-
公开(公告)号:US06711684B1
公开(公告)日:2004-03-23
申请号:US09394765
申请日:1999-09-13
IPC分类号: G06F1214
CPC分类号: G06F21/572 , G06F8/66 , G06F12/1408 , G06F21/64 , G06F21/71 , G06F21/72 , G06F21/73 , G06F21/74 , G06F2207/7219 , G06F2221/2105 , G06F2221/2129 , G06F2221/2147
摘要: Methods and an apparatus for storing information in a processing device with flexible security are disclosed. In one embodiment, a method stores information within the processing device. The method receives a download via a first input path which includes a first breakable link and stores the download within the processing device. At some point, a key is also stored within the processing device. A ciphertext download is received via a second input path which includes a second breakable link. The ciphertext download is decrypted utilizing the key and the resulting plaintext download is stored within the processing device.
摘要翻译: 公开了一种在具有灵活安全性的处理设备中存储信息的方法和装置。 在一个实施例中,方法将信息存储在处理设备内。 该方法经由包括第一可破坏链路的第一输入路径接收下载,并将该下载存储在处理设备内。 在某一点上,密钥也存储在处理设备内。 经由包括第二可破坏链路的第二输入路径接收密文下载。 使用密钥对密文下载进行解密,并将所得到的明文下载存储在处理设备内。
-
公开(公告)号:US07305555B2
公开(公告)日:2007-12-04
申请号:US10109111
申请日:2002-03-27
申请人: John I. Okimoto , Eric J. Sprunk , Lawrence W. Tang , Annie On-yee Chen , Bridget Kimball , Douglas Petty
发明人: John I. Okimoto , Eric J. Sprunk , Lawrence W. Tang , Annie On-yee Chen , Bridget Kimball , Douglas Petty
IPC分类号: H04L9/00 , H04K1/00 , G06F11/30 , G06F12/14 , G06Q40/00 , H04L9/32 , H04N7/167 , H04N1/44 , H04K1/02
CPC分类号: H04N21/254 , H04N7/163 , H04N21/2543 , H04N21/26609 , H04N21/4181 , H04N21/4367 , H04N21/4623
摘要: A system is described for uniquely mating components of a communication network such as a smartcard and a set-top box. When mated, the smartcard and set-top box are tied together and have a single identity. Further, the smartcard operates properly only when inserted into an authorized set-top box. Exchanges of information between both components are secured by encryption and authentication to guard against piracy of the exchanged information. The system provides the same authentication key to the set-top box and the smartcard. This key is used for authenticating communication between the set-top box and the smartcard. First, the authentication key is encrypted by a set-top box mating key. The set-top box employs this mating key to decrypt the authentication key. After it is derived, the authentication key is stored in the set-top box's memory. Further, the same authentication key is encrypted by a smartcard mating key. Thereafter, the smartcard employs the smartcard mating key to extract the authentication key. The clear authentication key is stored in the smartcard's memory as well. In this manner, the authentication key is used for securing all communication between the set-top box and the smart-card. For example, the set-top box may request control words from the smartcard. Only after authenticating the request, are the control words for decrypting digital content provided to the set-top box. If the smartcard authentication key is different from the set-top box key, the request for control words is denied.
