公开(公告)号：US20070237143A1

公开(公告)日：2007-10-11

申请号：US11393121

申请日：2006-03-30

Applicant: Stephane Rodgers ,  Ut Nguyen ,  Rajesh Mamidwar

Inventor： Stephane Rodgers ,  Ut Nguyen ,  Rajesh Mamidwar

IPC: H04L12/56

CPC classification number: H04N21/4344 ,  H04L45/00 ,  H04N21/23608 ,  H04N21/4334 ,  H04N21/4341

Abstract: In one embodiment, there is presented a method for processing data. The method comprises receiving a plurality of packets, wherein each packet comprises a payload, and wherein the plurality of packets carry video data encoded in accordance with an encoding standard from a plurality of encoding standards; identifying encoding standards encoding the video data carried in the payloads of the plurality of packets; and inserting identifiers that identify the encoding standard encoding the video data carried in the payloads of the plurality of packets into the plurality of packets.

Abstract translation: 在一个实施例中，提供了一种用于处理数据的方法。 该方法包括接收多个分组，其中每个分组包括有效载荷，并且其中所述多个分组携带根据来自多个编码标准的编码标准编码的视频数据; 识别对所述多个分组的有效载荷中承载的视频数据进行编码的编码标准; 以及将识别将所述多个分组的有效载荷中携带的视频数据编码为所述多个分组的编码标准的标识符。

公开(公告)号：US20120216038A1

公开(公告)日：2012-08-23

申请号：US13170764

申请日：2011-06-28

Applicant: Xuemin Chen ,  Stephane Rodgers ,  Rajesh Mamidwar

Inventor： Xuemin Chen ,  Stephane Rodgers ,  Rajesh Mamidwar

IPC: G06F15/16 ,  H04L9/32

CPC classification number: H04N21/4402 ,  H04L9/083 ,  H04L9/14 ,  H04L63/0428 ,  H04L63/062 ,  H04L2209/60 ,  H04N21/26613 ,  H04N21/43615 ,  H04N21/4408 ,  H04N21/44231 ,  H04N21/4621 ,  H04N21/4623 ,  H04N21/63345 ,  H04N21/64322 ,  H04N21/8456

Abstract: A home gateway may be used to handle at least a portion of processing of content obtained for consumption by client devices serviced via the home gateway. The home gateway may receive a single copy of content having a first format, and may convert the received content to one or more other formats suitable for presentation by at least one of the client devices based on knowledge of the client devices. The home gateway may maintain secure and/or protected access of the content handled via the home gateway. During protected access the home gateway may partition the content into a plurality of encrypted segments that are forwarded separately to the client devices. The client devices may utilize a corresponding plurality of encryption keys for decrypting the encrypted segments. The encryption keys may be obtained from an external key server. The home gateway may also generate the encryption keys.

Abstract translation: 家庭网关可以用于处理通过家庭网关服务的客户端设备获得的用于消费的内容的处理的至少一部分。 家庭网关可以接收具有第一格式的内容的单个副本，并且可以基于客户端设备的知识将接收的内容转换成适合于至少一个客户端设备呈现的一个或多个其他格式。 家庭网关可以保持通过家庭网关处理的内容的安全和/或受保护的访问。 在受保护的访问期间，家庭网关可以将内容分割成分别转发到客户端设备的多个加密段。 客户端设备可以利用相应的多个加密密钥来解密加密的段。 可以从外部密钥服务器获得加密密钥。 家庭网关也可以生成加密密钥。

公开(公告)号：US09232268B2

公开(公告)日：2016-01-05

申请号：US13170764

申请日：2011-06-28

Applicant: Xuemin Chen ,  Stephane Rodgers ,  Rajesh Mamidwar

Inventor： Xuemin Chen ,  Stephane Rodgers ,  Rajesh Mamidwar

IPC: H04N21/4402 ,  H04L29/06 ,  H04L9/08 ,  H04L9/14 ,  H04N21/266 ,  H04N21/436 ,  H04N21/4408 ,  H04N21/442 ,  H04N21/462 ,  H04N21/4623 ,  H04N21/6334 ,  H04N21/643 ,  H04N21/845

CPC classification number: H04N21/4402 ,  H04L9/083 ,  H04L9/14 ,  H04L63/0428 ,  H04L63/062 ,  H04L2209/60 ,  H04N21/26613 ,  H04N21/43615 ,  H04N21/4408 ,  H04N21/44231 ,  H04N21/4621 ,  H04N21/4623 ,  H04N21/63345 ,  H04N21/64322 ,  H04N21/8456

Abstract: A home gateway may be used to handle at least a portion of processing of content obtained for consumption by client devices serviced via the home gateway. The home gateway may receive a single copy of content having a first format, and may convert the received content to one or more other formats suitable for presentation by at least one of the client devices based on knowledge of the client devices. The home gateway may maintain secure and/or protected access of the content handled via the home gateway. During protected access the home gateway may partition the content into a plurality of encrypted segments that are forwarded separately to the client devices. The client devices may utilize a corresponding plurality of encryption keys for decrypting the encrypted segments. The encryption keys may be obtained from an external key server. The home gateway may also generate the encryption keys.

