Claims for Patent: 8,050,406
✉ Email this page to a colleague
Summary for Patent: 8,050,406
| Title: | Key table and authorization table management |
| Abstract: | A receiver device consistent with certain embodiments that receives and decrypts digital cable or satellite television signals has a receiver that tunes and demodulates the television signal into a digital transport stream. A decrypter decrypts the digital transport stream using a pair of decryption keys. A first decryption key array stored in a first storage location forming a part of the receiver device, and a second key array stored in a second storage location forming a part of the receiver device, the first and second key arrays representing ordered pairs of keys. An authorization table is stored in a third storage location forming a part of the receiver device, the authorization table containing a mapping, wherein each ordered pair of decryption keys corresponds to a different one of a plurality of Multichannel Video Program Distributors (MVPD). This abstract is not to be considered limiting, since other embodiments may deviate from the features described in this abstract. |
| Inventor(s): | Pedlow, Jr.; Leo M. (Ramona, CA) |
| Assignee: | Sony Corporation (Tokyo, JP) Sony Electronics Inc. (Park Ridge, NJ) |
| Application Number: | 11/348,777 |
| Patent Claims: | 1. A receiver device that receives and decrypts digital television signals, comprising: a receiver that tunes and demodulates the television signal into a digital transport
stream; a decrypter that decrypts the digital transport stream using a pair of decryption keys comprising an even key and an odd key, wherein the even and odd keys are alternately used by the decrypter for decryption during successive key epochs; a key
table stored in a first secure persistent storage medium forming a part of the receiver device, the key table containing a library of a plurality of even keys and an associated plurality of odd keys forming key pairs that are indexed with a key
identifier, wherein the library of key pairs can be accessed by an index to select a particular key pair from the library; where the index comprises a memory address; an authorization table stored in a second secure persistent storage medium forming a
part of the receiver device, the authorization table containing a mapping in the form of a key index of a logical channel to a key pair identifier for each of a plurality of logical channels and further containing a service mask entry for each logical
channel that determines authorization to access each logical channel and operational attributes associated with the logical channel and further containing a CPE operation mask that stores control attributes for the receiver device; where the mapping
maps a each logical channel to a key index, and where there are more key indices than logical channels; at least one bouquet association table (BAT) having a unique identifier stored in the receiver device, that stores an association between a
collection of logical channels and a service tier authorized for the receiver device; wherein, at least a portion of contents of the authorization table is received in a first encrypted private Entitlement Management Message (EMM) message in order to
establish or change the mapping of a logical channel to a key pair identifier without need to change the library of key pairs, where the encrypted private EMM is devoid of any key associated with any logical channel in the library of key pairs but
instead provides the key index associated with a logical channel so that the key index can be used to access a selected key from the library of key pairs; and means responsive to a user input for selecting one of the plurality of logical channels in the
authorization table to identify a key index associated with the selected logical channel, and for further using the key index to select a key pair from the key table for use by the decrypter in decrypting the transport stream.
