Security model for interactive television applications

US 6,148,081 A
Filed: 11/20/1998
Issued: 11/14/2000
Est. Priority Date: 05/29/1998
Status: Expired due to Term

- Alert
- Pin

Associated Cases

Associated Defendants

First Claim

Patent Images

1. A method for controlling functions of interactive television applications in an interactive television system, the method comprising:

loading in said interactive television system an interactive television application having a credential associated therewith, said credential including information identifying one or more functions;

verifying said credential;

when said interactive television application attempts to perform said one or more functions, allowing said interactive television application to perform said one or more functions if said information indicates permission to perform said one or more functions.

View all claims

0 Assignments

Timeline View

Assignment View

Litigations

1 Petition

Accused Products

Abstract

A system and method implemented in an interactive television system for restricting or controlling the access rights of interactive television applications and carousels. The system broadcasts modules from a broadcast station to a plurality of receiving stations, which execute applications containing the modules. In one embodiment, the applications utilize a credential consisting of a producer identification number (ID) and an application ID for each of the grantor and grantee applications, an expiration date, a set of permission data, a producer certificate and a signature. An application requesting access and a carousel granting access may be identified by respective producer and application IDs. The credential utilizes public key encryption to ensure the integrity of the credential. The producer and application IDs may be replaced with wildcards so that rights may be granted to a group of producers or applications.

Citations

26 Claims

1. A method for controlling functions of interactive television applications in an interactive television system, the method comprising:
- loading in said interactive television system an interactive television application having a credential associated therewith, said credential including information identifying one or more functions;
  
  verifying said credential;
  
  when said interactive television application attempts to perform said one or more functions, allowing said interactive television application to perform said one or more functions if said information indicates permission to perform said one or more functions.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1 further comprising storing said information if said credential is valid.
  - 3. The method of claim 1 wherein said credential contains an expiration date and wherein said step of verifying said credential further comprises determining whether said expiration date has passed.
  - 4. The method of claim 1 wherein said information identifying said one or more functions comprises a producer ID and an application ID identifying said interactive television application.
  - 5. The method of claim 4 wherein one or more of said producer ID and said application ID is a wildcard.
  - 6. The method of claim 1 wherein at least a portion of said credential is encrypted to enable verification of the authenticity of said credential.
  - 7. The method of claim 6 wherein said credential includes a producer'"'"'s certificate, said producer'"'"'s certificate comprising a public encryption key, said public encryption key being signed by a trusted party, and wherein said credential is signed with a private encryption key.
  - 8. The method of claim 1 wherein said step of transmitting comprises combining said modules of said first carousel, said modules of said second carousel and a television program into a single signal and broadcasting said signal to said interactive television receiver.
  - 9. The method of claim 8 wherein said interactive television system comprises a broadcast station and a receiving station, the method further comprising transmitting said interactive television application from said broadcast station to said receiving station.

10. A device in an interactive television system for controlling functions attempted by an interactive television application, comprising:
- a receiver configured to receive a broadcast interactive television signal containing said interactive television application, said interactive television application having a credential associated therewith;
  
  a data storage device for storing said interactive television application and said credential;
  
  a control unit configured to verify said credential, said control unit being further configured to allow said interactive television application to perform a function if said credential is valid and to prevent said interactive television application from performing said function if said credential is not valid.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19)
- - 11. The device of claim 10 comprising a set-top box.
  - 12. The device of claim 10 wherein said interactive television application is broadcast as part of an interactive television signal which contains audio and video information associated with a television program.
  - 13. The device of claim 12 wherein said credential is delivered to said receiver independent of said interactive television application.
  - 14. The device of claim 12 wherein said credential includes a certificate and wherein said control unit is configured to authenticate said credential using said certificate.
  - 15. The device of claim 12 wherein said credential includes one or more wildcards.
  - 16. The device of claim 10 wherein said broadcast interactive television signal comprises a direct satellite transmission.
  - 17. The device of claim 10 wherein said credential comprises a producer ID, an application ID, and information identifying one or more permissions.
  - 18. The device of claim 17 wherein said credential further comprises a producer'"'"'s public encryption key, said key being signed by a trusted party.
  - 19. The device of claim 18 wherein said credential is signed with a producer'"'"'s private encryption key.

20. An interactive television system configured to control operations performed by an interactive television application, the system comprising:
- a broadcast station configured to transmit a broadcast signal containing an interactive television application;
  
  a receiver configured to receive said broadcast signal from said broadcast station, to extract said interactive television application from said broadcast signal and to execute said interactive television application, said receiver being further configured to accept a request from said application to perform an operation and to allow said application to perform said operation if said application has a valid credential.
- View Dependent Claims (21, 22)
- - 21. The interactive television system of claim 20 wherein said credential comprises information identifying said interactive television application, said information comprising one or more wildcards.
  - 22. The interactive television system of claim 21 wherein said credential further comprises a producer certificate.

23. A device for executing applications in a controlled manner comprising:
- a memory for storing an application and a credential associated with said application,wherein said credential contains data corresponding to one or more permissions, said data indicating whether said application has said one or more permissions; and
  
  a control unit configured to execute said application,wherein said control unit is configured to verify whether said application has said one or more permissions and to execute said application in accordance with said one or more permissions.
- View Dependent Claims (24, 25, 26)
- - 24. The device of claim 23 wherein said control unit comprises a general-purpose computer.
  - 25. The device of claim 24 wherein said credential comprises one or more wildcards.
  - 26. The device of claim 25 wherein said credential further comprises a certificate by which the authenticity of said credential can be verified.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
OpenTV, Inc. (Kudelski SA)
Original Assignee
OpenTV, Inc. (Kudelski SA)
Inventors
Szymanski, Steven, Menand, Jean Rene, Dureau, Vincent, Chari, Suresh N.
Primary Examiner(s)
Swann, Tod R.
Assistant Examiner(s)
JACK, TODD M

Application Number

US09/196,964
Time in Patent Office

725 Days
Field of Search

380/5, 380/7, 380/10, 380/23, 380/233, 380/236, 380/235, 380/20, 380/259, 380/33, 348/3, 455/13
US Class Current

380/33
CPC Class Codes

H04N 21/443 OS processes, e.g. booting ...

H04N 7/163 by receiver means only

Security model for interactive television applications

First Claim

0 Assignments

Litigations

1 Petition

Accused Products

Abstract

Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

Security model for interactive television applications

First Claim

0 Assignments

Subscription Required

Subscription Required

Litigations

1 Petition

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links