Abstract translation: 家庭网关可以用于处理通过家庭网关服务的客户端设备获得的用于消费的内容的处理的至少一部分。 家庭网关可以接收具有第一格式的内容的单个副本，并且可以基于客户端设备的知识将接收的内容转换成适合于至少一个客户端设备呈现的一个或多个其他格式。 家庭网关可以保持通过家庭网关处理的内容的安全和/或受保护的访问。 在受保护的访问期间，家庭网关可以将内容分割成分别转发到客户端设备的多个加密段。 客户端设备可以利用相应的多个加密密钥来解密加密的段。 可以从外部密钥服务器获得加密密钥。 家庭网关也可以生成加密密钥。

公开(公告)号：US20060268942A1

公开(公告)日：2006-11-30

申请号：US11394421

申请日：2006-03-31

Applicant: Stephane Rodgers ,  Ut Nguyen

Inventor： Stephane Rodgers ,  Ut Nguyen

IPC: H04J3/04

CPC classification number: H04N21/4345 ,  H04N21/434 ,  H04N21/4622

Abstract: Presented herein are method(s) and apparatus for demultiplexing, merging, and duplicating packetized elementary stream/program stream/elementary stream data. In one embodiment, there is presented a method for processing data. The method comprises receiving a bitstream wherein said bitstream comprises a plurality of streams; mapping the plurality of streams to a plurality of identifiers; packetizing the plurality of streams, thereby resulting in a plurality of packets, and wherein each packet further comprises: a portion of only one of the plurality of streams; and a particular one of the identifiers, wherein the particular one of the identifiers is mapped to the only one of the plurality of streams.

Abstract translation: 这里提出了用于解复用，合并和复制分组化的基本流/节目流/基本流数据的方法和装置。 在一个实施例中，提供了一种用于处理数据的方法。 该方法包括接收比特流，其中所述比特流包括多个流; 将所述多个流映射到多个标识符; 打包多个流，由此导致多个分组，并且其中每个分组还包括：多个流中仅一个的一部分; 以及特定的一个标识符，其中该特定一个标识符被映射到该多个流中的唯一一个。

公开(公告)号：US09461825B2

公开(公告)日：2016-10-04

申请号：US11743533

申请日：2007-05-02

Applicant: Stephane Rodgers ,  Andrew Dellow

Inventor： Stephane Rodgers ,  Andrew Dellow

IPC: H04L9/32 ,  H04L29/06 ,  G06F21/64 ,  G06F21/10 ,  H04L9/08 ,  G06F21/62 ,  H04L9/28

CPC classification number: H04L9/3247 ,  G06F21/10 ,  G06F2221/0711 ,  G06F2221/0771 ,  H04L9/0891 ,  H04L63/0435 ,  H04L63/123 ,  H04L63/1458 ,  H04L2209/60 ,  H04L2209/605 ,  H04L2463/062

Abstract: Methods and systems for preventing revocation denial of service attacks are disclosed and may include receiving and decrypting a command for revoking a secure key utilizing a hidden key, and revoking the secure key upon successful verification of a signature. The command may comprise a key ID that is unique to a specific set-top box. A key corresponding to the command for revoking the secure key may be stored in a one-time programmable memory, compared to a reference, and the security key may be revoked based on the comparison. The command for revoking the secure key may be parsed from a transport stream utilizing a hardware parser. The method and system may also comprise generating a command for revoking a secure key. The command may be encrypted and signed utilizing a hidden key and may comprise a key ID that is unique to a specific set-top box.

