Content licensing and conditional access using a mobile device

US 8,590,028 B2
Filed: 07/09/2008
Issued: 11/19/2013
Est. Priority Date: 07/09/2007
Status: Active Grant

First Claim

Patent Images

1. A method for controlling access to protected content provided by a service provider, the method comprising:

during a registration process for a given user, storing an association between a symmetric encryption key and a unique identifier of a set-top box for the given user;

encrypting the protected content using the symmetric encryption key associated with the unique identifier of the set-top box, wherein the set-top box is configured to validate access to view the protected content by accepting a content token;

encrypting the symmetric encryption key to an encrypted symmetric encryption key, wherein the encrypted symmetric encryption key is decryptable with the content token serving as a dynamically-generated encryption key, wherein a mobile application configured to run on a mobile device that is physically separate from the set-top box is configured to generate the content token on the mobile device that is physically separate from the set-top box in response to a user request for access to view the protected content; and

transmitting the encrypted protected content and the encrypted symmetric encryption key to the set-top box.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques and tools are described which provide control access mechanisms for contents made available by a service provider to a user. The user, after a registration process, uses a mobile application on a mobile device to generate a one-time content key. The content key is input into a set-top box which validates the key and provides access to the protected content. The mobile application allows for password protection for the user, as well as a recharging ability when its one-time content keys are exhausted.

Citations

23 Claims

1. A method for controlling access to protected content provided by a service provider, the method comprising:
- during a registration process for a given user, storing an association between a symmetric encryption key and a unique identifier of a set-top box for the given user;
  
  encrypting the protected content using the symmetric encryption key associated with the unique identifier of the set-top box, wherein the set-top box is configured to validate access to view the protected content by accepting a content token;
  
  encrypting the symmetric encryption key to an encrypted symmetric encryption key, wherein the encrypted symmetric encryption key is decryptable with the content token serving as a dynamically-generated encryption key, wherein a mobile application configured to run on a mobile device that is physically separate from the set-top box is configured to generate the content token on the mobile device that is physically separate from the set-top box in response to a user request for access to view the protected content; and
  
  transmitting the encrypted protected content and the encrypted symmetric encryption key to the set-top box.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The method of claim 1, further comprising:
    - providing a user registration kit comprising a set of registration parameters for entry into a mobile device.
  - 3. The method of claim 2, wherein the user registration kit comprises:
    - a registration kit number,the mobile application,and a secret code.
  - 4. The method of claim 3, wherein the secret code is an alphanumeric key for the mobile application to be installed on the mobile device, the mobile application operable to generate the dynamically-generated encryption key.
  - 5. The method of claim 4, wherein the secret code is provided to be installed on the mobile device using a scratch card.
  - 6. The method of claim 2, further comprising:
    - personalizing the mobile device of the user and the set-top box using the registration kit.
  - 7. The method of claim 2, wherein storing the association comprises:
    - updating a database with the unique identifier of the set-top box number for the user, a registration kit number for the user, and a secret code.
  - 8. The method of claim 1, wherein the mobile application configured to run on the mobile device is configured to provide the content token only if a password supplied by the user is correct.
  - 9. The method of claim 1, further comprising recharging of the set-top box and the software application by using a recharge kit to grant access to the protected content provided by the service provider after the registration process.
  - 10. The method of claim 1, wherein the mobile application configured to run on the mobile device is configured to determine that the mobile application has exhausted its content tokens and new content tokens cannot be provided until a recharge.
  - 11. The method as recited in claim 10, further comprising, when a subscription for the mobile application is not expired but the application has exhausted its content tokens, requesting a new mobile application.
  - 12. The method of claim 1, further comprising enforcing a time-based access license for the user to access the protected content, wherein the mobile application is bundled in an application bundle with a license certificate.
  - 13. The method of claim 12, further comprising loading the application bundle into the mobile device by loading at least one chosen from the group consisting of a signer certificate, a digital signature for a service code, and a digital signature for the license certificate with the application bundle.
  - 14. The method of claim 12, wherein enforcing the time-based access license comprises authenticating the license certificate of the user.
  - 15. The method of claim 1, wherein the set-top box provides access to content only if an access time is within a license period.

