TERMINAL AUTHENTICATION APPARATUS AND METHOD IN DOWNLOADABLE CONDITIONAL ACCESS SYSTEM
    1.
    发明申请
    TERMINAL AUTHENTICATION APPARATUS AND METHOD IN DOWNLOADABLE CONDITIONAL ACCESS SYSTEM 审中-公开
    终端验证装置和可下载条件访问系统的方法

    公开(公告)号:US20100162353A1

    公开(公告)日:2010-06-24

    申请号:US12613630

    申请日:2009-11-06

    IPC分类号: H04L9/32

    摘要: A terminal authentication apparatus and method in a Downloadable Conditional Access System (DCAS) is provided. The terminal authentication method may determine whether terminal authentication information, received from a DCAS terminal, is valid by referring to a database, may transmit DCAS image information and pairing information about the terminal authentication information to a user terminal, when the terminal authentication information is valid, and thereby may enable the DCAS terminal to set the user terminal based on the pairing information.

    摘要翻译: 提供了一种可下载条件访问系统(DCAS)中的终端认证装置和方法。 终端认证方法可以通过参考数据库来确定从DCAS终端接收的终端认证信息是否有效,当终端认证信息有效时,可以向用户终端发送DCAS图像信息和关于终端认证信息的配对信息 从而可以使得DCAS终端能够基于配对信息来设置用户终端。

    HEADEND SYSTEM FOR DOWNLOADABLE CONDITIONAL ACCESS SERVICE AND METHOD OF OPERATING THE SAME
    2.
    发明申请
    HEADEND SYSTEM FOR DOWNLOADABLE CONDITIONAL ACCESS SERVICE AND METHOD OF OPERATING THE SAME 有权
    用于可下载的条件访问服务的头文件系统及其操作方法

    公开(公告)号:US20090144539A1

    公开(公告)日:2009-06-04

    申请号:US12246663

    申请日:2008-10-07

    IPC分类号: H04L9/00

    摘要: A method of operating a headend system for a downloadable conditional access service, the method including: receiving, by an Authentication Proxy (AP) server, basic authentication information from a Downloadable Conditional Access System (DCAS) host, the basic authentication information being required to authenticate the DCAS host; transmitting, by the AP server, the basic authentication information to an external trusted authority device which authenticates the DCAS host; generating, by the AP server, a session key for encrypting/decrypting a secure micro client using a session key sharing factor; obtaining, by the AP server, download-related information of the secure micro client from a DCAS Provisioning Server (DPS); and commanding, by the AP server, an Integrated Personalization System (IPS) server to download the secure micro client to the DCAS host based on the download-related information, the secure micro client being encrypted by the session key.

    摘要翻译: 一种操作用于可下载条件访问服务的头端系统的方法,所述方法包括:由认证代理(AP)服务器从可下载条件访问系统(DCAS)主机接收基本认证信息,所述基本认证信息需要 验证DCAS主机; 由AP服务器将基本认证信息发送给认证DCAS主机的外部可信管理设备; 由AP服务器生成用于使用会话密钥共享因子加密/解密安全微客户端的会话密钥; 由AP服务器从DCAS配给服务器(DPS)获取安全微客户端的下载相关信息; 并且由AP服务器命令集成个性化系统(IPS)服务器,以便基于下载相关信息将安全微客户端下载到DCAS主机,安全微客户端被会话密钥加密。

    APPARATUS AND METHOD FOR MUTUAL AUTHENTICATION IN DOWNLOADABLE CONDITIONAL ACCESS SYSTEM
    3.
    发明申请
    APPARATUS AND METHOD FOR MUTUAL AUTHENTICATION IN DOWNLOADABLE CONDITIONAL ACCESS SYSTEM 审中-公开
    可下载的条件访问系统中的互相认证的装置和方法

    公开(公告)号:US20100235626A1

    公开(公告)日:2010-09-16

    申请号:US12719928

    申请日:2010-03-09

    IPC分类号: H04L9/32 H04N7/167

    摘要: A mutual authentication apparatus in a Downloadable Conditional Access System (DCAS) includes an announce protocol processor to authenticate SecurityAnnounce information using an Authentication Proxy (AP) and to transmit the authenticated SecurityAnnounce information to a Secure Micro (SM), a keying protocol processor to relay KeyRequest information and KeyResponse information between a Trusted Authority (TA) and the SM in response to the SecurityAnnounce information, a decryption unit to decrypt the KeyResponse information using the SM, an authentication protocol processor to determine whether a first encryption key of the KeyResponse information is identical to a second encryption key generated by the AP, and a download protocol processor to control DownloadInfo to be transmitted from the AP to the SM, the DownloadInfo permitting the SM to download SM Client Image information.

