Reconfigurable access network encryption architecture

US 9,756,026 B2
Filed: 07/02/2015
Issued: 09/05/2017
Est. Priority Date: 12/07/2010
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, by a system and from a first encryption manager separate from the system, a first set of encryption management data converted from a proprietary format of a first conditional access system to a standard format different from the proprietary format of the first conditional access system, wherein the first set of encryption management data comprises an encryption algorithm;

converting the first set of encryption management data from the standard format to a format useable by a first encryption module of the system, wherein the format useable by the first encryption module is different from the standard format;

in response to the receiving and subsequent to the converting, configuring the first encryption module of the system using the first set of encryption management data resulting in a configured first encryption module;

in response to configuring the first encryption module, receiving a first set of encryption control data comprising one or more control words;

in response to receiving the first set of encryption control data, encrypting, by the configured first encryption module, a content item using the one or more control words and in accordance with the first set of encryption management data; and

transmitting, by the system and to a device, the encrypted content item.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An access platform or other network elements can include multiple line cards configured to encrypt data. The platform and/or each of the line cards may receive encryption management data that conforms to a predefined encryption management data interface. The encryption management data received by a particular line card may be generated by a conditional access system device and converted to conform to the encryption management data interface by an encryption manager. Line cards may alternatively be configured for connection to separate encryption hardware components. Line cards may include a block of field programmable gate arrays or other type of programmable hardware that can be configured to execute an encryption module.

Citations

20 Claims

1. A method comprising:
- receiving, by a system and from a first encryption manager separate from the system, a first set of encryption management data converted from a proprietary format of a first conditional access system to a standard format different from the proprietary format of the first conditional access system, wherein the first set of encryption management data comprises an encryption algorithm;
  
  converting the first set of encryption management data from the standard format to a format useable by a first encryption module of the system, wherein the format useable by the first encryption module is different from the standard format;
  
  in response to the receiving and subsequent to the converting, configuring the first encryption module of the system using the first set of encryption management data resulting in a configured first encryption module;
  
  in response to configuring the first encryption module, receiving a first set of encryption control data comprising one or more control words;
  
  in response to receiving the first set of encryption control data, encrypting, by the configured first encryption module, a content item using the one or more control words and in accordance with the first set of encryption management data; and
  
  transmitting, by the system and to a device, the encrypted content item.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the first encryption module is associated with a first line card of a plurality of line cards of the system.
  - 3. The method of claim 2, further comprising:
    - removing the first encryption module from the first line card; and
      
      inserting a second encryption module different from the first encryption module into the first line card.
  - 4. The method of claim 1, further comprising:
    - recognizing, by the system, that data received is encryption management data based on the data being in the standard format.
  - 5. The method of claim 1, wherein the standard format is associated with a logical interface for use with encryption management data.
  - 6. The method of claim 1, further comprising:
    - receiving, by the system and from a second encryption manager separate from the system and the first encryption manager, a second set of encryption management data converted from a propriety format of a second conditional access system to the standard format different from the proprietary format of the second conditional access system;
      
      in response to receiving the second set of encryption management data, configuring a second encryption module of the system using the second set of encryption management data resulting in a configured second encryption module;
      
      in response to configuring the second encryption module, receiving a second set of encryption control data comprising one or more control words;
      
      in response to receiving the second set of encryption control data, encrypting, by the configured second encryption module, a different content item using the one or more control words of the second set of encryption control data and in accordance with the second set of encryption management data; and
      
      in response to encrypting the different content item, transmitting, by the system and to the device, the encrypted different content item.
  - 7. The method of claim 1, further comprising:
    - receiving, by the first encryption manager and from the first conditional access system, the first set of encryption management data in the proprietary format; and
      
      converting the first set of encryption management data from the proprietary format to the standard format.
  - 8. The method of claim 1, wherein the proprietary format and the format useable by the first encryption module are a same format.

9. A method comprising:
- receiving, by a system and from a first encryption manager separate from the system, a first set of encryption management data converted from a proprietary format of a first conditional access system to a standard format different from the proprietary format of the first conditional access system, wherein the first set of encryption management data comprises an encryption algorithm;
  
  in response to the receiving, converting the first set of encryption management data from the standard format to a format useable by a first encryption module of the system, wherein the format useable by the first encryption module is different from the standard format;
  
  in response to the converting, configuring the first encryption module of the system using the first set of encryption management data resulting in a configured first encryption module; and
  
  in response to the configuring, encrypting, by the configured first encryption module, a content item using a first set of encryption control data and in accordance with the first set of encryption management data.
- View Dependent Claims (10, 11, 12, 13, 14, 15)
- - 10. The method of claim 9, further comprising:
    - forwarding the first set of encryption management data to a line card of the system and associated with the first encryption module.
  - 11. The method of claim 9, further comprising:
    - recognizing, by the system, that data received by the system is encryption management data based on the data being in the standard format.
  - 12. The method of claim 9, further comprising:
    - removing the first encryption module from a line card of the system;
      
      inserting a second encryption module into the line card;
      
      receiving a second set of encryption management data associated with a second conditional access system; and
      
      configuring the second encryption module using the second set of encryption management data.
  - 13. The method of claim 9, wherein the standard format is associated with a logical interface for use with encryption management data.
  - 14. The method of claim 9, further comprising:
    - receiving, by the first encryption manager and from the first conditional access system, the first set of encryption management data in the proprietary format; and
      
      converting the first set of encryption management data from the proprietary format to the standard format.
  - 15. The method of claim 9, wherein the first set of encryption control data comprises one or more control words and control word rotation information.

16. A method comprising:
- receiving, by a system and from a first encryption manager separate from the system, a first set of encryption management data converted from a proprietary format of a first conditional access system to a standard format different from the proprietary format of the first conditional access system, wherein the first set of encryption management data comprises an encryption algorithm;
  
  in response to the receiving, forwarding the first set of encryption management data to a line card of a plurality of line cards of the system;
  
  in response to the forwarding, converting the first set of encryption management data from the standard format to a format useable by a first encryption module of the line card, wherein the format useable by the first encryption module is different from the standard format; and
  
  in response to the converting, encrypting, by the first encryption module, a content item using a first set of encryption control data and in accordance with the first set of encryption management data.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The method of claim 16, further comprising:
    - configuring the first encryption module using the first set of encryption management data.
  - 18. The method of claim 16, further comprising:
    - recognizing, by the system, that data received by the system is encryption management data based on the data being in the standard format.
  - 19. The method of claim 16, wherein the first set of encryption control data comprises one or more control words and control word rotation information.
  - 20. The method of claim 16, further comprising:
    - transmitting, by the system and to a device, the encrypted content item.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Comcast Cable Communications LLC (Comcast Corporation)
Original Assignee
Comcast Cable Communications LLC (Comcast Corporation)
Inventors
Salinger, Jorge Daniel, Taylor, Kevin, Fahrny, James William
Primary Examiner(s)
PEARSON, DAVID J

Application Number

US14/790,753
Publication Number

US 20160006706A1
Time in Patent Office

796 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/1062   Editing

G06F 21/602   Providing cryptographic fac...

G06F 21/604   Tools and structures for ma...

H04L 63/0457   wherein the sending and rec...

H04N 21/226   Characteristics of the serv...

H04N 21/26606   for generating or managing ...

H04N 21/631   Multimode Transmission, e.g...

Reconfigurable access network encryption architecture

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Reconfigurable access network encryption architecture

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links