Method for controlling access privileges for encrypted data stored in a digital recorder

FIELD: receivers/decoders of services, provided in conditional access mode, in particular, receivers having storage block (memorization device), such as a hard drive.

SUBSTANCE: method is claimed for storing an event, encrypted with usage of at least one control word (CW) in receiver/decoder (STB), connected to safety block (SC), where at least one control word and access privileges for aforementioned event are contained in access control messages (ECM-messages), method includes following operations: recording of encrypted event, and also of at least one ECM-message in storage block; transmission of at least one ECM-message into safety block (SC), verification of the fact that safety block (SC) contains access privileges for aforementioned event, generation of receipt (Q), which contains data related to management of event in reproduction mode, where receipt (Q) contains signature (SGN), generated on basis of the whole ECM-message or its part with usage of secret key (K) contained in safety block (SC) and specific for every safety block, where during later consumption of event the authenticity of the receipt (Q) is verified in prioritized manner compared to conventional access privileges, stored in safety block (SC), storage of aforementioned receipt (Q) in storage block.

EFFECT: provision of method for storing an event.

6 cl, 3 dwg

 

The technical field to which the invention relates.

The present invention relates to the field of receivers/decoders services offered in the regime of conditional access, in particular to receivers that have a storage unit (storage device)such as a hard disk.

The level of technology

Improvement of technologies in the field of storage capacity and speed of the magnetic (hard) disks made possible the storage content of the transmitted video information to make it available to the user in offline mode (mode, "off-line").

Known registrars for such storage, manufactured under the trade names ReplayTV® or Tivo®provide enough memory to store dozens of hours of digital broadcasting. However, these recorders are not suitable for integration with receivers/decoders that implement the mode conditional access, because when they use the content stored on the drive without proper protection. This makes it impossible to obtain royalties for the use of the contents of the drive when this content is then copied for distribution for commercial purposes.

Unlike the named Registrar in the pay TV digital stream transmitted to the receivers, the cipher is carried out for to ensure control over its use and to determine the conditions of such use. This encryption is performed using the control words that are replaced at regular time intervals (components with 5-30) in order to make unattractive any attack aimed at the definition of the control word.

In accordance with one variant of the control word are replaced through significantly more time intervals; this means that the whole event (transmission) is encrypted by means of a single control word.

In order for the receiver/decoder was able to decode the data stream is encrypted such control words, these words are sent to it, regardless of the data flow within messages access control (ECM)messages that are encrypted using a key that is convenient for use of the transmission system between the control center and security block (SC unit) custom devices (i.e. receiver/decoder). In fact, the operations associated with data protection, are performed in a block (SC) security. The security block is typically a smart card (chip card), considered to be inaccessible to unauthorized access. This unit can be either removable or integrated into the receiver.

During the decryption of the ECM messages to block the security verification is the availability of access rights to the corresponding data stream. The management of such rights by means of conditional access messages (EMM messages)that load data rights in the SC block. Other variants are possible, such as sending the decryption keys.

In this description, the term "event" is used to describe the content of a video stream, an audio stream (e.g., in the format MDE) or data flow (e.g., game program), which is encrypted by a known method using the control words. Each event will be encrypted using one or more control words, each of which is valid for a certain time interval.

The calculations for the consumption of such events in real time based on the principles of subscription, acquisition of rights to specific events or to pay on time.

The subscription allows you to define the rights associated with one or more channels that transmit these events, and gives the user the possibility of acquiring these events in decrypted form, provided that the rights entered in the security block.

At the same time, rights can be defined specifically for a particular event, such as a film or a football match. The user can acquire such a right, for example, by purchase, and it will ensure the reception of the selected events is. This method is known under the name "pay per view" (PPV - pay-per-view).

With regard to the payment on time, the security block has a loan that debited in accordance with the actual consumption by the user. For example, such debits will occur every minute, regardless of the enabled channel. With appropriate technical realization becomes possible to vary the unit of account either in length or in the calculation of the time available, or even by combining these two parameters for adaptation of invoice to the type of the passed event.

The ESM message contains not only the control word, but also the conditions under which this word is in the receiver/decoder. When the decryption of the control words is verification that the security block has rights associated with the access conditions declared in the verified message.

The control word is returned to the user device in decrypted form only in case of positive result of the verification. As already mentioned, the control word is contained in the ECM message, the encrypted key TK (Tansmission Key) transmission.

In order for the security block had this right, it usually is loaded into this unit through soo is the value of conditional access (EMM messages), which for security reasons, as a rule, is encrypted by the other, so-called key access rights (Right Key - RK).

