Secure control of features of a digital device

US 7,933,950 B1
Filed: 10/04/2004
Issued: 04/26/2011
Est. Priority Date: 10/02/2003
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

sending, from a digital device that participates in a service, to a service provider that provides the service, a request to participate in the service;

receiving, by the digital device, a digital message that identifies a desired service state for the digital device, wherein the digital message is encoded uniquely for the digital device and at least a portion of the digital message is encrypted using a public key that is uniquely associated with the digital device to result in creating an encrypted one way hash and the encrypted one way hash is digitally signed using a signing key unique to the service provider, to result in creating an encrypted signed hash that is appended to the digital message, wherein the digital message is unusable at a different digital device;

based on the digital message, determining, by the digital device, a plurality of control values that collectively define the desired service state within the digital device the plurality of control values indicate specific capabilities of the digital device that are enabled, disabled, or set to particular values depending on the features, services or products represented in the digital message;

providing the plurality of control values to one or more applications hosted by the digital device that deliver a service experience associated with the desired service state, or at least a feature associated with the desired service state, thereby placing the digital device into a first service state;

marking the control values as non-secure at the digital device;

marking the control values as secure only after the digital device successfully decrypts the at least a portion of the digital message that is encrypted; and

changing the digital device to a second service state if the control values are not marked as secure.

View all claims

15 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method providing secure control of features of a digital device. In one embodiment, the method comprises sending, from a digital device that participates in a service, to a service provider that provides the service, a request to participate in the service; receiving a digital message that identifies a service state for the digital device, wherein the digital message is encoded uniquely for the digital device, wherein the digital message is unusable at a different digital device; based on the digital message, determining a plurality of control values that collectively define the service state within the digital device; and providing the control values to one or more applications hosted by the digital device that deliver a service experience associated with the service, or a feature, to an end user of the digital device.

Citations

16 Claims

1. A method, comprising:
- sending, from a digital device that participates in a service, to a service provider that provides the service, a request to participate in the service;
  
  receiving, by the digital device, a digital message that identifies a desired service state for the digital device, wherein the digital message is encoded uniquely for the digital device and at least a portion of the digital message is encrypted using a public key that is uniquely associated with the digital device to result in creating an encrypted one way hash and the encrypted one way hash is digitally signed using a signing key unique to the service provider, to result in creating an encrypted signed hash that is appended to the digital message, wherein the digital message is unusable at a different digital device;
  
  based on the digital message, determining, by the digital device, a plurality of control values that collectively define the desired service state within the digital device the plurality of control values indicate specific capabilities of the digital device that are enabled, disabled, or set to particular values depending on the features, services or products represented in the digital message;
  
  providing the plurality of control values to one or more applications hosted by the digital device that deliver a service experience associated with the desired service state, or at least a feature associated with the desired service state, thereby placing the digital device into a first service state;
  
  marking the control values as non-secure at the digital device;
  
  marking the control values as secure only after the digital device successfully decrypts the at least a portion of the digital message that is encrypted; and
  
  changing the digital device to a second service state if the control values are not marked as secure.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 14, 15, 16)
- - 2. A method as recited in claim 1, wherein the at least a portion of the digital message is encrypted using a public key that is unique to the digital device.
  - 3. A method as recited in claim 2, wherein the digital message is digitally signed using a signing key of the service provider.
  - 4. A method as recited in claim 1, wherein the digital message is digitally signed using a signing key of the service provider.
  - 5. A method as recited in claim 1, wherein the digital message comprises (a) one or more sets of desired service state identifiers and expiration values in cleartext and (b) an encrypted version of the cleartext.
  - 6. A method as recited in claim 5, wherein the determining step comprises determining the plurality of control values based on the cleartext of the digital message and concurrently decrypting the encrypted version.
  - 7. A method as recited in claim 1, wherein thechanging step changes the digital device to a second service state if the control values are not marked as secure before expiration of a specified time.
  - 8. A method as recited in claim 1, wherein the digital message comprises a first service state identifier representing a full service state, a first expiration time value associated with the first service state identifier, and a second state identifier representing a limited service state;
    - and further comprising the steps of;
      
      based on the first service state identifier, determining a plurality of control values that collectively define the full service state within the digital device;
      
      providing the control values to one or more applications hosted by the digital device that deliver a service experience associated with the full service state;
      
      determining that a current time is equal to or greater than the first expiration time value; and
      
      changing the digital device to the limited service state based on determining new control values based on the second state identifier.
  - 9. A method as recited in claim 8, wherein the second state identifier specifies a minimal service state.
  - 10. A method as recited in claim 1, wherein the second service state is a limited service state.
  - 11. A method as recited in claim 1, further comprising receiving an issue date value as part of the digital message, and generating and displaying a message indicating how long the digital device needs to implement the service state.
  - 14. A non-transitory computer-readable medium storing one or more sequences of instructions for securely enabling features of a digital device, which instructions, when executed by one or more processors, cause the one or more processors to carry out the steps recited in any of claim 1, 2, 4, 5, 6, 7, 10, 8, 9, 11, 12, 13, or 3.
  - 15. An apparatus for securely enabling features of a digital device, comprising means for performing the steps recited in any of claim 1, 2, 4, 5, 6, 7, 10, 8, 9, 11, 12, 13, or 3.
  - 16. An apparatus for creating and storing troubleshooting information for diagnosing one or more problems experienced in one or more completed voice calls that are carried by a packet-switched data network, comprising:
    - a network interface that is coupled to the data network for receiving one or more packet flows therefrom;
      
      a processor;
      
      one or more stored sequences of instructions which, when executed by the processor, cause the processor to carry out the steps of any of claim 1, 2, 4, 5, 6, 7, 10, 8, 9, 11, 12, 13, or 3.

