Secure conditional access port interface
First Claim
1. A set-top box comprising:
- a bus;
a first connection, a second connection and a third connection separate from said bus;
a front-end device coupled to said bus and comprising a first tuner adapted to receive broadcast digital signals comprising audio and video content;
a point of deployment (POD) coupled to said front-end device and adapted to receive a smart card, said smart card plugged into said POD;
a first functional block coupled to said bus and also directly connected to said front-end device via said first connection, said first functional block adapted to descramble said digital signals if said digital signals are scrambled and to encrypt said digital signals if said digital signals are unencrypted;
an integrated circuit device coupled to said bus and also directly connected to said first functional block via said second connection, said integrated circuit device comprising a second functional block and a decryption engine integrated therein, wherein said digital signals from said front-end device are received by said decryption engine only via said first connection, said first functional block and said second connection;
wherein said decryption engine is configured to decrypt said digital signals received by said integrated circuit device and supply decrypted digital signals to said second functional block, wherein there are no points between said front-end device and said first functional block nor between said first functional block and said second functional block at which said digital signals are both descrambled and unencrypted; and
a third functional block coupled to said bus and also directly connected to said integrated circuit via said third connection, said third functional block adapted for graphics processing of said digital signals received from said integrated circuit device only via said third connection.
3 Assignments
0 Petitions
Accused Products
Abstract
An apparatus and method thereof for providing a secure path for a digital signal in an intelligent transceiver such as a bi-directional set-top box. A digital signal (e.g., a broadcast signal or a signal received via a cable modem) is received by the intelligent transceiver at a front-end device (comprising, for example, a tuner). The digital signal is descrambled (if it is scrambled) and encrypted (if it is not encrypted) by a first functional block (e.g., an interface card or point of deployment) coupled to the front-end device. Coupled to the front-end device via the first functional block is a second functional block for processing (e.g., decoding) audio and/or visual content within the digital signal. Integrated into the second functional block is a decryption engine for decrypting encrypted signals. Signals from the front-end device are received via the first functional block by the decryption engine integral to the second functional block. There are no points between the first functional block and the decryption engine and between the decryption engine and the second functional block at which a descrambled and decrypted signal can be intercepted, thus providing a secure interface between the front-end device and the second functional block.
91 Citations
14 Claims
-
1. A set-top box comprising:
-
a bus; a first connection, a second connection and a third connection separate from said bus; a front-end device coupled to said bus and comprising a first tuner adapted to receive broadcast digital signals comprising audio and video content; a point of deployment (POD) coupled to said front-end device and adapted to receive a smart card, said smart card plugged into said POD; a first functional block coupled to said bus and also directly connected to said front-end device via said first connection, said first functional block adapted to descramble said digital signals if said digital signals are scrambled and to encrypt said digital signals if said digital signals are unencrypted; an integrated circuit device coupled to said bus and also directly connected to said first functional block via said second connection, said integrated circuit device comprising a second functional block and a decryption engine integrated therein, wherein said digital signals from said front-end device are received by said decryption engine only via said first connection, said first functional block and said second connection; wherein said decryption engine is configured to decrypt said digital signals received by said integrated circuit device and supply decrypted digital signals to said second functional block, wherein there are no points between said front-end device and said first functional block nor between said first functional block and said second functional block at which said digital signals are both descrambled and unencrypted; and a third functional block coupled to said bus and also directly connected to said integrated circuit via said third connection, said third functional block adapted for graphics processing of said digital signals received from said integrated circuit device only via said third connection. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A set-top box comprising:
-
a bus; a first connection, a second connection and a third connection separate from said bus; a modular front-end block coupled to said bus, said modular front-end block comprising; a first tuner adapted to receive digital signals from a digital broadcast system; and a second tuner for receiving digital signals via the Internet, said digital signals from said digital broadcast system and from the Internet comprising audio and video content; a modular conditional access block coupled to said bus and adapted to receive a smart card, said smart card inserted into said modular conditional access block, said modular conditional access block also directly connected to said modular front-end block using said first connection, said modular conditional access block adapted to descramble digital signals from said digital broadcast system and from the Internet if said digital signals are scrambled and to encrypt said digital signals if said digital signals are unencrypted; a modular decode block coupled to said bus, said modular decode block also directly connected to said modular conditional access block using said second connection, said modular decode block comprising an integrated circuit device coupled to said modular front-end block via said modular conditional access block, said integrated circuit device adapted to receive encrypted digital signals from said modular conditional access block, said integrated circuit device comprising a functional block and a decryption engine integrated therein, wherein said decryption engine is for decrypting said encrypted digital signals and wherein said functional block is for decoding audio and video content contained in said digital signals, wherein there are no points between said modular front-end block and said modular conditional access block nor between said modular conditional access block and said modular decode block at which said digital signals are both descrambled and unencrypted; a modular graphics processing block coupled to said bus, said modular graphics processing block also directly connected to said modular decode block using said third connection, said modular graphics processing block adapted for graphics processing of digital signals received from said integrated circuit device; and a modular central processing unit coupled to said bus, wherein said modular front-end block, said modular conditional access block, said modular decode block, said modular graphics processing block and said modular central processing unit communicate instructions via said bus and wherein said digital signals are communicated from said modular front-end block to said modular graphics processing block outside of said bus via only said first, second and third connections. - View Dependent Claims (11, 12, 13)
-
-
14. A method for providing a secure path for a digital signal in an intelligent transceiver, said method comprising:
-
receiving broadcast digital signals comprising audio and video content at a front-end device coupled to a bus, said bus for communicating addresses and data other than said digital signals; sending said digital signals from said front-end device to a first functional block only over a direct first connection separate from said bus, said first functional block for descrambling said digital signals if said digital signals are scrambled and for encrypting said digital signals if said digital signals are unencrypted; sending said digital signals from said first functional block to a second functional block only over a direct second connection separate from said bus, said second functional block having a decryption engine integrated therein for decrypting said digital signals, wherein said digital signals are delivered from said front-end device to said decryption engine only via said first connection, said first functional block and said second connection; and sending said digital signals from said second functional block to a third functional block only over a direct third connection separate from said bus, said third functional block for graphics processing of said digital signals.
-
Specification