In accordance with a known form of payment TV programs to decrypt events at any given time, you must have the following three elements:

event encrypted by one or more control words,

- ECM message (ECM messages containing (containing) control word (CW - Control Words) and access conditions (AC - Access Conditions,

- eligible loaded in the unit security and to verify these conditions.

According to well-known schemes encrypted event is stored in the storage unit together with at least one ECM message.

Due to the fact that the a posteriori decrypt the ECM messages can be a problem, especially in connection with the change of the transmit key, the document EP 0912052 proposed a solution involving decrypt such messages in the security block and re-encrypted before writing to disk.

This option solves the problem associated with life time key transfer, however, creates a significant load on information processing during recording in the security block in the conditions of uncertainty of whether the recorded content is ever used. Chrome is also one of the fundamental rules of protection systems is that the control word is returned to the user device only if you have the appropriate rights. For this situation it is possible that these rights do not exist (if we consider the event to be taken in the mode of "pay per view"). This right will be acquired at the time of purchase, which may take place much later, when the user decides to view the event. Thus, the method described in EP 0912052, does not solve the problem of access to the law, because at the time of purchase it is always necessary to transmit the EMM message that it was loaded in the security block.

Therefore, the described solution is suitable only for events for which the rights are already present in the unit security to authorize decryption and re-encryption of the ECM messages.

Another aspect associated with the preservation of the rights of the buyer. Consider as an example a situation in which the buyer And have purchased the rights to view channels M, N and P. as a result, he has the right to watch these channels and, consequently, to register and view all the events that are recorded in the storage unit. Each and every time such an event from the security block is required to decrypt the ECM, and then return control word. It is important that the security block had rights associated with this event.

In relation to the event received by subscription, identification of this event is bound to the channel, such as channel M in Other words, all events that have an ID of M is authorized, so that the decoder will return control word.

Thus, the rights attached to a particular channel, defined by the presence of ID, such as M. When the subscriber terminates its subscription or modifies it to other channels, this leads to the fact that the events recorded in the storage unit becomes unavailable because the security block will refuse to re-return of the control words corresponding rights, which at the moment don't exist.

This situation can also occur if channel M will be assigned a new ID. Suppose as an example that as a result of reorganization of channels this channel, instead of the identifier M ID J4. With regard to the rights to receive transmission, the security block will be promptly informed of such change, so that the user will not experience any inconvenience.

The consequences for registered events will be more dramatic. This renamed the e will result in that registered the event will be unavailable because associated with it right will no longer be included in the security block.

Disclosure of inventions

The problem to which the present invention is directed is to provide such a method for storing event encrypted by control words (CW), which guarantees access to this event at any moment, even if between the Desk and the view were made some changes.

The solution to this problem is achieved by creating a storage event encrypted by control words (CW) in the receiver/decoder (Set Top Box - STB module)connected to the unit (SC) security. According to this method the specified control word (CW) and the necessary rights contained in the ECM messages. The method according to the invention is characterized by the fact that includes the following operations:

recording the encrypted event, and ECM messages in the storage unit;

transmission ECM message block (SC) security,

- verification that the unit (SC) security includes the right to the specified event,

- calculation, worldwide ECM message or its part, the receipts (Q), generated using the secret key (K)contained in the block (SC) security and specific to each unit security and,

record the specified receipt (Q) in the storage unit.

In accordance with the first embodiment of the invention this receipt is generated signature, based on the whole ECM message or part thereof and representing the right of a higher order, which in the case of subsequent consumption events will be verified prior to the normal to the rights contained in the security block. After the receipt will be recognized by the corresponding ECM message, its presence will lead to ignoring the usual conditions of access.

In accordance with the second embodiment of the invention when generating a receipt for it, in addition to the signature, adds a new part that describes what rules should be processed ECM messages in his presentation to the security block. These rules can, for example, consist in ignoring all terms that are included in this ECM message (which is equivalent to the described first embodiment), or the introduction of new terms, such as the abolition of the right of reproduction or the definition of the time window, which may be authorized such reproduction.

To calculate the signature, it is preferable to use a part of the ESM message, which remains unchanged throughout the event. In fact, the ESM with the communication, in a simplified view, contains two parts:

(a) control word (or even and odd control word);

(b) the right, which need to be returned to the control word.

