H04N 7/163   by receiver means only

H04N 7/1675   Providing digital key or au...

System and method for transmitting and receiving variable length authorization control for digital services

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

179 Citations

34 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for transmitting and receiving variable length authorization control for digital services

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

179 Citations

34 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links