2. The receiver device according to claim 1, further comprising a DOCSIS modem forming a part of the receiver device, and wherein the first EMM is received by the receiver device over the DOCSIS modem via an out of band channel. 3. The receiver device according to claim 1, wherein the first EMM is received by the receiver device using an inband channel. 4. The receiver device according to claim 1, wherein at least a portion of the contents of the key table is received in a second encrypted private (EMM) message. 5. The receiver device according to claim 4, further comprising a DOCSIS modem forming a part of the receiver device, and wherein the second EMM is received by the receiver device over the DOCSIS modem via an out of band channel. 6. The receiver device according to claim 4, wherein the second EMM is received by the receiver device using an inband channel. 7. The receiver device according to claim 1, wherein the encrypted private EMM message updates the key table and contains a collection of either odd keys or even keys only, whereby, no single EMM message for updating the key table contains both odd keys and even keys. 8. The receiver device according to claim 1, wherein at least a portion of the library of keys in the key table is replaced by receipt of a pair of encrypted private EMM message, with one containing replacement odd keys the other containing replacement even keys. 9. The receiver device according to claim 1, wherein a new set of odd keys is only stored in the key table during a time when an odd key is currently in use by the decrypter, and wherein a new set of even keys is only stored in the key table during a time when an even key is currently in use by the decrypter. 10. The receiver device according to claim 1, wherein the key table entries are initially populated during a provisioning process. 11. The receiver device according to claim 1, wherein the key table entries are initially populated at a time of manufacture. 12. The receiver device according to claim 1, wherein the authorization table further comprises an operation mask that determines whether or not the receiver device is authorized to operate on a specified network. 13. The receiver device according to claim 1, wherein the first secure persistent storage medium and the second secure persistent storage medium comprise separate portions of a single storage device. 14. The receiver device according to claim 1, wherein the first and second secure persistent storage medium are mechanically secured within the receiver device such that the key table and the authorization table are inaccessible in unencrypted form. 15. The receiver device according to claim 1, wherein the key table contains at least about 8,000,000 unique key pairs. 16. A receiver device that receives and decrypts digital television signals, comprising: a receiver that tunes and demodulates the television signal into a digital transport stream; a decrypter that decrypts the digital transport stream using a pair of decryption keys; a first decryption key array stored in a first storage location forming a part of the receiver device; a second key array stored in a second storage location forming a part of the receiver device, the first and second key arrays representing ordered pairs of keys such that the first and second key arrays provide library of key pairs that can be accessed by an index to a selected key pair; where the index comprises a memory address; an authorization table stored in a third storage location forming a part of the receiver device, the authorization table containing a mapping in the form of a key index, wherein each ordered pair of decryption keys corresponds to a different one of a plurality of Multichannel Video Program Distributors (MVPD), the authorization table further containing a service mask entry for each logical channel that determines authorization to access each logical channel and operational attributes associated with the logical channel and the authorization table further containing a CPE operation mask that stores control attributes for the receiver device; where the mapping maps a each logical channel to a key index, and where there are more key indices than logical channels; at least one bouquet association table (BAT) having a unique identifier stored in the receiver device, that stores an association between a collection of logical channels and a service tier authorized for the receiver device; and wherein, at least a portion of contents of the authorization table is received in a first encrypted private Entitlement Management Message (EMM) message in order to establish or change the mapping of the ordered pair of decryption keys to the MVPD without need to change the library of key pairs, where the encrypted private EMM is devoid of any key associated with any MVPD in the library of key pairs but instead provides the key index associated with a MVPD so that the key index can be used to access a selected key from the library of key pairs. 17. The receiver device according to claim 16, wherein the authorization table is received in a first encrypted private Entitlement Management Message (EMM) message in order to establish the mapping. 18. The receiver device according to claim 16, further comprising means responsive to a user input for selecting one of the plurality MVPDs to identify an ordered pair of decryption keys using the mapping in the authorization table. 19. The receiver device according to claim 16, wherein the authorization table further comprises a service mask entry for each MVPD that determines the receiver device's authorization to receive content from each MVPD. 20. The receiver device according to claim 16, wherein the authorization table further comprises an operation mask that determines whether or not the receiver device is authorized to operate on a specified network. 