The proposed receipt allows you to mark the ESM message, and to add other information related to the processing of events in play mode. Solving this task is to uniquely identify the ESM messages. In practical terms, it can be noted that part (b), i.e. the necessary legal changes are not as often as the control word. It is therefore preferable to choose this part to calculate the signature. However, it does not exclude the possibility of defining signatures based on a key word or a combination of both parts.

To calculate the signature serves to define a unique mapping H part of the ECM message received by overlaying data unilateral collisional functions. It is assumed that there is no other group of data, which give the same result as the specified function. This mapping N is obtained using the function type of the hash function. Used for this algorithm can be SHA-1 or MD5, and this mapping describes the data group in a unique way.

The next operation status is it in the encryption of the data referenced by key To the encryption.

Before the encryption operation it is possible to add a data field CD, which describes the new conditions of access. Then the data group (H & CD), which constitutes the receipt is encrypted signature key K.

In the context of the invention, the term "receipt" means that its value is determined by the group data that are representative of the conditions of access (for example, in the simplest case) and which are unique for the sole interest of the security block using the key K. In accordance with one variant of the invention there is the possibility of using this key to directly encrypt the access conditions contained in the ECM message, without resorting to the hashing operation.

In accordance with another variant, it is possible to define a unique mapping (hash function) conditions of access, and then encrypt it display the first key K1, to add new conditions CD access, and encrypt the result of the same key K1 or the second key K2.

Brief description of drawings

The invention will become clearer from the following descriptions with reference to the accompanying drawings, which are given as non-limiting example.

Figure 1 shows the user STB device equipped with a storage unit in the according to the according to one variant of the invention.

Figure 2 illustrates the data group stored in the storage unit of figure 1.

Figure 3 illustrates the structure of the ESM message in accordance with one variant of the invention.

The implementation of the invention

User device (receiver/decoder) STB presented in figure 1, takes as input a stream of data in encrypted form. These data are recorded in the block HD storage and contain, among other things, the TV event and the ESM message.

According to the invention these two groups of data are accompanied by a new group, which is represented in figure 2 in the form of block-receipts Q.

The relative sizes of the various blocks shown in the drawing, are given only as an example. However, be aware that the event EV is the largest part, the ECM messages occupy a small portion, according to the considered variant of the invention a single receipt is enough for the entire group of data.

Indeed, if the signature is defined in the terms and conditions of access in the composition of the ECM message, it will not change over the entire event.

Figure 3 illustrates the structure of the ECM messages. As described above, the ESM message contains the control word CW and conditions of access.

These conditions are divided into two parts, one of which corresponds to the conditions ASV transmission, and in ora - conditions ACR play. The ESM message also contains the label of the TR time.

Among these conditions are:

- the channel number (or services)that are of special interest for subscription;

- theme events (e.g., sports, news, transfer to adult),

level (Prime time, day, re-transfer),

- room for impulse purchase.

Duplication of conditions expands the possibilities for event management when his playing. Receipt Q may mean that you simply need to comply with the terms of playback. Alternatively, it may mean, on the contrary, the ability to ignore these conditions.

Consider as an example the geographic feature that locks. This feature allows you to block reception of a sporting event, for example, in the 30-km zone surrounding the stadium. Although this lock makes sense during the event, a few days after its completion for such blocking no reason.

Conditions ASV transmission can include the lockout condition by sector block numbers security or zip codes. Conditions ACR playback can enable basic authentication for all users, since a certain date (in the case of other requirements, such as a subscription).

During playback, first carried the tsya access to receipts Q and its decryption secret key To obtain signature SGN and new conditions CD access.

After that, the signature SGN is stored in the memory unit security together with the new conditions CD access. When the security block receives an ESM message, it uses the hash function determines a unique mapping H' that part of the ESM message, which contains the right speakers, and compares the value of the specified display N' with the signature SGN. If the values of the two compared values are identical, the security block applies the conditions specified in that part of the receipt, which contains the conditions for CD access. If these conditions correspond to the "free access", the requirement of verification conditions contained in the ECM message is removed. Eliminates problems caused by structural changes in transmission channels.

According to another variant of the new conditions CD access correspond to the modified ACR play. In this new context, there are no references to channels or other elements that may change over time (structural conditions). Instead, the conditions in relation to the time during which access is allowed, or relative to the number of allowed accesses. It should be clear that in this case other conditions, in particular those related to subscription, were verified during the formation of receipt.

The receipt may be evolving. In this case, mo is et to represent the interest of saving receipts is more favorable than its previous version. A similar situation takes place, in particular, under the impulse purchase. In this embodiment, the first receipt is generated during the storage of the event, i.e. before it is purchased by the user.