摘要翻译: 描述了用于唯一地匹配诸如智能卡和机顶盒之类的通信网络的组件的系统。 当配对时,智能卡和机顶盒被捆绑在一起并具有单一身份。 此外,仅当插入授权的机顶盒时,智能卡才能正常运行。 通过加密和认证来确保两个组件之间的信息交换,以防止所交换信息的盗版。 系统向机顶盒和智能卡提供相同的认证密钥。 该密钥用于认证机顶盒和智能卡之间的通信。 首先,认证密钥由机顶盒配对密钥加密。 机顶盒采用这种配对密钥来解密认证密钥。 导出后,身份验证密钥存储在机顶盒的内存中。 此外,相同的认证密钥由智能卡配对密钥加密。 此后,智能卡采用智能卡配对密钥来提取认证密钥。 清除认证密钥也存储在智能卡的存储器中。 以这种方式,认证密钥用于保护机顶盒和智能卡之间的所有通信。 例如,机顶盒可以从智能卡请求控制字。 只有在认证请求之后,才是解密提供给机顶盒的数字内容的控制字。 如果智能卡认证密钥与机顶盒密钥不同,则拒绝对控制字的请求。
-
公开(公告)号:US07929483B2
公开(公告)日:2011-04-19
申请号:US11026413
申请日:2004-12-30
申请人: Bridget D. Kimball , Michael T. Habrat , John I. Okimoto , Douglas M. Petty , Eric J. Sprunk , Lawrence W. Tang
发明人: Bridget D. Kimball , Michael T. Habrat , John I. Okimoto , Douglas M. Petty , Eric J. Sprunk , Lawrence W. Tang
IPC分类号: H04B7/212
CPC分类号: G06F21/10 , G06F21/725 , H04L63/123 , H04L2463/121
摘要: The present invention discloses a system and method for providing a secured system time reference to a subscriber device, e.g., a set top box or a receiver. In one embodiment, the system time reference is provided in a secure system time message that is broadcasted to a plurality of subscriber devices. Each subscriber device has a security device or software application that is capable of determining whether the received system time reference is legitimate. If the system time reference is determined to be legitimate, a local time reference is synchronized with said received system time reference.
摘要翻译: 本发明公开了一种用于向订户设备(例如机顶盒或接收机)提供安全系统时间参考的系统和方法。 在一个实施例中,在广播到多个订户设备的安全系统时间消息中提供系统时间参考。 每个用户设备具有能够确定所接收的系统时间参考是否合法的安全设备或软件应用。 如果确定系统时间参考是合法的,则将本地时间基准与所接收的系统时间参考同步。
-
4.发明授权Method to leverage a secure device to grant trust and identity to a second device 有权利用安全设备向第二设备授予信任和身份的方法公开(公告)号:US07764793B2
公开(公告)日:2010-07-27
申请号:US11255113
申请日:2005-10-20
申请人: Xin Qiu , Bridget D. Kimball , Eric J. Sprunk , Lawrence W. Tang
发明人: Xin Qiu , Bridget D. Kimball , Eric J. Sprunk , Lawrence W. Tang
CPC分类号: H04L9/083 , H04L9/0841 , H04L63/0428 , H04L2463/062
摘要: According to one embodiment of the invention a system is utilized to leverage the security arrangement between a first and second device to establish a secure link between the first device and a third device. One embodiment of the invention is particularly suitable for loading security data on a set top box, such as that utilized in the cable television industry.
摘要翻译: 根据本发明的一个实施例,利用系统利用第一和第二设备之间的安全布置来建立第一设备和第三设备之间的安全链路。 本发明的一个实施例特别适合于将安全数据加载在诸如有线电视工业中使用的机顶盒上。
-
公开(公告)号:US07929701B1
公开(公告)日:2011-04-19
申请号:US10049812
申请日:2000-01-28
申请人: Eric J. Sprunk , Paul Moroney
发明人: Eric J. Sprunk , Paul Moroney
CPC分类号: H04L29/06027 , G06F12/1408 , G06F21/606 , G06F2207/7219 , G06F2211/008 , G06F2221/2129 , H04L9/3263 , H04L63/0435 , H04L63/062 , H04L63/30 , H04L65/1043 , H04L2209/56 , Y02E50/17
摘要: Multiple public/private key pairs of varying levels of security are used to provide a high level of security while still allowing fast processing of encrypted information. The lower-security level includes keys that are small in length, that are changed relatively often, and that require less or fewer resources to implement their functions. When it is required to change key pairs of low security, a key pair at a higher security level (i.e., longer length keys) than the lower-security level keys is used to transfer the new lower-security public keys to devices using those keys. The higher-security keys can, in turn, be changed at a frequency lower than the lower-security keys. The higher-security keys require a higher level of resources to perform their coding operations. This approach of using keys of escalating levels of security to replace lower-security keys, where the higher-security keys require more resources, are more secure, and are replaced less often than the lower-security keys, can be followed as many times as is desired to create a hierarchy of public key uses with the result that the lower-security operations can be performed quickly while the overall system security is high.
