Managing access to set-top box objects using television conditional access system
First Claim
1. In a networked system including a client system and a conditional access system, a method of controlling the ability of scripts to access resources at the client system, comprising:
- maintaining at the client system an access control data structure for regulating the accessibility of one or more resources, the access control data structure comprising (i) a resource identifier field representing a particular resource for which access is to be controlled, (ii) a script source identifier field representing a script source whose access to the particular resource is to be controlled, and (iii) a permission identifier field representing a permission that is to be applied to one or more scripts from an authorized script source when one or more scripts that are received from the authorized script source request access to the particular resource;
at the client system, receiving from the conditional access system, a scripted command to modify the access control data from a script source; and
upon determining that the script sources is authorized to modify the access control data structure, as determined by the script source identifier field, resource identifier field and permission identifier field, modifying the access control data structure as specified by the received command.
2 Assignments
0 Petitions
Accused Products
Abstract
Methods for using a conditional access system to modify access control information maintained at a set-top box or another client system. The access control information regulates the availability of information or entertainment services at the client or controls the ability of scripts executed at the client to access objects defined at the client. The conditional access system can be a conventional conditional access, such as those used by cable television providers, that has been adapted to modify the access control information. The access control information includes multiple entries, each being referenced by a token identifier. The conditional access system transmits a command and an accompanying token to the client to instruct the client how to modify the access control information. The entry that is to be modified is identified by comparing the token with the token identifiers. By modifying access control information in this manner, the entity that operates the conditional access system is capable of regulating the availability of resources or services at the client. For example, a selected level of a tiered information service can be made available to the client.
202 Citations
20 Claims
-
1. In a networked system including a client system and a conditional access system, a method of controlling the ability of scripts to access resources at the client system, comprising:
-
maintaining at the client system an access control data structure for regulating the accessibility of one or more resources, the access control data structure comprising (i) a resource identifier field representing a particular resource for which access is to be controlled, (ii) a script source identifier field representing a script source whose access to the particular resource is to be controlled, and (iii) a permission identifier field representing a permission that is to be applied to one or more scripts from an authorized script source when one or more scripts that are received from the authorized script source request access to the particular resource;
at the client system, receiving from the conditional access system, a scripted command to modify the access control data from a script source; and
upon determining that the script sources is authorized to modify the access control data structure, as determined by the script source identifier field, resource identifier field and permission identifier field, modifying the access control data structure as specified by the received command. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A computer-readable medium having stored thereon a plurality of entries that collectively represent an access control data structure that controls access to computing resources at a client system, wherein the access control data structure is capable of being modified in response to a request generated by a conditional access system, each entry comprising:
-
a first data field containing data representing a token that may be included in the request generated by the conditional access system and received by the client system to indicate which portion of the access control data structure is to be modified;
a second data field containing data specifying a computing resource at the client system for which access is to be controlled by the access control data structure;
a third data field containing data representing a script source whose access to the computing resource is to be controlled; and
a fourth field containing data representing a permission that is to be applied to one or more scripts from an authorized script source when one or more scripts that are received from the authorized script source request access to the computing resource, the data fields being configured to determine whether the one or more scripts received from a script source are authorized to modify the access control data structure. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification