Conditional access via secure logging with simplified key management
First Claim
1. A method of distributing content data from a content provider device to a subscriber, the content provider device including an encryption device, the subscriber having a set top box including a decryption device, the method comprising the steps of:
- encrypting content using the encryption device;
distributing the encrypted content from the content provider to the subscriber;
distributing keys, for decrypting the encrypted content, from the content provider to a service provider;
distributing the keys from the service provider to the subscriber; and
accessing the content by decrypting the content using the decryption device, capable of decrypting content from several different content provider devices, wherein the keys are distributed to the subscriber temporally independent of the distribution of the content to the subscriber.
6 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for distributing content data from a content provider to a subscriber. The method includes encrypting content data by the content provider and providing the content data from the content provider to a broadcaster. The content provider also provides a content descriptor, including keys to decrypt the encrypted content, to a conditional access provider. The broadcaster distributes the encrypted content information to a subscriber. A business service provider negotiates with the subscriber to deliver individual content programs or packages of content programs to the subscriber for a fee. The conditional access provider distributes a content descriptor including keys necessary to decrypt the programs the subscriber selected from the business service provider. A CAM retained by the subscriber maintains a log of programs accessed, and uploads the log to the business service provider, which is used to determine the appropriate fee which the subscriber should be charged. Alternatively, the subscriber may purchase a package plan which does not require logging, and thus allows unidirectional communication.
-
Citations
26 Claims
-
1. A method of distributing content data from a content provider device to a subscriber, the content provider device including an encryption device, the subscriber having a set top box including a decryption device, the method comprising the steps of:
-
encrypting content using the encryption device;
distributing the encrypted content from the content provider to the subscriber;
distributing keys, for decrypting the encrypted content, from the content provider to a service provider;
distributing the keys from the service provider to the subscriber; and
accessing the content by decrypting the content using the decryption device, capable of decrypting content from several different content provider devices, wherein the keys are distributed to the subscriber temporally independent of the distribution of the content to the subscriber. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
logging access to the content by the subscriber in a log contained on a non-volatile memory; and
sending the log to the service provider.
-
-
3. The method according to claim 2, wherein the step of distributing the keys further includes distributing rules with the keys, and wherein the steps of accessing the content and logging access of the content are performed according to the rules.
-
4. The method according to claim 2, further comprising the steps of:
-
generating a subscriber bill at the service provider based on the log; and
computing royalties to be paid to the content provider.
-
-
5. The method according to claim 4, wherein the step of generating a subscriber bill comprises allocating charges based on access to an individual program.
-
6. The method according to claim 4, wherein the step of generating a subscriber bill comprises allocating charges based on access to a package of programs.
-
7. The method according to claim 1, further comprising the step of:
logging access to the content by the subscriber in a log contained on a non-volatile memory 2, wherein said step of accessing content is achieved without contacting the service provider.
-
8. The method according to claim 2, wherein the service provider includes a conditional access provider for distributing the keys, and a business service provider for receiving said log.
-
9. The method according to claim 2, further comprising the steps of:
-
receiving an acknowledgement signal from the service provider;
determining if the acknowledgement signal is valid; and
clearing the log if the acknowledgement is determined to be valid.
-
-
10. The method according to claim 2, further comprising the steps of:
-
receiving an acknowledgement signal from the service provider;
determining if the acknowledgement signal is valid; and
if valid, downloading keys from the service provider.
-
-
11. The method according to claim 1, wherein the step of distributing the keys comprises broadcasting said keys to the subscriber.
-
12. The method according to claim 1, wherein said step of distributing the encrypted content is performed by multiple content providers, and the step of distributing keys is performed by multiple service providers, and wherein said subscriber interacts with at least one of said multiple content providers and at least one of said multiple service providers.
-
13. The method according to claim 1, wherein the step of distributing the encrypted content further comprises the steps of:
-
distributing encrypted content from a single content provider to a plurality of broadcasters; and
broadcasting the encrypted content to the subscriber.
-
-
14. The method according to claim 1, wherein the set top box further includes a display device and a menu navigation device, further comprising the steps of:
-
displaying a menu on said display device;
receiving input from said menu navigation device; and
controlling access to content based on the received input.
-
-
15. The method according to claim 1, further comprising the step of:
processing the decrypted content to inhibit distribution of the decrypted content to more than one display device.
-
16. The method according to claim 1, further comprising the step of transmitting the content data through a secure point to point broadcast.
-
17. The method according to claim 1, further comprising the step of transmitting the content data through a multicast broadcast.
-
18. A method of distributing content data from a content provider to a subscriber, the subscriber having a set top box including a decryption device, the method comprising the steps of:
-
encrypting the content data using a content key and an index, in a series of indices, corresponding to a content packet, in a series of content packets;
forming a data stream by interleaving the series of indices with a series of content packets;
transmitting the data stream to the set top box; and
decrypting the content packets using a content key and the index corresponding to the content packet in a series of indices using the decryption device, the decryption device capable of decrypting content from several different content provider devices, wherein the keys are distributed to the subscriber temporally independent of the distribution of the content packets to the subscriber. - View Dependent Claims (19)
-
-
20. An apparatus for receiving and decrypting encrypted content data which is distributed from a content provider to a subscriber via a broadcaster, the apparatus comprising:
-
a receiver for receiving the encrypted content;
a decryptor for decrypting the encrypted content using a content descriptor distributed by a service provider, the decryptor device capable of decrypting content from several different content provider devices; and
a controller for controlling the decryptor and for communicating with the service provider, thereby providing the subscriber access to the content data, wherein the content descriptor is distributed to the apparatus temporally independent of the distribution of the encrypted content. - View Dependent Claims (21, 22, 23, 24, 25, 26)
a menu generator for generating a menu, having a plurality of operations, to be displayed on a display device; and
a menu navigator for providing a user selection of said operations to said controller.
-
-
26. The apparatus according to claim 20, further comprising a processor for processing the decrypted content data to inhibit distribution of the decrypted content to more than one display device.
Specification