摘要翻译: 使用不同级别的安全性的多个公钥/私钥对来提供高水平的安全性,同时仍然允许加密信息的快速处理。 较低安全级别包括长度较小的密钥,相对频繁地更改,并且需要较少或较少的资源来实现其功能。 当需要更改低安全性的密钥对时,使用比较低安全级别密钥更高的安全级别的密钥对(即较长的密钥)将新的较低安全性的公钥传输到使用这些密钥的设备 。 更高安全性的密钥又可以以低于较低安全密钥的频率进行更改。 较高安全性的密钥需要更高级别的资源来执行编码操作。 使用升级级别的安全性的密钥替代较低安全性密钥(其中较高安全性密钥需要更多资源)的方法更安全,并且被替换的次数低于较低安全密钥,可以跟随多次 需要创建公共密钥使用的层次结构,结果是可以在整个系统安全性较高的情况下快速执行较低安全性的操作。
-
公开(公告)号:US08544077B2
公开(公告)日:2013-09-24
申请号:US12490124
申请日:2009-06-23
IPC分类号: G06F7/04
CPC分类号: H04L29/06027 , G06F12/1408 , G06F21/606 , G06F2207/7219 , G06F2211/008 , G06F2221/2129 , H04L9/083 , H04L9/0841 , H04L9/3213 , H04L9/3263 , H04L63/0435 , H04L63/0442 , H04L63/061 , H04L63/062 , H04L63/0807 , H04L63/12 , H04L65/1043
摘要: A secure Internet Protocol (IP) telephony system, apparatus, and methods are disclosed. Communications over an IP telephony system can be secured by securing communications to and from a Cable Telephony Adapter (CTA). The system can include one or more CTAs, network servers, servers configured as signaling controllers, key distribution centers (KDC), and can include gateways that couple the IP telephony system to a Public Switched Telephone Network (PSTN). Each CTA can be configured as secure hardware and can be configured with multiple encryption keys that are used to communicate signaling or bearer channel communications. The KDC can be configured to periodically distribute symmetric encryption keys to secure communications between devices that have been provisioned to operate in the system and signaling controllers. The secure devices, such as the CTA, can communicate with other secure devices by establishing signaling and bearer channels that are encrypted with session specific symmetric keys derived from a symmetric key distributed by a signaling controller.
-
公开(公告)号:US07660986B1
公开(公告)日:2010-02-09
申请号:US09576516
申请日:2000-05-23
申请人: Xin Qiu , Eric J. Sprunk , Paul Moroney
发明人: Xin Qiu , Eric J. Sprunk , Paul Moroney
CPC分类号: H04N21/4623 , H04L9/002 , H04L9/088 , H04N7/1675 , H04N21/26606
摘要: A system to change security levels is used to change the level of security used in a secured processing system. The system uses a status indicator to designate the security level being implemented. The security level can be upgraded to allow a higher level of security to be implemented with relative ease. However, in order to change from a higher level of security to a lower level of security, an authorization code is utilized to confirm that the change in security is authorized.
摘要翻译: 用于更改安全级别的系统用于改变安全处理系统中使用的安全级别。 系统使用状态指示器来指定正在执行的安全级别。 可以升级安全级别,以便相对容易地实现更高级别的安全性。 然而,为了从更高的安全级别改为较低级别的安全性,使用授权码来确认安全性的改变是否被授权。
-
公开(公告)号:US07568223B2
公开(公告)日:2009-07-28
申请号:US10893047
申请日:2004-07-15
IPC分类号: H04L9/00
CPC分类号: H04L29/06027 , G06F12/1408 , G06F21/606 , G06F2207/7219 , G06F2211/008 , G06F2221/2129 , H04L9/083 , H04L9/0841 , H04L9/3213 , H04L9/3263 , H04L63/0435 , H04L63/0442 , H04L63/061 , H04L63/062 , H04L63/0807 , H04L63/12 , H04L65/1043
摘要: A secure Internet Protocol (IP) telephony system, apparatus, and methods are disclosed. Communications over an IP telephony system can be secured by securing communications to and from a Cable Telephony Adapter (CTA). The system can include one or more CTAs, network servers, servers configured as signaling controllers, key distribution centers (KDC), and can include gateways that couple the IP telephony system to a Public Switched Telephone Network (PSTN). Each CTA can be configured as secure hardware and can be configured with multiple encryption keys that are used to communicate signaling or bearer channel communications. The KDC can be configured to periodically distribute symmetric encryption keys to secure communications between devices that have been provisioned to operate in the system and signaling controllers. The secure devices, such as the CTA, can communicate with other secure devices by establishing signaling and bearer channels that are encrypted with session specific symmetric keys derived from a symmetric key distributed by a signaling controller.
