Validating client-receivers

US 7,861,082 B2
Filed: 06/22/2004
Issued: 12/28/2010
Est. Priority Date: 05/24/2002
Status: Active Grant

First Claim

Patent Images

1. In a subscriber television system having a headend, a server, which is remote from the headend, and a plurality of client-receivers for receiving programming from the headend and the server,a validation-message generated by a given client-receiver of the plurality of client-receivers and embodied in a computer readable medium for validating the given client-receiver with the server, the validation-message comprising:

a client-identifier associated with the given client-receiver; and

an authentication-token, wherein the authentication-token is produced by providing an input to a one-way function, wherein the input to the one-way function includes at least a portion of a validator and at least a portion of the client-identifier, wherein the validator is transmitted from the headend to both the server and the given client-receiver, and wherein responsive to the server receiving the validation-message, the server determines whether the given client-receiver is a valid client-receiver of the subscriber television system using at least a portion of the authentication-token and at least a portion of the validator.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In a subscriber television system having a headend, a server, and plurality of client-receivers, the server, which is remote from the headend, is adapted to receive a validation-message from one or more client-receivers. The validation-message includes content and an authentication-token. The server validates that the sender of the validation-message is a valid client-receiver of the subscriber television system using an authentication-token and a validator that is known to both the server and to at least one of the client-receivers.

Citations

7 Claims

1. In a subscriber television system having a headend, a server, which is remote from the headend, and a plurality of client-receivers for receiving programming from the headend and the server,a validation-message generated by a given client-receiver of the plurality of client-receivers and embodied in a computer readable medium for validating the given client-receiver with the server, the validation-message comprising:
- a client-identifier associated with the given client-receiver; and
  
  an authentication-token, wherein the authentication-token is produced by providing an input to a one-way function, wherein the input to the one-way function includes at least a portion of a validator and at least a portion of the client-identifier, wherein the validator is transmitted from the headend to both the server and the given client-receiver, and wherein responsive to the server receiving the validation-message, the server determines whether the given client-receiver is a valid client-receiver of the subscriber television system using at least a portion of the authentication-token and at least a portion of the validator.

2. A method of validating a client-receiver in a digital networks, the digital network having a headend, a plurality of client-receivers for receiving programming from the headend and the server, and a server in communication with the headend and with the plurality of client-receivers, the server and the plurality of client-receivers located at a client location remote from the headend, the method comprising the steps of:
- receiving by the server a validation-message from a particular client-receiver of the plurality of client-receivers, the validation-message including a message content and a first authentication-token generated by the particular client-receiver, wherein the message content includes at least a client-identifier and the first authentication-token is the output of a one-way function having at least a portion of a validator and at least a portion of the client-identifier of the message content of the validation-message as inputs, wherein the validator is known to the particular client-receiver and other client-receivers of the plurality of client-receivers;
  
  generating by the server a local authentication-token using the message content, wherein the local authentication-token is the output of a one-way function having at least a portion of the validator as an input; and
  
  determining by the server whether the particular client-receiver is a valid client-receiver of the digital network using at least the first and local authentication-tokens by comparing the first authentication token and the local authentication-token to determine if they are the same.
- View Dependent Claims (3, 4, 5, 6, 7)
- - 3. The method of claim 2, wherein the digital network is a subscriber television system, the validator is a shared-secret, and the shared-secret is implemented by the server to decrypt services of the subscriber television system.
  - 4. The method of claim 2, further including the steps of:
    - prior to said receiving, generating and determining steps, receiving by the server the validator in a secure-message from a headend, wherein the validator is encrypted using a public-key of a private-key/public-key pair belonging to the server;
      
      decrypting the encrypted validator using the private-key of the private-key/public-key pair belonging to the server; and
      
      storing the decrypted validator in a memory of a secure-element, wherein the secure-element includes a processor and the memory is accessible to only the processor, and wherein the private-key of the private-key/public-key pair belonging to the server is stored in the memory.
  - 5. The method of claim 4 wherein the secure-message is further comprised of a digest that has been processed by digitally signing the digest at the headend which converts a value of the digest from an original value to a different value, the method further including the steps of:
    - generating a local message-authenticator, wherein the local message-authenticator is an output of a one-way function having at least a portion of the decrypted validator as an input;
      
      changing the different value of the digest included in the secure-message to its original value with a public-key of a private-key/public-key belonging to the headend to generate a reprocessed digest; and
      
      comparing the local message-authenticator and the reprocessed digest to see if they are the same, wherein the steps of generating the authentication-token and determining whether the particular client-receiver is a valid client-receiver of the subscriber television system are done only if the local message-authenticator and the reprocessed digest are the same.
  - 6. The method of claim 2, wherein the message content of the validation message further comprises a second authentication-token, the methodfurther including the step of:
    - comparing the second local authentication-token and the second authentication-token, wherein the step of determining whether the particular client-receiver is a valid client-receiver of the subscriber television system is done only if the local authentication-token and the second authentication-token are the same.
  - 7. The method of claim 2, further including the step of:
    - responsive to determining the particular client-receiver is valid, providing the particular client-receiver with an instance of service.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Scientific-Atlanta LLC (Cisco Systems, Inc.)
Inventors
Mattox, Mark D., Pinder, Howard G., Wasilewski, Anthony J.
Primary Examiner(s)
Orgad; Edan
Assistant Examiner(s)
Wang; Harris C

Application Number

US10/873,805
Publication Number

US 20040237100A1
Time in Patent Office

2,380 Days
Field of Search

725/31, 713/168
US Class Current

713/168
CPC Class Codes

H04L 12/2803   Home automation networks

H04N 21/2347   involving video stream encr...

H04N 21/25816   involving client authentica...

H04N 21/26606   for generating or managing ...

H04N 21/4147   PVR [Personal Video Recorde...

H04N 21/42684   Client identification by a ...

H04N 21/43615   Interfacing a Home Network,...

H04N 21/43637   involving a wireless protoc...

H04N 21/4367   Establishing a secure commu...

H04N 21/4405   involving video stream decr...

H04N 21/4408   involving video stream encr...

H04N 21/4623   Processing of entitlement m...

H04N 21/472   End-user interface for requ...

H04N 21/47815   Electronic shopping payment...

H04N 21/482   End-user interface for prog...

H04N 21/63345   by transmitting keys key di...

H04N 21/8586   by using a URL processing c...

H04N 7/162   Authorising the user termin...

H04N 7/163   by receiver means only

H04N 7/1675   Providing digital key or au...

Validating client-receivers

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

7 Claims

Specification

Solutions

Use Cases

Quick Links

Validating client-receivers

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

7 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links