Authorization of services in a conditional access system
DCFirst Claim
1. Conditional access apparatus for giving a receiver conditional access to an instance of service received in the receiver, one or more entitlements to access the instance of service being given by one or more entitlement agents and the conditional access apparatus comprising:
- entitlement agent establishment apparatus in the receiver for establishing at least one of the entitlement agents in the conditional access apparatus;
entitlement specification apparatus in the receiver for specifying the one or more entitlements for the at least one entitlement agent, and wherein the entitlement agent establishment apparatus and the entitlement specification apparatus operate in response to further messages received in the receiver; and
access granting apparatus in the receiver for granting access to the instance of service in response to a first message received in the receiver which indicates the entitlement agent and the entitlement only if the entitlement agent establishment apparatus has established the entitlement agent, and the entitlement specification apparatus has granted the entitlement, and wherein the entitlement agent establishment apparatus disestablishes the entitlement agent in response to a given message of the further messages.
3 Assignments
Litigations
1 Petition
Accused Products
Abstract
A cable television system provides conditional access to services. The cable television system includes a headend from which service “instances”, or programs, are broadcast and a plurality of set top units for receiving the instances and selectively decrypting the instances for display to system subscribers. The service instances are encrypted using public and/or private keys provided by service providers or central authorization agents. Keys used by the set tops for selective decryption may also be public or private in nature, and such keys may be reassigned at different times to provide a cable television system in which piracy concerns are minimized.
-
Citations
6 Claims
-
1. Conditional access apparatus for giving a receiver conditional access to an instance of service received in the receiver, one or more entitlements to access the instance of service being given by one or more entitlement agents and the conditional access apparatus comprising:
-
entitlement agent establishment apparatus in the receiver for establishing at least one of the entitlement agents in the conditional access apparatus;
entitlement specification apparatus in the receiver for specifying the one or more entitlements for the at least one entitlement agent, and wherein the entitlement agent establishment apparatus and the entitlement specification apparatus operate in response to further messages received in the receiver; and
access granting apparatus in the receiver for granting access to the instance of service in response to a first message received in the receiver which indicates the entitlement agent and the entitlement only if the entitlement agent establishment apparatus has established the entitlement agent, and the entitlement specification apparatus has granted the entitlement, and wherein the entitlement agent establishment apparatus disestablishes the entitlement agent in response to a given message of the further messages. - View Dependent Claims (2)
the entitlement agent establishment apparatus includes a first key representing a conditional access authority; and
the entitlement agent establishment apparatus employs the first key to determine whether the given message is authentic and disestablishes the entitlement agent only if the given message is authentic.
-
-
3. Conditional access apparatus for giving a receiver conditional access to an instance of service received in the receiver, one or more entitlements to access the instance of service being given by one or more entitlement agents and the conditional access apparatus comprising:
-
entitlement agent establishment apparatus in the receiver for establishing at least one of the entitlement agents in the conditional access apparatus;
entitlement specification apparatus in the receiver for specifying the one or more entitlements for the at least one entitlement agent, wherein the entitlement agent establishment apparatus and the entitlement specification apparatus operate in response to further messages received in the receiver; and
access granting apparatus in the receiver for granting access to the instance of service in response to a first message received in the receiver which indicates the entitlement agent and the entitlement only if the entitlement agent establishment apparatus has established the entitlement agent, and the entitlement specification apparatus has granted the entitlement, and wherein the entitlement agent establishment apparatus establishes a new entitlement agent in response to a given message of the further messages. - View Dependent Claims (4)
the entitlement agent establishment apparatus includes a first key representing a conditional access authority; and
the entitlement agent establishment apparatus employs the first key to determine whether the given message is authentic and establishes the new entitlement agent only if the given message is authentic.
-
-
5. Conditional access apparatus for giving a receiver conditional access to an instance of service received in the receiver, one or more entitlements to access the instance of service being given by one or more entitlement agents and the conditional access apparatus comprising:
-
entitlement agent establishment apparatus in the receiver for establishing at least one of the entitlement agents in the conditional access apparatus, wherein the entitlement agent establishment apparatus includes other keys representing conditional access authorities;
entitlement specification apparatus in the receiver for specifying the one or more entitlements for the at least one entitlement agent, wherein the entitlement agent establishment apparatus and the entitlement specification apparatus operate in response to further messages received in the receiver; and
access granting apparatus in the receiver for granting access to the instance of service in response to a first message received in the receiver which indicates the entitlement agent and the entitlement only if the entitlement agent establishment apparatus has established the entitlement agent, and the entitlement specification apparatus has granted the entitlement, and wherein the entitlement agent establishment apparatus changes a first key in response to at least first and second message of the further messages, the entitlement agent establishment apparatus using the other keys to determine whether the at least first and second messages are authentic and changing the other keys only when the at least first and second messages are authentic. - View Dependent Claims (6)
-
Specification