21. The receiver device according to claim 16, wherein the authorization table contains global attributes of the receiver device. 22. The receiver device according to claim 16, wherein the service mask authorization table contains a service attribute for at least one channel. 23. A receiver device that receives and decrypts digital television signals, comprising: a receiver that tunes and demodulates the television signal into a digital transport stream; a decrypter that decrypts the digital transport stream using a pair of decryption keys comprising an even key and an odd key, wherein the even and odd keys are alternately used by the decrypter for decryption during successive key epochs; a key table stored in a first secure persistent storage medium forming a part of the receiver device, the key table containing a library of a plurality of even keys and an associated plurality of odd keys forming key pairs that are indexed with a key identifier, wherein the library of key pairs can be accessed by an index to select a particular key pair and wherein the key table entries are initially populated during a provisioning process; where the index comprises a memory address; wherein at least a portion of the library of keys in the key table is replaced by receipt of a first encrypted private EMM message that contains replacement odd keys and receipt of a second encrypted private EMM message that contains replacement even keys, and wherein a new set of odd keys is only stored in the key table during a time when an odd key is currently in use by the decrypter, and wherein a new set of even keys is only stored in the key table during a time when an even key is currently in use by the decrypter; an authorization table stored in a second secure persistent storage medium forming a part of the receiver device, the authorization table containing a mapping in the form of a key index of a logical channel to a key pair identifier for each of a plurality of logical channels; where the mapping maps a each logical channel to a key index, and where there are more key indices than logical channels; wherein the authorization table further comprises a service mask entry for each logical channel that determines the receiver device's authorization to receive each logical channel, and wherein the authorization table further comprises an operation mask that determines whether or not the receiver device is authorized to operate on a specified network and wherein the service mask entry for each logical channel determines operational attributes associated with the logical channel and wherein the service mask further contains a CPE operation mask that stores control attributes for the receiver device; at least one bouquet association table (BAT) having a unique identifier stored in the receiver device, that stores an association between a collection of logical channels and a service tier authorized for the receiver device; wherein, at least a portion of contents of the authorization table is received in a third encrypted private Entitlement Management Message (EMM) message in order to establish the mapping of a logical channel to a key pair identifier without need to change the library of key pairs, where the encrypted private EMM is devoid of any key associated with any logical channel in the library of key pairs but instead provides the key index associated with a logical channel so that the key index can be used to access a selected key from the library of key pairs; and means responsive to a user input for selecting one of the plurality of logical channels in the authorization table to identify a key index associated with the selected logical channel, and for further using the key index to select a key pair from the key table for use by the decrypter in decrypting the transport stream. 24. The receiver device according to claim 23, further comprising a DOCSIS modem forming a part of the receiver device, and wherein the EMM messages are received by the receiver device over the DOCSIS modem via an out of band channel. 25. The receiver device according to claim 23, wherein the EMM messages are received by the receiver device using an inband channel. 26. The receiver device according to claim 23, wherein the first secure persistent storage medium and the second secure persistent storage medium comprise separate portions of a single storage device. 27. The receiver device according to claim 23, wherein the first and second secure persistent storage medium are mechanically secured within the receiver device such that the key table and the authorization table are inaccessible in unencrypted form. 28. The receiver device according to claim 23, wherein the key table contains at least about 8,000,000 unique key pairs. 29. A method of enabling a receiver device to decrypt digital television signals, comprising: storing a plurality of key pairs in a key table in secure persistent storage in the receiver device, with each key pair corresponding to a key index, where the key table forms a library of key pairs that can be accessed by the key index to select a particular key pair; where the key index comprises a memory address; receiving a first private Entitlement Management Message (EMM) at the receiver device containing a mapping of one logical channel mapped in a mapping to a key index identifying a key pair used for decrypting the logical channel in order to establish or change the mapping of a logical channel to a key pair identifier without need to change the library of key pairs, where the encrypted private EMM is devoid of any key associated with any logical channel in the library of key pairs, but instead provides the key index associated with a logical channel so that the key index can be used to