    摘要翻译: 可下载条件接入系统(DCAS)中的相互认证装置包括通知协议处理器,用于使用认证代理(AP)来认证安全宣告信息,并将认证的安全公告信息发送到安全微型(SM),密钥协议处理器进行中继 响应于SecurityAnnounce信息的可信管理机构(TA)和SM之间的KeyRequest信息和KeyResponse信息,使用SM解密KeyResponse信息的解密单元,用于确定KeyResponse信息的第一加密密钥是否为 与由AP产生的第二加密密钥相同,以及下载协议处理器,用于控制从AP到SM的下载信息,所述下载信息允许SM下载SM客户端映像信息。

    METHOD AND APPARATUS FOR DETECTING MOVEMENT OF DOWNLOADABLE CONDITIONAL ACCESS SYSTEM HOST IN DCAS NETWORK
    5.
    发明申请
    METHOD AND APPARATUS FOR DETECTING MOVEMENT OF DOWNLOADABLE CONDITIONAL ACCESS SYSTEM HOST IN DCAS NETWORK 审中-公开
    用于检测DCAS网络中可下载条件访问系统主机运动的方法和装置

    公开(公告)号:US20090138720A1

    公开(公告)日:2009-05-28

    申请号:US12191347

    申请日:2008-08-14

    IPC分类号: H04L9/06

    摘要: A method of operating a Secure Micro (SM) of a host in a Conditional Access (CA) system is provided. The method includes: receiving, by the SM, a SecurityAnnounce message including a certificate of an AP server connected with a host; determining, by the SM, whether a public key stored in a memory in advance exists, and setting a flag as a first state when the public key stored in advance exists; verifying, by the SM, a digital signature with respect to the SecurityAnnounce message using the public key stored in advance; and acquiring, by the SM, another public key of the AP server by parsing the certificate and setting the flag as a second state based on whether the flag corresponds to the first state when the SM is unable to verify the digital signature.

    摘要翻译: 提供了一种在条件访问(CA)系统中操作主机的安全Micro(SM)的方法。 该方法包括:由SM接收包括与主机连接的AP服务器的证书的SecurityAnnounce消息; 通过SM确定是否存在存储在存储器中的公开密钥,并且当预先存储的公钥存在时将标志设置为第一状态; 使用预先存储的公钥,通过SM验证关于SecurityAnnounce消息的数字签名; 以及通过解析所述证书并且当所述SM不能验证所述数字签名时所述标志是否对应于所述第一状态,将所述标志设置为第二状态,由所述SM获取所述AP服务器的另一公钥。

    CABLE NETWORK SYSTEM AND METHOD FOR CONTROLLING SECURITY IN CABLE NETWORK ENCRYPTED DYNAMIC MULTICAST SESSION
    6.
    发明申请
    CABLE NETWORK SYSTEM AND METHOD FOR CONTROLLING SECURITY IN CABLE NETWORK ENCRYPTED DYNAMIC MULTICAST SESSION 有权
    电缆网络系统和控制电缆网络加密动态多播会话安全的方法

    公开(公告)号:US20090144544A1

    公开(公告)日:2009-06-04

    申请号:US12190661

    申请日:2008-08-13

    IPC分类号: H04L9/00

    CPC分类号: H04L63/065 H04L12/2861

    摘要: A security control method in a cable network dynamic multicast session, and more particularly, a method of controlling forward secrecy and backward secrecy in a Data Over Cable Service Interface Specifications (DOCSIS) 3.0 network dynamic multicast session is provided. A security control method in a cable network dynamic multicast session, includes: maintaining a multicast group that is allocated with a first Downstream Service Identifier (DSID) and a first Security Association Identifier (SAID) and that is joined by a first cable modem and a second cable modem; receiving a LeaveMulticastSession message from the second cable modem; exchanging, corresponding to the LeaveMulticastSession message, a Dynamic Bonding Change (DBC) message for changing a multicast parameter with the second cable modem; and updating a first Traffic Encryption Key (TEK) corresponding to the first DSID with a second TEK.

