公开(公告)号：US08438621B2

公开(公告)日：2013-05-07

申请号：US11963127

申请日：2007-12-21

申请人： Jiang Zhang ,  Peter Chen ,  Bill Franks ,  Alexander Medvinsky

发明人： Jiang Zhang ,  Peter Chen ,  Bill Franks ,  Alexander Medvinsky

IPC分类号： G06F15/16

CPC分类号： H04L63/10 ,  G06F21/335 ,  G06F2221/2151 ,  H04L63/0807

摘要： A method, device and system for securely managing debugging processes within a communication device, such as a set top box or other multimedia processing device. For example, a security processor (SP) within the communication device manages the lifetime (LT) of any access token issued for use in activating debugging privileges within the communication device. The security processor authenticates an issued access token and securely delivers appropriate debug authorization information to the device controller. The security processor uses its secure, internal timer to count down the lifetime and update the remaining lifetime of the issued access token during the processing of each command by the security processor. In addition to securely managing the issuance of the access token and it's remaining lifetime, the updating process reduces any impact on the normal communications within the device. The method overcomes the issue of the communication device not having a secure internal clock.

摘要翻译： 一种用于在诸如机顶盒或其他多媒体处理设备的通信设备内安全地管理调试过程的方法，设备和系统。 例如，通信设备内的安全处理器（SP）管理为在激活通信设备内的调试权限而被使用的任何访问令牌的寿命（LT）。 安全处理器对发出的访问令牌进行身份验证，并将安全的传递适当的调试授权信息提供给设备控制器。 安全处理器使用其安全的内部定时器来计数生命周期，并且在安全处理器处理每个命令期间更新发出的访问令牌的剩余生命周期。 除了安全地管理访问令牌的发行和剩余的生命周期外，更新过程减少了对设备内正常通信的任何影响。 该方法克服了没有安全内​​部时钟的通信设备的问题。

公开(公告)号：US20110158411A1

公开(公告)日：2011-06-30

申请号：US12648416

申请日：2009-12-29

申请人： Alexander Medvinsky ,  Paul Moroney ,  Jiang Zhang

发明人： Alexander Medvinsky ,  Paul Moroney ,  Jiang Zhang

IPC分类号： H04L9/08 ,  H04L9/00

CPC分类号： H04L9/0833 ,  H04L9/0844 ,  H04L9/3263 ,  H04L63/06 ,  H04L63/0823 ,  H04L63/10 ,  H04L2209/80 ,  H04N21/26606 ,  H04N21/26613 ,  H04W12/04

摘要： In a method of registering a plurality of client devices with a device registration server for secure data communications, a unique symmetric key is generated for each of the client devices using a cryptographic function on a private key of the device registration server and a respective public key of each of the client devices, and a broadcast message containing the public key of the device registration server is sent to the client devices, in which the client devices are configured to generate a respective unique symmetric key from the public key of the device registration server and its own private key using a cryptographic function, and in which the unique symmetric key generated by each client device matches the respective unique symmetric key generated by the device registration server for the respective client device.

摘要翻译： 在使用用于安全数据通信的设备注册服务器登记多个客户端设备的方法中，使用设备注册服务器的私钥的密码功能和相应的公钥来为每个客户端设备生成独特的对称密钥 并且将包含设备注册服务器的公开密钥的广播消息发送到客户端设备，其中客户端设备被配置为从设备注册服务器的公开密钥生成相应的唯一对称密钥 和其自己的私钥使用加密功能，并且其中由每个客户端设备生成的唯一对称密钥与由相应客户端设备的设备注册服务器生成的相应唯一对称密钥匹配。

公开(公告)号：US20050071663A1

公开(公告)日：2005-03-31

申请号：US10672929

申请日：2003-09-26

申请人： Alexander Medvinsky ,  Petr Peterka ,  Jiang Zhang

发明人： Alexander Medvinsky ,  Petr Peterka ,  Jiang Zhang

IPC分类号： G06F21/00 ,  H04L9/00

CPC分类号： H04N21/43615 ,  G06F21/10 ,  H04N21/8355

摘要： Management of rights to content is provided within an authorized domain. In a single authorized domain, where a plurality of domain interfaces are protected using a common rights management system, a copy of particular content may be allowed to be provided on all devices or only on specific devices coupled to the domain via the interfaces. Copy protection information, for outputs to external devices not protected by the common rights management system, is also specified. Rules can be provided for specifying whether particular content may be copied or moved to another protected domain. A number of rendering devices permitted to render the content simultaneously may be specified. Content rules are provided for use in managing rights to content within an authorized domain. Such rules can be associated with content that is persistently stored by a consumer device, as well as with content that is only rendered by a consumer device.