access a selected key from the library of key pairs; where the mapping maps a each logical channel to a key index, and where there are more key indices than logical channels; storing the mapping in an authorization table along with a key index and a service mask entry for each logical channel that determines authorization to access each logical channel and operational attributes associated with the logical channel and further storing a CPE operation mask of control attributes for the receiver device; storing at least one bouquet association table (BAT) having a unique identifier stored in the receiver device, that stores an association between a collection of logical channels and a service tier authorized for the receiver device; receiving a command to tune to a specified logical channel; referencing the authorization table to determine if the receiver device is authorized to tune to the specified logical channel; if the receiver device is authorized to tune to the specified logical channel, tuning to the specified channel and demodulating a digital transport stream; referencing the authorization table to retrieve an index value that maps a key pair to the logical channel; and decrypting the transport stream using the key pair, with one key of the key pair being used at a time. 30. The method according to claim 29, wherein the receiver device comprises a DOCSIS modem, and wherein the first EMM is received by the receiver device over the DOCSIS modem via an out of band channel. 31. The method according to claim 29, wherein the first EMM is received by the receiver device using an inband channel. 32. The method according to claim 29, wherein at least a portion of the contents of the key table is received in a second encrypted private (EMM) message. 33. The method according to claim 32, wherein the receiver device further comprises a DOCSIS modem, and wherein the second EMM is received by the receiver device over the DOCSIS modem via an out of band channel. 34. The method according to claim 32, wherein the second EMM is received by the receiver device using an inband channel. 35. The method according to claim 32, wherein the second encrypted private EMM message updates the key table and contains a collection of either odd keys or even keys only, whereby, no single EMM message for updating the key table contains both odd keys and even keys. 36. The method according to claim 32, wherein at least a portion of the keys in the key table is replaced by receipt of a pair of encrypted private EMM message, with one containing replacement odd keys the other containing replacement even keys. 37. The method according to claim 29, wherein a new set of odd keys is only stored in the key table during a time when an odd key is currently in use by the decrypter, and wherein a new set of even keys is only stored in the key table during a time when an even key is currently in use by the decrypter. 38. The method according to claim 29, wherein the authorization table further comprises an operation mask that determines whether or not the receiver device is authorized to operate on a specified network. 39. A non-transitory computer readable storage medium storing instructions which, when executed on a programmed processor, carry out a process according to claim 29. |
Details for Patent 8,050,406
| Applicant | Tradename | Biologic Ingredient | Dosage Form | BLA | Approval Date | Patent No. | Expiredate |
|---|---|---|---|---|---|---|---|
| Emergent Biosolutions Canada Inc. | BAT | botulism antitoxin heptavalent (a, b, c, d, e, f, g) - (equine) | Solution | 125462 | 03/22/2013 | ⤷ Try a Trial | 2025-06-07 |
| >Applicant | >Tradename | >Biologic Ingredient | >Dosage Form | >BLA | >Approval Date | >Patent No. | >Expiredate |
Make Better Decisions: Try a trial or see plans & pricing
Drugs may be covered by multiple patents or regulatory protections. All trademarks and applicant names are the property of their respective owners or licensors. Although great care is taken in the proper and correct provision of this service, thinkBiotech LLC does not accept any responsibility for possible consequences of errors or omissions in the provided data. The data presented herein is for information purposes only. There is no warranty that the data contained herein is error free. thinkBiotech performs no independent verification of facts as provided by public sources nor are attempts made to provide legal or investing advice. Any reliance on data provided herein is done solely at the discretion of the user. Users of this service are advised to seek professional advice and independent confirmation before considering acting on any of the provided information. thinkBiotech LLC reserves the right to amend, extend or withdraw any part or all of the offered service without notice.
© Copyright 2002-2024 thinkBiotech LLC
ISSN: 2162-2639
Privacy and Cookies
Terms & Conditions
Site Map
DrugPatentWatch Alternatives
LOE / Major Patent Expirations 2024 - 2025
NCE-1 Patent Challenge Dates 2024 - 2025
Trigger-based marketing for the life sciences
Get DrugPatentWatch Business Intelligence Reports at Amazon.com
DrugChatter - AI-based answers to questions about drugs
RxJam - HIPAA-ready chat for life sciences
ISSN: 2162-2639
Privacy and Cookies
Terms & Conditions
Site Map
DrugPatentWatch Alternatives
LOE / Major Patent Expirations 2024 - 2025
NCE-1 Patent Challenge Dates 2024 - 2025
Trigger-based marketing for the life sciences
Get DrugPatentWatch Business Intelligence Reports at Amazon.com
DrugChatter - AI-based answers to questions about drugs
RxJam - HIPAA-ready chat for life sciences
Preferred Citation:
Friedman, Yali. "DrugPatentWatch" DrugPatentWatch, thinkBiotech, 2024, www.DrugPatentWatch.com.
See Primary Research Papers Citing DrugPatentWatch
Links
Follow DrugPatentWatch:
