Dynamic security for digital television receivers
First Claim
1. A security method for controlling access to a function of a digital television receiver, comprising the steps of:
- (a) providing a software application at the receiver;
said software application being executable in response to an execution command;
(b) receiving data at the receiver from a headend, said data defining a condition of the receiver under which access to the receiver function by the software application is permitted;
(c) receiving information at the receiver from the headend, said information defining a security policy for said software application which contains a set of permissions for said software application;
(d) providing a control signal for requesting access to the receiver function upon execution of said software application;
(e) in response to said control signal, determining whether the security policy for the software application contains a permission for the software application to access the receiver function;
(f) if said security policy contains said permission;
(i) determining whether said condition of the receiver is met by data indicative of a current state of the receiver;
(ii) allowing the software application to access the receiver function if the condition is met; and
(iii) preventing the software application from accessing the receiver function if the condition is not met; and
(g) if said security policy does not contain said permission, preventing the software application from accessing the receiver function;
wherein said condition of the receiver indicates a user state of the receiver; and
said user state comprises comprising at least one of;
user preferences, a user password, and a user identifier.
4 Assignments
0 Petitions
Accused Products
Abstract
A system that allows service providers, consumer electronic (CE) manufacturers or standards bodies to define flexible security policies (110) for the execution of downloaded applications (120) on digital television (DTV) receivers (160). The current receiver environment in which a software application is to be run is evaluated. For example, environmental factors such as time of day, date, channel currently tuned in, parental lockout status, grouping of major and minor virtual channels, and so forth, may be considered. An access controller (168) determines if the receiver'"'"'s environmental factors satisfy the conditions for granting a permission to a downloadable application to allow access to the receiver functions (161), receiver resources and user private data. The security policy can be modified by installing or downloading a new security policy (110), or modified by a user with the provision of an appropriate interface. A Java code-implemented embodiment is disclosed.
211 Citations
14 Claims
-
1. A security method for controlling access to a function of a digital television receiver, comprising the steps of:
-
(a) providing a software application at the receiver;
said software application being executable in response to an execution command;
(b) receiving data at the receiver from a headend, said data defining a condition of the receiver under which access to the receiver function by the software application is permitted;
(c) receiving information at the receiver from the headend, said information defining a security policy for said software application which contains a set of permissions for said software application;
(d) providing a control signal for requesting access to the receiver function upon execution of said software application;
(e) in response to said control signal, determining whether the security policy for the software application contains a permission for the software application to access the receiver function;
(f) if said security policy contains said permission;
(i) determining whether said condition of the receiver is met by data indicative of a current state of the receiver;
(ii) allowing the software application to access the receiver function if the condition is met; and
(iii) preventing the software application from accessing the receiver function if the condition is not met; and
(g) if said security policy does not contain said permission, preventing the software application from accessing the receiver function;
wherein said condition of the receiver indicates a user state of the receiver; and
said user state comprises comprising at least one of;
user preferences, a user password, and a user identifier.- View Dependent Claims (2, 3, 4, 5)
-
-
6. A security method for controlling access to a function of a digital television receiver, comprising the steps of:
-
(a) providing a software application at the receiver;
said software application being executable in response to an execution command;
(b) receiving data at the receiver from a headend, said data defining a condition of the receiver under which access to the receiver function by the software application is permitted;
(c) receiving information at the receiver from the headend, said information defining a security policy for said software application which contains a set of permissions for said software application;
(d) providing a control signal for requesting access to the receiver function upon execution of said software application;
(e) in response to said control signal, determining whether the security policy for the software application contains a permission for the software application to access the receiver function;
(f) if said security policy contains said permission;
(i) determining whether said condition of the receiver is met by data indicative of a current state of the receiver;
(ii) allowing the software application to access the receiver function if the condition is met; and
(iii) preventing the software application from accessing the receiver function if the condition is not met; and
(g) if said security policy does not contain said permission, preventing the software application from accessing the receiver function;
wherein said condition of the receiver indicates that one of a channel and a group of channels is tuned by the receiver. - View Dependent Claims (7, 8, 9, 10, 11, 12)
-
-
13. A security apparatus for controlling access to a function of a digital television receiver, comprising:
-
(a) means for providing a software application at the receiver;
said software application being executable in response to an execution command;
(b) means for receiving data at the receiver from a headend, said data defining a condition of the receiver under which access to the receiver function by the software application is permitted;
(c) means for receiving information at the receiver from the headend, said information defining a security policy for said software application which contains a set of permissions for said software application;
(d) means for providing a control signal for requesting access to the receiver function upon execution of said software application;
(e) means for determining, in response to said control signal, whether the security policy for the software application contains a permission for the software application to access the receiver function;
(f)(i) means for determining whether said condition of the receiver is met by data indicative of a current state of the receiver when said security policy contains said permission;
(f)(ii) means for allowing the software application to access the receiver function if the condition is met, and when said security policy contains said permission;
(f)(iii) means for preventing the software application from accessing the receiver function if the condition is not met, and when said security policy contains said permission; and
(g) means for preventing the software application from accessing the receiver function if said security policy does not contain said permission, wherein said condition of the receiver indicates that one of a channel and a group of channels is tuned by the receiver.
-
-
14. A security method for controlling access to a function of a digital television receiver, comprising the steps of:
-
(a) providing a software application at the receiver;
said software application being executable in response to an execution command;
(b) receiving data at the receiver from a headend, said data defining a condition of the receiver under which access to the receiver function by the software application is permitted;
(c) receiving information at the receiver from the headend, said information defining a security policy for said software application which contains a set of permissions for said software application;
(d) providing a control signal for requesting access to the receiver function upon execution of said software application;
(e) in response to said control signal, determining whether the security policy for the software application contains a permission for the software application to access the receiver function;
(f) if said security policy contains said permission;
(i) determining whether said condition of the receiver is met by data indicative of a current state of the receiver;
(ii) allowing the software application to access the receiver function if the condition is met; and
(iii) preventing the software application from accessing the receiver function if the condition is not met; and
(g) if said security policy does not contain said permission, preventing the software application from accessing the receiver function;
wherein said condition of the receiver indicates a conditional access state of the receiver; and
said conditional access state comprises at least one of;
a blackout state and a pay-per-view state.
-
Specification