摘要翻译： 在授权域内提供对内容权限的管理。 在单个授权域中，其中使用共同权限管理系统来保护多个域接口，可以允许在所有设备上或仅通过经由接口耦合到域的特定设备上提供特定内容的副本。 还规定了将保护信息复制到不受普通版权管理系统保护的外部设备的输出。 可以提供规则来指定特定内容是否可以被复制或移动到另一个受保护的域。 可以指定允许同时呈现内容的多个渲染设备。 提供内容规则用于管理授权域内的内容权限。 这样的规则可以与由消费者设备持久存储的内容以及仅由消费者设备呈现的内容相关联。

公开(公告)号：US20110161660A1

公开(公告)日：2011-06-30

申请号：US12648768

申请日：2009-12-29

申请人： Jiang Zhang ,  Alexander Medvinsky ,  Paul Moroney ,  Petr Peterka

发明人： Jiang Zhang ,  Alexander Medvinsky ,  Paul Moroney ,  Petr Peterka

IPC分类号： H04L9/32 ,  G06F21/20 ,  H04L29/06 ,  G06F7/58

CPC分类号： H04L63/061 ,  H04L9/0841 ,  H04L9/3226 ,  H04L9/3263 ,  H04L9/3271 ,  H04L63/0442 ,  H04L63/0823 ,  H04L63/0869 ,  H04L63/123 ,  H04L2463/061

摘要： In a method of temporarily registering a second device with a first device, in which the first device includes a temporary registration mode, the temporary registration mode in the first device is activated, a temporary registration operation in the first device is initiated from the second device, a determination as to whether the second device is authorized to register with the first device is made, and the second device is temporarily registered with the first device in response to a determination that the second device is authorized to register with the first device, in which the temporary registration requires that at least one of the second device and the first device delete information required for the temporary registration following at least one of a determination of a network connection between the first device and the second device and a powering off of at least one of the first device and the second device.

摘要翻译： 在第一设备暂时注册第二设备的方法中，其中第一设备包括临时注册模式，激活第一设备中的临时注册模式，从第二设备启动第一设备中的临时注册操作 进行关于第二设备是否被授权向第一设备注册的确定，并且响应于第二设备被授权向第一设备注册的确定，第二设备被临时登记到第一设备， 所述暂时注册要求所述第二设备和所述第一设备中的至少一个删除在所述第一设备和所述第二设备之间的网络连接的确定中的至少一个之后临时注册所需的信息，以及至少 第一个设备和第二个设备之一。

公开(公告)号：US20130091353A1

公开(公告)日：2013-04-11

申请号：US13564643

申请日：2012-08-01

申请人： Jiang Zhang ,  Alexander Medvinsky ,  Kwan Chen ,  Paul Moroney ,  Petr Peterka

发明人： Jiang Zhang ,  Alexander Medvinsky ,  Kwan Chen ,  Paul Moroney ,  Petr Peterka

IPC分类号： H04L9/32 ,  H04L9/08

CPC分类号： H04L9/3268 ,  H04L9/0825 ,  H04L9/083 ,  H04L2209/16

摘要： A method and apparatus are for transferring a client device certificate and an associated encrypted client private key to a client device from a secure device. The secure device receives over a secure connection, a secure device certificate, a secure device private key and a plurality of client device certificates. Each client certificate is associated with a bootstrap public key but is not assigned to any particular client device. A plurality of encrypted client private keys is also received. Each of the encrypted client private keys comprises a client private key associated with one of the client device certificates encrypted with the bootstrap public key. The plurality of client device certificates is stored. The encrypted client private keys are stored in double encrypted protected form. A client device certificate and an associated encrypted client private key are transferred to a client device that has successfully registered with the secure device.

