System and method for securely controlling access to device functions

US 7,810,152 B2
Filed: 05/08/2002
Issued: 10/05/2010
Est. Priority Date: 05/08/2002
Status: Expired due to Fees

First Claim

Patent Images

1. A method for securely controlling access to a feature of a device, comprising the steps of:

(a) receiving a request to enable the feature of the device;

(b) determining whether the feature is disabled;

(c) determining whether the feature can be enabled with authorization;

(d) determining whether a requestor is authorized to enable the feature of the device;

(e) if the feature is disabled, if the feature can be enabled with authorization and if the requestor is authorized to enable the feature of the device, then enabling the feature of the device by modifying bit values stored in a bank of control bits, the bank of control bits comprising a one-time programmable bit; and

(f) locking the modified bit values stored in the bank of control bits by setting the one-time programmable bit of the bank of control bits.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods that may securely control access to device functions are disclosed. A request is received to enable a feature of the device. In one embodiment, the device may be a set top box, for example. The device determines whether the feature is disabled, whether the feature can be enabled with authorization and whether a requester is authorized to enable the feature of the device. If the feature is disabled, if the feature can be enabled with authorization and if the requester is authorized to enable the feature of the device, then the feature of the device is enabled.

59 Citations

View as Search Results

21 Claims

1. A method for securely controlling access to a feature of a device, comprising the steps of:
- (a) receiving a request to enable the feature of the device;
  
  (b) determining whether the feature is disabled;
  
  (c) determining whether the feature can be enabled with authorization;
  
  (d) determining whether a requestor is authorized to enable the feature of the device;
  
  (e) if the feature is disabled, if the feature can be enabled with authorization and if the requestor is authorized to enable the feature of the device, then enabling the feature of the device by modifying bit values stored in a bank of control bits, the bank of control bits comprising a one-time programmable bit; and
  
  (f) locking the modified bit values stored in the bank of control bits by setting the one-time programmable bit of the bank of control bits.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The method according to claim 1, wherein step (b) comprises reading a state of mode control bits corresponding to the feature of the device.
  - 3. The method according to claim 2, wherein the step of reading comprises reading the state of the mode control bits on a non-volatile memory.
  - 4. The method according to claim 1, wherein step (c) comprises reading a state of mode control bits corresponding to the feature of the device.
  - 5. The method according to claim 4, wherein the step of reading comprises reading the state of the mode control bits on a non-volatile memory.
  - 6. The method according to claim 1, wherein step (d) comprises:
    - generating a challenge value by the device,storing the challenge value,sending the challenge value to the requestor,encrypting the challenge value by the requestor,sending the encrypted challenge value back to the device,decrypting the encrypted challenge value by the device, andcomparing the stored challenge value with the decrypted challenge value.
  - 7. The method according to claim 6, further including the step of, if the stored challenge value and the decrypted challenge value are equal, then the requestor is authorized.
  - 8. The method according to claim 6, wherein the step of generating the challenge value by the device comprises generating the challenge value as a function of a pseudorandom number.
  - 9. The method according to claim 6, wherein the step of generating the challenge value by the device comprises generating the challenge value as a function of a device identification stored in a non-volatile memory of the device.
  - 10. The method according to claim 6, wherein the challenge value is a Nonce challenge value.
  - 11. The method according to claim 6, wherein the step of encrypting the challenge value by the requestor comprises encrypting the challenge value using at least one of a data encryption standard (DES) encryption or a 3-DES encryption.
  - 12. The method according to claim 1, wherein step (d) comprises:
    - supplying a password to the device,processing the password by the device,comparing the processed password with acceptable values, andif the processed password is one of the acceptable values, then authenticating the password and authorizing the requestor.
  - 13. The method according to claim 12, wherein the step of supplying comprises encrypting a unique device identification with a shared key.
  - 14. The method according to claim 13,wherein the step of processing the password comprises decrypting the encrypted unique device identification, andwherein the step of comparing comprises comparing the decrypted identification with the unique device identification stored in a non-volatile memory in the device.
  - 15. The method according to claim 12, wherein the step of processing comprises decrypting the supplied password.
  - 16. The method according to claim 13, wherein the step of encrypting comprises encrypting a data encryption standard (DES) encryption or a 3-DES encryption.

17. A system for securely controlling access to features of a device, comprising:
- a non-volatile memory including a bank of mode control bits that correspond to the features of the device, the bank of the mode control bits indicating whether a particular feature of the device is one of disabled, enabled and capable of being enabled with user authorization; and
  
  a processor coupled to the non-volatile memory, the processor being configured to perform at least the following;
  
  receiving a request to enable the particular feature of the device,determining whether the particular feature is disabled,determining whether the particular feature can be enabled with the user authorization,determining whether a user is authorized to enable the particular feature of the device, andif the particular feature is disabled, if the particular feature can be enabled with the user authorization and if the user is authorized to enable the particular feature of the device, then enabling the particular feature of the device by modifying bit values stored in the bank of mode control bits, the bank of mode control bits comprising a one-time programmable bit,wherein the modified bit values stored in the bank of mode control bits are locked by setting the one-time programmable bit of the bank of mode control bits.

18. A system for securely controlling access to a feature of a device, comprising:
- a chip interface that receives a request to enable the feature of the device;
  
  one or more circuits that are operatively coupled to the chip interface, wherein the one or more circuits determine whether the feature is disabled, wherein the one or more circuits determine whether the feature can be enabled with authorization, wherein the one or more circuits determine whether a requestor is authorized to enable the feature of the device, and wherein the one or more circuits enable the feature of the device if the feature is disabled, if the feature can be enabled with authorization and if the requestor is authorized to enable the feature of the device by modifying bit values stored in a bank of control bits, the bank of control bits comprising a one-time programmable bit; and
  
  a locking mechanism that locks the modified bit values stored in the bank of control bits by setting the one-time programmable bit of the bank of control bits.
- View Dependent Claims (19, 20, 21)
- - 19. The system according to claim 18, wherein the one or more circuits comprise a processor.
  - 20. The system according to claim 18, wherein the one or circuits are part of a chip, wherein the chip interface is an interface of the chip, and wherein the bank of control bits are part of the chip.
  - 21. The system according to claim 20, wherein the chip is part of a set top box.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Avago Technologies General IP PTE Limited (Broadcom, Inc.)
Original Assignee
Broadcom Corporation (Broadcom, Inc.)
Inventors
Carr, Jeffrey Douglas
Primary Examiner(s)
Lanier; Benjamin E

Application Number

US10/141,549
Publication Number

US 20030210786A1
Time in Patent Office

3,072 Days
Field of Search

726/17, 726/21, 713/166, 713/324, 709/208
US Class Current

726/17
CPC Class Codes

G11C 16/22   Safety or protection circui...

H04N 21/472   End-user interface for requ...

H04N 21/8453   by locking or enabling a se...

H04N 7/163   by receiver means only

System and method for securely controlling access to device functions

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

59 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for securely controlling access to device functions

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

59 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links