16. One or more computer-readable storage media not consisting of a signal containing-instructions which cause a computer to perform a method for controlling access to content from a service provider encrypted with a symmetric key and accompanied by an encrypted version of the symmetric key, the method comprising:
- accepting a set of parameters in a mobile device of a user that is physically separate from a set-top box, wherein the parameters comprise a unique identifier of the set-top box;
  
  as part of a registration process, sending the parameters to the service provider for storage in a service provider database as associated with the user;
  
  upon request by a user, in the mobile device that is physically separate from the set-top box, generating a dynamic key for viewing the content on a set-top box, wherein the dynamic key generated by the mobile device that is physically separate from the set-top box is operable to decrypt the encrypted version of the symmetric key used to encrypt the content; and
  
  inputting the dynamic key into the set-top box to access the content.
- View Dependent Claims (17, 18, 19, 20, 21, 22)
- - 17. The one or more computer-readable storage media not consisting of a signal of claim 16, wherein the method further comprises recharging the set-top box using a recharge kit after the registration process.
  - 18. The one or more computer-readable storage media not consisting of a signal of claim 16, wherein the method further comprises providing a license certificate for validation by the set-top box to enforce a time-based access license for the user.
  - 19. The one or more computer-readable storage media not consisting of a signal of claim 16, wherein the method further comprises requesting a new dynamic key generating facility when dynamic keys on the mobile device are exhausted.
  - 20. The one or more computer-readable storage media not consisting of a signal of claim 16, wherein:
    - the method further comprises storing a license certificate in the mobile device, wherein the license certificate identifies a license time restriction period; and
      
      the license certificate limits access time of the content to access times within the license time restriction period.
  - 21. The one or more computer-readable storage media not consisting of a signal of claim 16, wherein:
    - the method further comprises storing a digital signature for the license certificate and a signer certificate for a digital signer of the license certificate in the mobile device.
  - 22. The one or more computer-readable storage media not consisting of a signal of claim 16, wherein:
    - the method further comprises accepting a password by the mobile device; and
      
      verifying that the password is correct before generating the dynamic key.

23. A system comprising:
- a set-top box;
  
  a mobile device;
  
  one or more set-top box program modules executable on the set-top box having a unique identifier and configured to receive protected content from a service provider;
  
  a mobile application executable on the mobile device controllable by a user and physically separate from the set-top box;
  
  wherein the mobile application causes the mobile device to perform a method comprising;
  
  accepting a set of parameters, wherein the parameters comprise the unique identifier of the set-top box;
  
  as part of a registration process, sending the parameters to the service provider for storage in a service provider database as associated with the user;
  
  upon request by the user, generating a dynamic key for viewing the protected content on the set-top box, wherein the dynamic key is operable to decrypt a symmetric key used to encrypt the protected content; and
  
  inputting the dynamic key into the set-top box; and
  
  wherein the one or more set-top box program modules cause the set-top box to perform a method comprising;
  
  receiving, from the service provider, the protected content and an encrypted symmetric key used to encrypt the protected content;
  
  receiving the dynamic key from the mobile device;
  
  decrypting the encrypted symmetric key with the dynamic key received from the mobile device; and
  
  decrypting the protected content with the decrypted symmetric key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Infosys Limited
Original Assignee
Infosys Limited
Inventors
Saxena, Ashutosh, Ponnapalli, Harigopal K. B.
Primary Examiner(s)
SHEHNI, GHAZAL B

Application Number

US12/170,240
Publication Number

US 20090019501A1
Time in Patent Office

1,959 Days
Field of Search

726/2, 726/9, 726/27, 380247-250
US Class Current

726/9
CPC Class Codes

H04N 21/2347   involving video stream encr...

H04N 21/25875   involving end-user authenti...

H04N 21/26613   for generating or managing ...

H04N 21/4126   The peripheral being portab...

H04N 21/4405   involving video stream decr...

H04N 21/4753   for user identification, e....

H04N 7/1675   Providing digital key or au...

H04N 7/17318   Direct or substantially dir...

Content licensing and conditional access using a mobile device

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

Content licensing and conditional access using a mobile device

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links