Method and apparatus for constructing an access control matrix for a set-top box security processor
First Claim
1. A method, the method comprising:
- determining a plurality of user modes supported by a security processor, the security processor comprising a plurality of security components;
determining a plurality of rights or privileges for the plurality of security components;
generating a respective set of access rule tables for each combination of a particular security component and a particular user mode based on the determined plurality of rights or privileges; and
generating a respective access control list for each corresponding security component based on said generated sets of access rule tables associated with the corresponding security component, wherein the plurality of security components comprises a key ladder security component, and wherein the generated access control lists comprise an access control list for the key ladder security component.
7 Assignments
0 Petitions
Accused Products
Abstract
In multimedia systems requiring secure access, a method and apparatus for constructing an access control matrix for a set-top box security processor are provided. A security processor may comprise multiple security components and may support multiple user modes. For each user mode supported, at least one access rule table may be generated to indicate access rules to a security component in the security processor. An access control list comprises information regarding the access rules for a particular user mode to the security components in the security processor. An access control matrix may be generated based on the access control lists for the user modes supported by the security component. The access control matrix may be implemented and/or stored in the security processor for verifying access rights of a user mode.
-
Citations
20 Claims
-
1. A method, the method comprising:
-
determining a plurality of user modes supported by a security processor, the security processor comprising a plurality of security components; determining a plurality of rights or privileges for the plurality of security components; generating a respective set of access rule tables for each combination of a particular security component and a particular user mode based on the determined plurality of rights or privileges; and generating a respective access control list for each corresponding security component based on said generated sets of access rule tables associated with the corresponding security component, wherein the plurality of security components comprises a key ladder security component, and wherein the generated access control lists comprise an access control list for the key ladder security component. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 15)
-
-
11. A system, the system comprising:
a security processor that comprises a plurality of security components and an access control matrix, wherein said security processor comprises a plurality of security components, wherein said security processor supports a plurality of user modes, wherein said security processor verifies whether access to at least one of said security components is granted to a particular user mode based on said access control matrix, wherein said access control matrix is based on a plurality of access control lists, wherein each access control list corresponds to a respective security component, wherein at least one of said access control lists is based on respective sets of access rule tables, each set corresponding to a respective security component and respective user mode, wherein said security components comprise a key ladder security component. - View Dependent Claims (12, 13, 14, 16, 17, 18, 19, 20)
Specification