摘要:
Systems, methods, and data structures for transparently embedding non-compliant data in a data stream are described. One method includes embedding random encryption/decryption information into an MEPG multimedia, video, or audio stream transparently to an MPEG decoder in an ISO/MPEG 13818-1 compliant system to control access. The invention works for variable length data streams and involves a PES header. Spare bytes, stuffing bytes, or additional bytes as defined in the MPEG specification for PES headers are used to store key information by a computer capable of modifying the original data stream. There is no need for a parallel data stream for the key information because the key information is transparently inserted directly into the data stream. Additional information is embedded into the data stream that can be used for encryption/decryption without having to modify other components in a playback system.
摘要:
A method, apparatus and system enabling software access to navigational data in a decrypted media stream while protecting stream payloads. In one embodiment, a filter may route an encrypted content stream and associated information to a secure partition having a trusted computing component for decryption. Upon decryption, the trusted computing component may store the decrypted payload of the content in a secure storage location accessible to the trusted computing component. Thereafter, the decrypted navigational header information of the content may be used to navigate to the decrypted content via a trusted component such as a trusted rendering unit in the secure partition.
摘要:
A method, apparatus and system enabling software access to navigational data in a decrypted media stream while protecting stream payloads. In one embodiment, a filter may route an encrypted content stream and associated information to a secure partition having a trusted computing component for decryption. Upon decryption, the trusted computing component may store the decrypted payload of the content in a secure storage location accessible to the trusted computing component. Thereafter, the decrypted navigational header information of the content may be used to navigate to the decrypted content via a trusted component such as a trusted rendering unit in the secure partition.
摘要:
A method, apparatus and system enabling software access to navigational data in a decrypted media stream while protecting stream payloads. In one embodiment, a filter may route an encrypted content stream and associated information to a secure partition having a trusted computing component for decryption. Upon decryption, the trusted computing component may store the decrypted payload of the content in a secure storage location accessible to the trusted computing component. Thereafter, the decrypted navigational header information of the content may be used to navigate to the decrypted content via a trusted component such as a trusted rendering unit in the secure partition.
摘要:
A method, apparatus and system enabling software access to navigational data in a decrypted media stream while protecting stream payloads. In one embodiment, a filter may route an encrypted content stream and associated information to a secure partition having a trusted computing component for decryption. Upon decryption, the trusted computing component may store the decrypted payload of the content in a secure storage location accessible to the trusted computing component. Thereafter, the decrypted navigational header information of the content may be used to navigate to the decrypted content via a trusted component such as a trusted rendering unit in the secure partition.
摘要:
A system and method of safeguarding data within a device are described. In one embodiment, at least one protocol specific encrypted data stream is received. The protocol specific encrypted data stream is translated into a protected content exchange (PCX) encrypted data stream. In addition, the PCX encrypted data stream is transferred to a decoding device and the PCX encrypted data stream decrypted.
摘要:
In one apparatus, a number of obfuscated programming instructions are equipped to self-verify whether execution of the obfuscated programming instructions is being observed. In another apparatus, a number of obfuscated programming instruction are equipped to determine whether the apparatus is being operated in a mode that supports single step execution of the obfuscated programming instructions. In yet another apparatus, a number of obfuscated programming instruction are equipped to verify whether an amount of elapsed execution time has exceeded a threshold. In yet another apparatus, a first and a second group of obfuscated programming instruction are provided to implement a first and a second tamper resistant technique respectively, with the first and the second group of programming instructions sharing a storage location for a first and a second key value corresponding to the first and the second tamper resistant technique.
摘要:
In one apparatus, a group of plain text and obfuscated cells of programming instructions is provided to implement a descrambler that descrambles scrambled content to generate descrambled content. In another apparatus, a group of plain text and obfuscated cells of programming instructions is provided to implement an authenticator that provides appropriate authentication challenges to a scrambled content provider, and generates appropriate authentication responses to authentication challenges from the scrambled content provider. In yet another apparatus, a group of plain text and obfuscated cells of programming instructions is provided to implement an integrity verifier that performs integrity verification on a decoder. In yet another apparatus, a group of plain text and obfuscated cells of programming instructions is provided to implement a secrets holder that holds a number of secrets associated with playing scrambled contents.
摘要:
In one apparatus, a number of obfuscated programming instructions is provided to perform integrity verification on a number of other plain text programming instructions. In another apparatus, a number of obfuscated programming instructions is provided to self-verify an invocation of the obfuscated programming instructions is not originated from an intruder.
摘要:
Sensor data may be filtered in a secure environment. The filtering may limit distribution of the sensor data. Filtering may modify the sensor data, for example, to prevent identification of a person depicted in a captured image or to prevent acquiring a user's precise location. Filtering may also add or require other data use controls to access the data. Attestation that a filter policy is being applied and working properly or not may be provided as well.