    摘要翻译: 提供了一种有线网络动态多播会话中的安全控制方法,特别是提供了一种在数据有线服务接口规范(DOCSIS)3.0网络动态多播会话中控制前向保密和向后保密的方法。 有线网络动态多播会话中的安全控制方法包括:维护被分配有第一下行业务标识符(DSID)和第一安全关联标识符(SAID)的组播组,并由第一电缆调制解调器和 第二个电缆调制解调器 从所述第二电缆调制解调器接收LeaveMulticastSession消息; 交换对应于LeaveMulticastSession消息的动态绑定改变(DBC)消息,用于利用第二电缆调制解调器改变多播参数; 以及用第二TEK更新对应于所述第一DSID的第一业务加密密钥(TEK)。

    METHOD AND SYSTEM OF DOWNLOADABLE CONDITIONAL ACCESS USING DISTRIBUTED TRUSTED AUTHORITY
    7.
    发明申请
    METHOD AND SYSTEM OF DOWNLOADABLE CONDITIONAL ACCESS USING DISTRIBUTED TRUSTED AUTHORITY 审中-公开
    使用分布式有效授权的可下载条件访问的方法和系统

    公开(公告)号:US20110072260A1

    公开(公告)日:2011-03-24

    申请号:US12650001

    申请日:2009-12-30

    IPC分类号: H04L29/06

    摘要: Disclosed is a downloadable conditional access system (DCAS) and an operational method thereof that distributes a part of a function of a Trusted Authority to each multiple system operator (MSO) to enable the MSO server to process authentication with respect to a secure micro (SM) chip and a transport processor (TP) chip, and thus, a normal DCAS service is possible even when there is a problem with a security, and a DCAS host terminal for rental use is effectively operated.

    摘要翻译: 公开了一种可下载条件访问系统(DCAS)及其操作方法,其将可信管理机构的功能的一部分分发给每个多系统运营商(MSO),以使MSO服务器能够处理关于安全微服务(SM)的认证 )芯片和传输处理器(TP)芯片,因此即使存在安全性问题,也可以进行正常的DCAS服务,并且有效地使用用于租赁用途的DCAS主机终端。

    METHOD AND APPARATUS FOR MUTUAL AUTHENTICATION IN DOWNLOADABLE CONDITIONAL ACCESS SYSTEM
    8.
    发明申请
    METHOD AND APPARATUS FOR MUTUAL AUTHENTICATION IN DOWNLOADABLE CONDITIONAL ACCESS SYSTEM 有权
    在可下载的条件访问系统中进行认证的方法和装置

    公开(公告)号:US20090150672A1

    公开(公告)日:2009-06-11

    申请号:US12330729

    申请日:2008-12-09

    IPC分类号: H04L9/00 H04N7/167 H04K1/00

    摘要: Disclosed is a mutual authentication method and apparatus in a CAS including a headend system and DCAS host. In particular, example embodiments relate to a mutual authentication method and apparatus in DCAS, wherein the mutual authentication is performed between an authentication server of the headend system and an SM of a DCAS host, and then CAS software is downloaded to the SM. According to the example embodiments, there is provided a mutual authentication protocol between the authentication server of the headend and the SM of the DCAS host in a cable network, and also provided a mutual authentication method and apparatus in the DCAS where a substantial authentication based on a hardware, such as a smart card or a cable card, is not needed.

    摘要翻译: 公开了一种包括前端系统和DCAS主机的CAS中的相互认证方法和装置。 特别地,示例性实施例涉及DCAS中的相互认证方法和装置,其中在头端系统的认证服务器和DCAS主机的SM之间执行相互认证,然后将CAS软件下载到SM。 根据示例性实施例,在有线网络中提供前端的认证服务器和DCAS主机的SM之间的相互认证协议,并且还提供了在DCAS中的相互认证方法和装置,其中基于 不需要诸如智能卡或有线卡的硬件。