The terms and conditions contained in this receipt, will lead to the return of the conditions contained in the ECM message. When the user decides to purchase this event generated a new receipt, which opens access to the event without any restrictions (if the conditions defined in the new receipts in this way). This receipt is sent to the security block to replace the old receipt.

1. The method of storing event that is encrypted using at least one control word (CW) in the receiver/decoder (STB)connected to the unit (SC) security, and at least one control word (CW) and access rights to the specified event is contained in the message access control (ECM messages), characterized in that it comprises the following operations:

recording the encrypted event, and at least one ECM message in the storage unit;

transmitting at least one ECM message block (SC) security,

verification that the unit (SC) security provides rights to specified property is involved,

the formation of receipt (Q)containing data related to event management in playback mode, and the receipt (Q) contains the signature (SGN), formed on the basis of the ESM message or part of it using the secret key (K)contained in the block (SC) security and specific to each security block, and subsequent consumption event the authenticity of the receipt (Q) is verified precedence over customary rights contained in the block (SC) security,

storing the specified receipt (Q) in the storage unit.

2. The method according to claim 1, characterized in that the verification of the authenticity of the receipt includes the following steps:

form the signature on the basis of the ESM message or part of it;

comparing the received signature with a signature (SGN) receipts (Q);

if the values compare two signatures are identical, then apply the access conditions specified part receipt (Q)containing access conditions.

3. The method according to claim 1, characterized in that the presence of receipts (Q) for this ECM message leads to the neglect of the access conditions contained in the ECM message.

4. The method according to claim 1, characterized in that the receipt (Q) further comprises a part (CD), describing the new conditions, regardless of the structural configuration re the ACI event.

5. The method according to claim 4, characterized in that the presence of receipts (Q) for this ECM message results in terms of access contained in this paragraph (CD) instead of the access conditions contained in the ECM message.

6. The method according to claim 1, characterized in that the calculation of receipts (Q) is produced only in the presence of the security block access rights.



 

Same patents:

FIELD: cryptographic protocols, in particular, efficient encoding at content level.

SUBSTANCE: method is provided for generation of digital data with cryptographic protection, encoding content and composed into messages. Encoding of at least a part of the message is performed and encoded messages are provided in form of output signal in format, allowing the interface of server service to compose a message in form of at least one packet, including at least one header and useful load, where at least one header includes information, which allows the service interface in the client to assemble each message for decoding application using useful load of packets. Each message is divided onto the first and at least one additional section of the message. At least one of the message sections is encoded in such a way that it may be decoded independently from other message sections. Assembly of encrypted message is performed by addition of resynchronization marker, separating the message section from adjacent message section and including precise information about synchronization, at least for additional sections of the message.

EFFECT: synchronized decoding process in case of data loss.

14 cl, 8 dwg

FIELD: copy/access protection.

SUBSTANCE: audio/video stream processing system includes module for inputting audio/video stream, which receives audio/video stream, containing field of information about audio/video content, including first copy control information, and audio/video content field, including second copy control information; reading module which extracts first and second copy control information from received audio/video stream and determines whether first copy control information is modified; and module for decoding audio/video stream, which processes received audio/video stream in accordance to predetermined criteria, if first copy control information is modified.

EFFECT: protection of content, prevented unsanctioned processing of content.

15 cl, 8 dwg

FIELD: engineering of systems for loading and reproducing protective unit of content.

SUBSTANCE: in accordance to invention, in receiving device 110 for protected preservation of unit 102 of content on carrier 111 of information unit 102 of content is stored in protected format and has associated license file, file 141 of license being encrypted with usage of open key, associated with a group of reproduction devices 120,121, and, thus, each reproduction device 121 in group can decrypt file 141 of license and reproduce unit 102 of content, and devices not belonging to group can not do that, while device 121 for reproduction may provide the open key, specific for given device, to system for controlling content distribution, and then system for controlling content distribution returns secret key for group, encrypted with open key of device 121 for reproduction, after that device 121 of reproduction by protected method receives secret key of group and may decrypt file 141 of license.

EFFECT: creation of system for loading and reproducing protected unit of content, making it possible to constantly control usage of unit of content.

3 cl, 4 dwg

FIELD: digital audio and video technologies.

SUBSTANCE: device for storing information is made with possible receipt of data carrier, decoder is made with possible receipt of compressed encoded signals from data carrier and transmitting signals to decrypter. Decrypter is made with possible decryption of compressed encoded data encrypted data and transmitting these to decompressor. Decompressor is made with possible receipt of compressed encoded signals from decrypter and decompression of compressed encoded signals to reproduce the image.