12. A method, comprising:
- storing, by a server, a record of the payment for a service in which a digital device can participate in a database associated with a service provider that provides the service, wherein the record is uniquely associated with the digital device;
  
  receiving, at the server from the digital device, a request from the digital device to receive the service;
  
  based on the database record, determining, by the server, a desired service state value for the digital device corresponding to the service that was paid for;
  
  encoding, by the server, the desired service state value in a digital message, wherein the digital message is encoded uniquely for the digital device, wherein the digital message is unusable at a different digital device, by;
  
  creating and storing a digital one-way hash of the digital message;
  
  encrypting the one-way hash of the digital message using a public key that is uniquely associated with the digital device, to result in creating an encrypted hash;
  
  digitally signing the encrypted hash using a signing key unique to the service provider, to result in creating an encrypted signed hash;
  
  appending the encrypted signed hash to the digital message;
  
  wherein the digital message carries a plurality of control values that collectively define the desired service state that the digital device is authorized to use;
  
  securely authorizing, by the server, the plurality of control values that are enabled, disabled, or set to particular values depending on the features, services or products represented in the digital message; and
  
  sending the digital message to the digital device that delivers a service experience associated with the service, or a feature, to an end user of the digital device.

13. A method of securely enabling features of a digital video recorder, the method comprising the computer-implemented steps of:
- storing, by a server, a record of payment for a service in which a digital device can participate in a database associated with a service provider that provides the service, wherein the record is uniquely associated with the digital device;
  
  receiving, by the server, a request from the digital device to receive the service;
  
  based on the database record, determining, by the server, a desired service state value for the digital device corresponding to the service that was paid for;
  
  encoding, by the server, the desired service state value in a digital message, wherein the digital message is encoded uniquely for the digital device, wherein the digital message is unusable at a different digital device, by;
  
  creating and storing a digital one-way hash of the digital message;
  
  encrypting the hash of the digital message using a public key that is uniquely associated with the digital device to result in creating an encrypted hash;
  
  digitally signing the encrypted hash using a signing key unique to the service provider, to result in creating an encrypted signed hash;
  
  appending, by the server, the encrypted signed hash to the digital message;
  
  sending the digital message from the server to the digital device;
  
  based on the digital message, determining, by the digital device;
  
  a plurality of control values that collectively define the desired service state within the digital device, the plurality of control values indicate specific capabilities of the digital device that are enabled, disabled, or set to particular values depending on the features, services or products represented in the digital message; and
  
  providing the plurality of control values to one or more applications hosted by the digital device that deliver a service experience associated with the service, or a feature, to an end user of the digital device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
ROVI Product Corporation (Xperi Inc.)
Original Assignee
TiVo Inc. (Adeia Inc.)
Inventors
Lee, Richard, Barton, Michael, Townsend, J. Eric, Barton, James, Stevens, Paul, Feder, Adam, Davison, Timothy
Primary Examiner(s)
Caldwell; Andrew
Assistant Examiner(s)
Liu; Lin

Application Number

US10/958,642
Time in Patent Office

2,395 Days
Field of Search

709/228, 725/86
US Class Current

709/203
CPC Class Codes

G06F 16/9535   Search customisation based ...

G06F 16/9537   Spatial or temporal depende...

G11B 2220/20   Disc-shaped record carriers

G11B 27/005   Reproducing at a different ...

G11B 27/105   of operating discs

G11B 27/34   Indicating arrangements in...

H04N 21/252   Processing of multiple end-...

H04N 21/25891   being end-user preferences ...

H04N 21/26606   for generating or managing ...

H04N 21/4147   PVR [Personal Video Recorde...

H04N 21/42228   the reprogrammable keys bei...

H04N 21/443   OS processes, e.g. booting ...

H04N 21/4532   involving end-user characte...

H04N 21/454   Content or additional data ...

H04N 21/47   End-user applications

H04N 21/4828   for searching program descr...

H04N 21/485   End-user interface for clie...

H04N 21/6334   for authorisation, e.g. by ...

H04N 21/6581   Reference data, e.g. a movi...

H04N 21/812   involving advertisement dat...

H04N 21/8453 : by locking or enabling a se...

H04N 5/76 : Television signal recording

H04N 5/781 : on disks or drums

H04N 5/782 : on tape

H04N 5/85 : on discs or drums

H04N 5/907 : using static stores, e.g. s...

H04N 7/163 : by receiver means only

H04N 7/173 : with two-way working, e.g. ...

H04N 7/17318 : Direct or substantially dir...

H04N 7/17354 : in an intermediate station ...

H04N 9/8042 : involving data reduction

View All

Secure control of features of a digital device

First Claim

15 Assignments

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Secure control of features of a digital device

First Claim

15 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links