PC secure video path
First Claim
Patent Images
1. A secure media content delivery method, comprising:
- using an electronic key safe to create a protected media path having a secure video content processor, wherein the protected media path is parallel to an unsecured media content path;
receiving secured and unsecured content from an external network;
routing the secured content to the protected media path; and
routing the unsecured content to the unsecured media content path, wherein using the electronic key safe to create the protected media path further comprises the key safe generating an authentication request containing identification values of both the key safe and the secure video content processor;
further comprisingthe key safe supplying a different decryption key to the secure video content processor for each of a plurality of different pieces of secured media content received via the external network;
receiving a request for secured content, obtaining a content key from the key safe; and
using the content key to decrypt the secured content after the secured content is received via the external network; and
establishing a secure tunnel between the key safe and the secure video content processor, and transmitting the content key from the key safe to the secure video content processor via the secure tunnel.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method are disclosed for creating a secure video content path, or a protected media content bus, within an unsecure personal computer. A portable security module, or electronic key safe, may be inserted into a personal computer that has different internal components for processing secure and unsecured content. The security module may establish a secure encrypted link with a secure video processor of the personal computer, and may use the personal computer'"'"'s network interface to request authority to receive secured content. The security module may provide content keys to the secure video processor to access secured content received over an external network.
20 Citations
10 Claims
-
1. A secure media content delivery method, comprising:
-
using an electronic key safe to create a protected media path having a secure video content processor, wherein the protected media path is parallel to an unsecured media content path; receiving secured and unsecured content from an external network; routing the secured content to the protected media path; and routing the unsecured content to the unsecured media content path, wherein using the electronic key safe to create the protected media path further comprises the key safe generating an authentication request containing identification values of both the key safe and the secure video content processor;
further comprisingthe key safe supplying a different decryption key to the secure video content processor for each of a plurality of different pieces of secured media content received via the external network; receiving a request for secured content, obtaining a content key from the key safe; and
using the content key to decrypt the secured content after the secured content is received via the external network; andestablishing a secure tunnel between the key safe and the secure video content processor, and transmitting the content key from the key safe to the secure video content processor via the secure tunnel. - View Dependent Claims (2, 10)
-
-
3. A computer, comprising:
-
an electronic key safe interface, configured to connect to an external electronic key safe; a secure video processor, configured to process secured video content for output to a display; an unsecured video processor, configured to process unsecured video content for output to a display; and a first processor, configured to receive a content key from the external electronic key safe via the key safe interface, and supply the content key to the secure video processor, wherein the secure video processor is configured to decrypt secure media content received from an external network using the content key, wherein the first processor is configured to forward unsecured video content to the unsecured video processor for processing and display, and divert secured video content to the secure video processor for processing and display, and wherein secured video content is processed by the secure video processor and then supplied to the unsecured video processor for display, wherein the secure video processor is further configured to receive, via the key safe interface, a different decryption key for each of a plurality of different pieces of secured media content received by the computer via the external network; and establish a secure tunnel between the key safe and the secure video processor, and receive the content key from the key safe via the secure tunnel. - View Dependent Claims (4, 5)
-
-
6. A content system, comprising:
-
an electronic key safe, comprising; an interface configured to attach to a computer interface; a processor; and one or more non-transitory computer-readable media, storing instructions that, when executed by the processor, cause the following to occur; identify a secure video processor of a computer after the electronic key safe is attached to the computer; exchange information with the secure video processor and establish a session key for secure tunnel communications between the electronic key safe and the secure video processor; following successful creation of the session key, transmit a key request message to an external trusted authority, wherein the key request message includes an identification of the secure video processor, and identification of the electronic key safe, and an identification of an authentication proxy to be used by the electronic key safe; determine a content key needed by the secure video processor to decrypt secure content; transmit the content key to the secure video processor in response to a request to access the secure content; receive a key response message from the external trusted authority, wherein the key response message includes one or more private keys of the authentication proxy; use a private key of the authentication proxy to transmit a client sign-on request to the authentication proxy; receive a sign-on confirmation; and subsequent to receiving the sign-on confirmation, transmit a content request to a content source; and the content source, wherein the content source is configured to receive a registered device message from the authentication proxy after the client sign-on request; and
to use information from the registered device message to approve or deny the content request. - View Dependent Claims (7)
-
-
8. One or more non-transitory computer readable media, storing computer-executable instructions that, when executed on a computer, cause the following to occur:
-
detecting insertion of a portable electronic key safe on a computer coupled to an external network; using the portable electronic key safe to create a protected media path having a secure content processor; receiving secured and unsecured content at the computer from the external network; routing the secured content to the protected media path; and routing the unsecured content to a media content path in the computer different from the protected media path, wherein using the portable electronic key safe to create the protected media path further comprises transmitting an authentication request containing identification values of both the key safe and the secure content processor in the computer receive, from the electronic key safe and at the protected media path, a different decryption key for each of a plurality of different pieces of secured media content received by the computer via the external network; receive a request for secured content, obtain a content key from the key safe; and
use the content key to decrypt the secured content after the secured content is received via the external network; andestablish a secure tunnel between the key safe and the secure content processor, and transmit the content key from the key safe to the secure content processor via the secure tunnel. - View Dependent Claims (9)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeComcast Cable Communications LLC (Comcast Corporation)
-
Original AssigneeComcast Cable Communications LLC (Comcast Corporation)
-
InventorsFahrny, James William
-
Primary Examiner(s)Mehedi, Morshed
-
Application NumberUS12/717,234Publication NumberTime in Patent Office1,139 DaysField of Search713/191, 713/192, 713/193, 726/26US Class Current726/26CPC Class CodesG06F 21/109 by using specially-adapted ...G06F 21/606 by securing the transmissio...H04L 63/0884 by delegation of authentica...H04L 9/08 Key distribution or managem...H04L 9/0827 involving distinctive inter...H04N 21/64715 Protecting content from una...
