摘要:
A mutual authentication method in a Downloadable Conditional Access System (DCAS) is provided. The mutual authentication method may receive authentication-related information about authentication between an authentication unit and a security module (SM) from a Trusted Authority (TA), generate an authentication session key using the authentication-related information, transmit the authentication session key by the authentication unit to the SM through a Cable Modem Termination System (CMTS), and control a Conditional Access System (CAS) software to be downloaded to the SM from the authentication unit, when the authentication is completed by the authentication session key.
摘要:
A method of operating a headend system for a downloadable conditional access service, the method including: receiving, by an Authentication Proxy (AP) server, basic authentication information from a Downloadable Conditional Access System (DCAS) host, the basic authentication information being required to authenticate the DCAS host; transmitting, by the AP server, the basic authentication information to an external trusted authority device which authenticates the DCAS host; generating, by the AP server, a session key for encrypting/decrypting a secure micro client using a session key sharing factor; obtaining, by the AP server, download-related information of the secure micro client from a DCAS Provisioning Server (DPS); and commanding, by the AP server, an Integrated Personalization System (IPS) server to download the secure micro client to the DCAS host based on the download-related information, the secure micro client being encrypted by the session key.
摘要:
Disclosed is a mutual authentication method and apparatus in a CAS including a headend system and DCAS host. In particular, example embodiments relate to a mutual authentication method and apparatus in DCAS, wherein the mutual authentication is performed between an authentication server of the headend system and an SM of a DCAS host, and then CAS software is downloaded to the SM. According to the example embodiments, there is provided a mutual authentication protocol between the authentication server of the headend and the SM of the DCAS host in a cable network, and also provided a mutual authentication method and apparatus in the DCAS where a substantial authentication based on a hardware, such as a smart card or a cable card, is not needed.
摘要:
Disclosed is a downloadable conditional access system (DCAS) including a key request unit to transmit a key request message to an authentication server, an authentication request unit to request authentication from the authentication server based on a key response message received from the authentication server in response to the key request message, and a session establishment unit to establish a session with the authentication server, based on an authentication response message received in response to the authentication request.
摘要:
Disclosed is a downloadable conditional access system (DCAS) including a key request unit to transmit a key request message to an authentication server, an authentication request unit to request authentication from the authentication server based on a key response message received from the authentication server in response to the key request message, and a session establishment unit to establish a session with the authentication server, based on an authentication response message received in response to the authentication request.
摘要:
Provided is a re-authentication apparatus in a Downloadable Conditional Access System (DCAS), the re-authentication apparatus includes: a receiving unit to receive a key request message from a Secure Micro (SM); a determination unit to determine whether to perform re-authentication depending on downloading of SM client image; an identification unit to identify an SM identifier using the key request message, when the re-authentication is performed as a result of the determination; an extraction unit to retrieve previous session information corresponding to the SM identifier and to extract keying information about the previous session information; and an encryption unit to control an encryption key about the SM client image to be reused, the SM client image being encrypted in a previous session based on the previous session information using the keying information.
摘要:
A method of supporting a mobility of a Downloadable Conditional Access System (DCAS) host is provided. The method includes: by the second authentication proxy server: performing mutual authentication with a secure micro of the host to generate a session key; requesting an integrated personalization system to download a secure micro client to the host, wherein the secure micro client is encoded using the session key; and transmitting, to a DPS, mapping information between the second authentication proxy server and the secure micro of the host, wherein, in response to receiving the mapping information, the DPS instructs a CAS server to transmit an entitlement management message to the network of the second authentication proxy server without transmitting the entitlement management message to the network of the first authentication proxy server.
摘要:
A method of verifying a validity of a Secure Micro (SM) is provided. The method of verifying a validity of an SM, the method including: storing and maintaining a validity verification message used to verify the validity of the SM, the validity verification message being generated by a Trusted Authority (TA) based on unique information of the SM, and the SM and the TA sharing the unique information of the SM; and verifying the validity of the SM using the validity verification message and the unique information shared by the SM, when an SM client is executed.
摘要:
A method where a Downloadable Conditional Access System Provisioning Server (DPS) detects a duplicated secure micro is provided. A method of detecting a duplicated secure micro, the method including: generating authentication time difference information associated with a value of a difference between a time when a host is finally authenticated in a first address and a time when the host is authenticated in a second address; comparing the authentication time difference information with a first reference value and a second reference value, the second reference value being less than the first reference value; and determining whether the secure micro is duplicated based on a result of the comparing.
摘要:
A method of controlling a download load of a Secure Micro (SM) client in a Downloadable Conditional Access System (DCAS) is provided. The method of controlling a download load of an SM client including: analyzing version information of SMs and version information of SM clients to control the download load generated in the DCAS, the version information of the SMs and the version information of the SM clients being provided from an Authentication Proxy (AP) server, and the SM clients being installed in the SMs; determining a download policy associated with a download time of a target SM client for the SMs based on a result of the analysis; and providing the AP server with the determined download policy.