Abstract translation: 公开了用于防止撤销拒绝服务攻击的方法和系统，并且可以包括使用隐藏密钥接收和解密用于撤销安全密钥的命令，以及在成功验证签名时撤销安全密钥。 该命令可以包括特定机顶盒唯一的密钥ID。 与参考相比，与撤销安全密钥的命令相对应的密钥可以存储在一次性可编程存储器中，并且可以基于比较来撤销安全密钥。 用于撤销安全密钥的命令可以使用硬件解析器从传输流中解析出来。 该方法和系统还可以包括生成用于撤销安全密钥的命令。 命令可以使用隐藏密钥进行加密和签名，并且可以包括特定机顶盒唯一的密钥ID。

公开(公告)号：US08806215B2

公开(公告)日：2014-08-12

申请号：US13604914

申请日：2012-09-06

Applicant: Sherman Xuemin Chen ,  Stephane Rodgers

Inventor： Sherman Xuemin Chen ,  Stephane Rodgers

IPC: H04L9/32 ,  H04N7/167

CPC classification number: H04H20/31 ,  G06T1/0021 ,  H04H2201/50 ,  H04N5/4401 ,  H04N19/44 ,  H04N19/467 ,  H04N21/23892 ,  H04N21/43853 ,  H04N21/8358

Abstract: Methods and systems for robust watermark insertion and extraction for digital set-top boxes are disclosed and may include descrambling, detecting watermarking messages in a received video signal utilizing a watermark message parser, and immediately watermarking the descrambled video signal utilizing an embedded CPU. The embedded CPU may utilize code that may be signed by an authorized key, encrypted externally to the chip, decrypted, and stored in memory in a region off-limits to other processors. The video signal may be watermarked in a decompressed domain. The enabling of the watermarking may be verified utilizing a watchdog timer. The descriptors corresponding to the watermarking may be stored in memory that may be inaccessible by the main CPU. The watermark may comprise unique identifier data specific to the chip and a time stamp, and may be encrypted utilizing an on-chip combinatorial function.

Abstract translation: 公开了用于数字机顶盒的鲁棒水印插入和提取的方法和系统，并且可以包括解扰，利用水印消息解析器检测接收到的视频信号中的水印消息，并立即利用嵌入式CPU对解扰的视频信号进行加水印。 嵌入式CPU可以利用可以通过授权密钥进行签名的代码，在芯片外部加密，解密并存储在与其他处理器不同的区域的存储器中。 视频信号可以在解压缩域中加水印。 可以使用看门狗定时器来验证水印的使能。 与水印相对应的描述符可以存储在主CPU可能无法访问的存储器中。 水印可以包括专用于芯片的唯一标识符数据和时间标记，并且可以使用片上组合功能进行加密。

公开(公告)号：US08560829B2

公开(公告)日：2013-10-15

申请号：US11558650

申请日：2006-11-10

Applicant: Stephane Rodgers ,  Xuemin Chen

Inventor： Stephane Rodgers ,  Xuemin Chen

IPC: H04L29/06

CPC classification number: G06F21/10 ,  G06F21/445 ,  G06F21/51 ,  G06F21/606 ,  H04L9/0656 ,  H04L9/0844 ,  H04L2209/12

Abstract: Aspects of a method and system for command interface protection to achieve a secure interface are provided. A host device may encrypt a command based on a key index generated within the host device, a host device key, a command count, a random number from a slave device, at least one host control word, and a host variable value. The encrypted command may be communicated to the slave device where it may be decrypted based on the key index, the host device key decrypted from a slave device key generated by the slave device, the command count, the random number, at least one slave control word, and a slave variable value. The key index may be utilized in the host and slave devices to select a master key from a key table from which generational derivatives may be generated for command encryption and decryption respectively.

Abstract translation: 提供了一种用于命令接口保护以实现安全接口的方法和系统。 主机设备可以基于在主设备内生成的密钥索引，主机设备密钥，命令计数，来自从设备的随机数，至少一个主机控制字和主机变量值来加密命令。 加密命令可以被传送到从设备，其中它可以基于密钥索引被解密，从从设备生成的从设备密钥解密的主机设备密钥，命令计数，随机数，至少一个从控制 字和从​​变量值。 密钥索引可以用在主设备和从设备中，从分别为命令加密和解密生成代数导数的密钥表中选择主密钥。

公开(公告)号：US20090147985A1

公开(公告)日：2009-06-11

申请号：US11952789

申请日：2007-12-07

Applicant: Xuemin Chen ,  Stephane Rodgers

Inventor： Xuemin Chen ,  Stephane Rodgers

IPC: G06K9/00

CPC classification number: H04N19/467 ,  G06F21/16 ,  G06T1/0085 ,  G06T2201/0053 ,  H04N19/48 ,  H04N21/23892 ,  H04N21/8358

Abstract: Methods and systems for secure watermark embedding and extraction data flow architecture are disclosed and may include embedding a watermark in a video signal utilizing an embedded CPU. The embedded CPU may be controlled utilizing a security processor via a secure bus. The watermark may be embedded in a compressed video signal that may be diverted around a compression/decompression engine. The watermark may be embedded in a decompressed video signal and may be directed through a compression/decompression engine. Requests may be sent to the embedded CPU from the main CPU via the security processor and the secure bus. The watermark may be encrypted utilizing the security processor. The secure bus may be inaccessible to the main CPU or any device not on the chip. The chip may be disabled when the embedded CPU may be disabled. Sections of the video signal may be classified and selected for embedding.