摘要翻译： 一种方法和装置用于将客户端设备证书和相关联的加密的客户端私钥从安全设备传送到客户端设备。 安全设备通过安全连接，安全设备证书，安全设备私钥和多个客户端设备证书接收。 每个客户端证书与引导公钥相关联，但不分配给任何特定的客户端设备。 还接收多个加密的客户端私钥。 每个加密的客户端专用密钥包括与用引导公钥加密的客户端设备证书之一相关联的客户端专用密钥。 存储多个客户端设备证书。 加密的客户端私钥以双加密保护形式存储。 客户端设备证书和相关联的加密客户端私钥被传送到已经成功地向安全设备注册的客户端设备。

公开(公告)号：US08327125B2

公开(公告)日：2012-12-04

申请号：US12647865

申请日：2009-12-28

申请人： Jiang Zhang ,  Kun-Pei P. Chen ,  Alexander Medvinsky

发明人： Jiang Zhang ,  Kun-Pei P. Chen ,  Alexander Medvinsky

IPC分类号： G06F9/24 ,  G06F15/177 ,  H04L9/32

CPC分类号： G06F21/72 ,  G06F21/575

摘要： In a method for securing content in a system containing a security processor configured to control access to the content by a main processor, in which main processor being configured to send heartbeats to the security processor, a determination as to whether at least one heartbeat was received within a predicted time interval is made and in response to a determination that at least one heartbeat was not received with the predicted time interval, access to the content by the main processor is ceased.

摘要翻译： 在一种用于保护包含安全处理器的系统中的内容的方法中，该系统被配置为控制由主处理器访问内容，其中主处理器被配置为向安全处理器发送心跳，确定是否接收到至少一个心跳 在预测的时间间隔内，并且响应于在预测的时间间隔内未接收到至少一个心跳的确定，停止对主处理器对内容的访问。

公开(公告)号：US20120155647A1

公开(公告)日：2012-06-21

申请号：US12974992

申请日：2010-12-21

申请人： Jiang Zhang ,  Alexander Medvinsky

发明人： Jiang Zhang ,  Alexander Medvinsky

IPC分类号： H04L9/08

CPC分类号： H04L9/0891 ,  H04L9/0822 ,  H04L9/083 ,  H04L9/0869

摘要： A client device which utilizes a unit derivation key (UDK), a current unit key, a current unit key index (UKI) and a received UKI. The client device includes a processor to receive the received UKI, compare the received UKI with a current UKI, if the received UKI is not equivalent to the current UKI, utilize the UDK, the current unit key and the received UKI to derive a new unit key. A headend facility (HF) device which utilizes a current unit key and a current unit key index (UKI). A key infrastructure center (KIC) device which utilizes a derivation key.

摘要翻译： 使用单位派生密钥（UDK），当前单位密钥，当前单位密钥索引（UKI）和接收的UKI的客户端设备。 客户端设备包括一个处理器，用于接收所接收的UKI，将接收的UKI与当前的UKI进行比较，如果接收到的UKI不等于当前的UKI，则使用UDK，当前单元密钥和接收的UKI来导出新的单元 键。 使用当前单元密钥和当前单元密钥索引（UKI）的头端设备（HF）设备。 使用推导密钥的关键基础设施中心（KIC）设备。

公开(公告)号：US20110161645A1

公开(公告)日：2011-06-30

申请号：US12647865

申请日：2009-12-28

申请人： Jiang Zhang ,  Kun-Pei P. Chen ,  Alexander Medvinsky

发明人： Jiang Zhang ,  Kun-Pei P. Chen ,  Alexander Medvinsky

IPC分类号： G06F15/177 ,  G06F21/24 ,  H04L9/08 ,  H04L9/32

CPC分类号： G06F21/72 ,  G06F21/575

摘要： In a method for securing content in a system containing a security processor configured to control access to the content by a main processor, in which main processor being configured to send heartbeats to the security processor, a determination as to whether at least one heartbeat was received within a predicted time interval is made and in response to a determination that at least one heartbeat was not received with the predicted time interval, access to the content by the main processor is ceased.