摘要翻译: 公开了一种安全的因特网协议(IP)电话系统,装置和方法。 通过IP电话系统的通信可以通过保护与有线电话适配器(CTA)的通信来保护。 该系统可以包括一个或多个CTA,网络服务器,配置为信令控制器的服务器,密钥分配中心(KDC),并且可以包括将IP电话系统耦合到公共交换电话网络(PSTN)的网关。 每个CTA都可以配置为安全硬件,并且可以配置多个用于通信信令或承载信道通信的加密密钥。 KDC可以被配置为周期性地分配对称加密密钥以保护已经被提供以在系统和信令控制器中操作的设备之间的通信。 诸如CTA之类的安全设备可以通过建立用由信令控制器分配的对称密钥导出的会话专用对称密钥加密的信令和承载信道来与其他安全设备进行通信。
-
公开(公告)号:US20090323954A1
公开(公告)日:2009-12-31
申请号:US12490124
申请日:2009-06-23
CPC分类号: H04L29/06027 , G06F12/1408 , G06F21/606 , G06F2207/7219 , G06F2211/008 , G06F2221/2129 , H04L9/083 , H04L9/0841 , H04L9/3213 , H04L9/3263 , H04L63/0435 , H04L63/0442 , H04L63/061 , H04L63/062 , H04L63/0807 , H04L63/12 , H04L65/1043
摘要: A secure Internet Protocol (IP) telephony system, apparatus, and methods are disclosed. Communications over an IP telephony system can be secured by securing communications to and from a Cable Telephony Adapter (CTA). The system can include one or more CTAs, network servers, servers configured as signaling controllers, key distribution centers (KDC), and can include gateways that couple the IP telephony system to a Public Switched Telephone Network (PSTN). Each CTA can be configured as secure hardware and can be configured with multiple encryption keys that are used to communicate signaling or bearer channel communications. The KDC can be configured to periodically distribute symmetric encryption keys to secure communications between devices that have been provisioned to operate in the system and signaling controllers. The secure devices, such as the CTA, can communicate with other secure devices by establishing signaling and bearer channels that are encrypted with session specific symmetric keys derived from a symmetric key distributed by a signaling controller.
摘要翻译: 公开了一种安全的因特网协议(IP)电话系统,装置和方法。 通过IP电话系统的通信可以通过保护与有线电话适配器(CTA)的通信来保护。 该系统可以包括一个或多个CTA,网络服务器,配置为信令控制器的服务器,密钥分配中心(KDC),并且可以包括将IP电话系统耦合到公共交换电话网络(PSTN)的网关。 每个CTA都可以配置为安全硬件,并且可以配置多个用于通信信令或承载信道通信的加密密钥。 KDC可以被配置为周期性地分配对称加密密钥以保护已经被提供以在系统和信令控制器中操作的设备之间的通信。 诸如CTA之类的安全设备可以通过建立用由信令控制器分配的对称密钥导出的会话专用对称密钥加密的信令和承载信道来与其他安全设备进行通信。
-
公开(公告)号:US07058609B2
公开(公告)日:2006-06-06
申请号:US10114898
申请日:2002-04-02
申请人: Paul Moroney , Eric J. Sprunk
发明人: Paul Moroney , Eric J. Sprunk
IPC分类号: G06F17/60
CPC分类号: H04L63/04 , G06Q30/018 , H04L63/0428 , H04L63/062 , H04L63/08 , H04L63/10 , H04L2463/101 , H04N7/165 , H04N7/1675 , H04N7/173 , H04N7/17345 , H04N21/25435 , H04N21/4623 , H04N21/4667 , H04N21/6582
摘要: A system is described for allowing “pay by time” purchasing of digital video programming. The system provides for a variable or metered approach. A user can purchase a fraction of a program for a price different from that required for purchasing the entire program. Records of the user's viewing can be created to record, e.g., when a user started receiving a program, how long the user received a program, and when the user stopped receiving a program.
-
-
-
-
-
-
-
-
-
搜索结果
34 条记录 (耗时 0.028 秒)