Abstract translation: 公开了用于安全水印嵌入和提取数据流架构的方法和系统，并且可以包括使用嵌入式CPU在视频信号中嵌入水印。 可以通过安全总线来利用安全处理器来控制嵌入式CPU。 可以将水印嵌入压缩视频信号中，该视频信号可以围绕压缩/解压缩引擎转向。 水印可以嵌入在解压缩的视频信号中，并且可以通过压缩/解压缩引擎来引导。 请求可以通过安全处理器和安全总线从主CPU发送到嵌入式CPU。 可以使用安全处理器来加密水印。 主CPU或不在芯片上的任何设备可能无法访问安全总线。 当嵌入式CPU可能被禁用时，芯片可能会被禁止。 视频信号的部分可以被分类和选择用于嵌入。

公开(公告)号：US20080086657A1

公开(公告)日：2008-04-10

申请号：US11753474

申请日：2007-05-24

Applicant: Xuemin Chen ,  Andrew Dellow ,  Iue-Shuenn Chen ,  Stephane Rodgers

Inventor： Xuemin Chen ,  Andrew Dellow ,  Iue-Shuenn Chen ,  Stephane Rodgers

IPC: G06F11/07 ,  G06F12/14

CPC classification number: H04N21/4432 ,  G06F11/1433 ,  G06F21/572 ,  H04N21/4586 ,  H04N21/818

Abstract: Methods and systems for software security in a secure communication system are disclosed and may include verifying downloaded code in a reprogrammable system and reloading prestored unmodifiable first stage code upon failure. The prestored unmodifiable first stage code, which may comprise boot code for the reprogrammable system, may be stored in locked flash, and the downloaded software code may be stored in unlocked flash. The downloaded software code may be verified by comparing a signature of the downloaded code to a private key. A first sticky bit may be utilized to indicate a failure of the verification and a second sticky bit may be utilized to indicate passing of the verification and the use of the downloaded software code. Whether to reset the reprogrammable system and reload the prestored unmodifiable first stage code may be determined from within the reprogrammable system, which may comprise a set-top box.

Abstract translation: 公开了用于安全通信系统中的软件安全性的方法和系统，并且可以包括验证可再编程系统中的下载代码，并且在故障时重新加载预先存储的不可修改的第一级代码。 预先存储的不可修改的第一级代码（其可以包括用于可重新编程系统的引导代码）可以存储在锁定的闪存中，并且下载的软件代码可以存储在解锁的闪存中。 可以通过将下载的代码的签名与私钥进行比较来验证下载的软件代码。 可以使用第一粘性位来指示验证失败，并且可以利用第二粘性位来指示验证的传递和下载的软件代码的使用。 是否重置可编程系统并重新加载预先存储的不可修改的第一级代码可以在可重编程系统内确定，其可以包括机顶盒。

公开(公告)号：US20080086517A1

公开(公告)日：2008-04-10

申请号：US11758387

申请日：2007-06-05

Applicant: Stephane Rodgers

Inventor： Stephane Rodgers

IPC: G06F17/30 ,  G06F11/00

CPC classification number: G06F8/65 ,  G06F21/57

Abstract: Methods and systems for securing code in a reprogrammable security system are provided and may comprise detecting when a prior version of code is copied over a subsequent version of code. Operations within the system may be controlled based upon detection of the prior version of code. A unique version identifier may be associated with each successive version of code. The system may compare instances of unique version identifier from varied storage mechanisms on a device which may include flash memory, latch memory and one time programmable memory. The same instances of unique version identifier may be compared with a unique version identifier instance independently received from an external entity. When a comparison reveals a prior version of code copied over a subsequent version of code the system may conduct operations specified for a security breach.

Abstract translation: 提供了用于在可重新编程的安全系统中保护代码的方法和系统，并且可以包括检测何时在代码的后续版本上复制先前版本的代码。 可以基于先前版本的代码的检测来控制系统内的操作。 唯一的版本标识符可以与每个连续版本的代码相关联。 该系统可以在可以包括闪存，锁存存储器和一次可编程存储器的设备上比较来自不同存储机制的唯一版本标识符的实例。 可将与唯一版本标识符相同的实例与独立从外部实体接收的唯一版本标识符实例进行比较。 当比较显示在随后的代码版本中复制的代码的先前版本时，系统可以执行为安全漏洞指定的操作。