摘要翻译： 在一种用于保护包含安全处理器的系统中的内容的方法中，该系统被配置为控制由主处理器访问内容，其中主处理器被配置为向安全处理器发送心跳，确定是否接收到至少一个心跳 在预测的时间间隔内，并且响应于在预测的时间间隔内未接收到至少一个心跳的确定，停止对主处理器对内容的访问。

公开(公告)号：US20090165111A1

公开(公告)日：2009-06-25

申请号：US11963127

申请日：2007-12-21

申请人： Jiang Zhang ,  Peter Chen ,  Bill Franks ,  Alexander Medvinsky

发明人： Jiang Zhang ,  Peter Chen ,  Bill Franks ,  Alexander Medvinsky

IPC分类号： H04L9/32 ,  H04L9/08

CPC分类号： H04L63/10 ,  G06F21/335 ,  G06F2221/2151 ,  H04L63/0807

摘要： A method, device and system for securely managing debugging processes within a communication device, such as a set top box or other multimedia processing device. For example, a security processor (SP) within the communication device manages the lifetime (LT) of any access token issued for use in activating debugging privileges within the communication device. The security processor authenticates an issued access token and securely delivers appropriate debug authorization information to the device controller. The security processor uses its secure, internal timer to count down the lifetime and update the remaining lifetime of the issued access token during the processing of each command by the security processor. In addition to securely managing the issuance of the access token and it's remaining lifetime, the updating process reduces any impact on the normal communications within the device. The method overcomes the issue of the communication device not having a secure internal clock.

摘要翻译： 一种用于在诸如机顶盒或其他多媒体处理设备的通信设备内安全地管理调试过程的方法，设备和系统。 例如，通信设备内的安全处理器（SP）管理为在激活通信设备内的调试权限而被使用的任何访问令牌的寿命（LT）。 安全处理器对发出的访问令牌进行身份验证，并将安全的传递适当的调试授权信息提供给设备控制器。 安全处理器使用其安全的内部定时器来计数生命周期并且在安全处理器处理每个命令期间更新所发出的访问令牌的剩余生命周期。 除了安全地管理访问令牌的发行和剩余的生命周期外，更新过程减少了对设备内正常通信的任何影响。 该方法克服了没有安全内​​部时钟的通信设备的问题。

公开(公告)号：US09003197B2

公开(公告)日：2015-04-07

申请号：US12056721

申请日：2008-03-27

申请人： Jiang Zhang ,  Peter Chen ,  Alexander Medvinsky

发明人： Jiang Zhang ,  Peter Chen ,  Alexander Medvinsky

IPC分类号： G06F11/30 ,  H04L9/08 ,  G06F21/76 ,  G06F12/14 ,  G06F21/73

CPC分类号： G06F21/76 ,  G06F12/1466 ,  G06F21/73 ,  G06F2221/2129

摘要： A method, device and system for authenticating a programmable hardware device, such as a programmable hardware chip, and a command received by the programmable hardware device. A secure processor or other trusted source authenticates the programmable hardware chip by verifying, with the secure processor's own verification key, a random number sent to the programmable hardware chip and encrypted using a verification key embedded within the programmable hardware chip, since the nature of the encryption is such that only the original logic function that includes the verification key can encrypt the data correctly. A command received by the programmable hardware chip is authenticated by verifying that a command authentication token received by the programmable hardware chip is generated using the correct command authentication key and consequently verifying that the command is received from the secure processor, as only the party who has the command authentication key can encrypt the data correctly.

摘要翻译： 用于认证可编程硬件设备（诸如可编程硬件芯片）和由可编程硬件设备接收的命令的方法，设备和系统。 安全处理器或其他可信源通过使用安全处理器自己的验证密钥验证发送到可编程硬件芯片的随机数并使用嵌入在可编程硬件芯片内的验证密钥进行加密来验证可编程硬件芯片，因为 加密只有包含验证密钥的原始逻辑功能才能正确加密数据。 由可编程硬件芯片接收的命令通过验证使用正确的命令认证密钥生成由可编程硬件芯片接收到的命令认证令牌，从而验证从安全处理器接收到该命令的认证，只有具有 命令认证密钥可以正确加密数据。