EFFECT: higher precision, higher efficiency.

3 cl, 17 dwg

FIELD: broadcasting systems.

SUBSTANCE: method includes broadcasting of message, including text portion intended to reach user, while said message is transferred in form of conditional access message.

EFFECT: broader functional capabilities.

5 cl, 7 dwg

FIELD: television.

SUBSTANCE: device converts signals to digital video information. Compression device is made in such a way, that it receives digital video data, coming from source data generator, and compresses digital images. Encoding device receives compressed digital video data coming from compression device and encodes compressed digital video data. Recording device stores encoded compressed digital audio data at data carrier.

EFFECT: higher data transfer speed.

3 cl, 17 dwg

FIELD: access control systems.

SUBSTANCE: proposed signal processing method involves reception of digital input signal incorporating first component of scrambled signal and second component of scrambled signal; binding of input signal with detachable intelligent card unit for processing first scrambled signal component and generation of first descrambled signal which is internal with respect to intelligent card unit and for processing second scrambled signal component in case of response to first descrambled signal to generate second descrambled signal and to integrate first scrambled signal component of input signal and second descrambled signal so as to produce output signal; reception of output signal from intelligent card unit and processing of second descrambled signal to shape signal adapted for display.

EFFECT: improved control of access.

1 cl, 9 dwg

The invention relates to an electronic audiovisual processing

The invention relates to scramblers device, in particular for digital TV systems

FIELD: access control systems.

SUBSTANCE: proposed signal processing method involves reception of digital input signal incorporating first component of scrambled signal and second component of scrambled signal; binding of input signal with detachable intelligent card unit for processing first scrambled signal component and generation of first descrambled signal which is internal with respect to intelligent card unit and for processing second scrambled signal component in case of response to first descrambled signal to generate second descrambled signal and to integrate first scrambled signal component of input signal and second descrambled signal so as to produce output signal; reception of output signal from intelligent card unit and processing of second descrambled signal to shape signal adapted for display.

EFFECT: improved control of access.

1 cl, 9 dwg

FIELD: television.

SUBSTANCE: device converts signals to digital video information. Compression device is made in such a way, that it receives digital video data, coming from source data generator, and compresses digital images. Encoding device receives compressed digital video data coming from compression device and encodes compressed digital video data. Recording device stores encoded compressed digital audio data at data carrier.

EFFECT: higher data transfer speed.

3 cl, 17 dwg

FIELD: broadcasting systems.

SUBSTANCE: method includes broadcasting of message, including text portion intended to reach user, while said message is transferred in form of conditional access message.

EFFECT: broader functional capabilities.

5 cl, 7 dwg

FIELD: digital audio and video technologies.

SUBSTANCE: device for storing information is made with possible receipt of data carrier, decoder is made with possible receipt of compressed encoded signals from data carrier and transmitting signals to decrypter. Decrypter is made with possible decryption of compressed encoded data encrypted data and transmitting these to decompressor. Decompressor is made with possible receipt of compressed encoded signals from decrypter and decompression of compressed encoded signals to reproduce the image.

EFFECT: higher precision, higher efficiency.

3 cl, 17 dwg

FIELD: engineering of systems for loading and reproducing protective unit of content.

SUBSTANCE: in accordance to invention, in receiving device 110 for protected preservation of unit 102 of content on carrier 111 of information unit 102 of content is stored in protected format and has associated license file, file 141 of license being encrypted with usage of open key, associated with a group of reproduction devices 120,121, and, thus, each reproduction device 121 in group can decrypt file 141 of license and reproduce unit 102 of content, and devices not belonging to group can not do that, while device 121 for reproduction may provide the open key, specific for given device, to system for controlling content distribution, and then system for controlling content distribution returns secret key for group, encrypted with open key of device 121 for reproduction, after that device 121 of reproduction by protected method receives secret key of group and may decrypt file 141 of license.

EFFECT: creation of system for loading and reproducing protected unit of content, making it possible to constantly control usage of unit of content.

3 cl, 4 dwg

FIELD: copy/access protection.

SUBSTANCE: audio/video stream processing system includes module for inputting audio/video stream, which receives audio/video stream, containing field of information about audio/video content, including first copy control information, and audio/video content field, including second copy control information; reading module which extracts first and second copy control information from received audio/video stream and determines whether first copy control information is modified; and module for decoding audio/video stream, which processes received audio/video stream in accordance to predetermined criteria, if first copy control information is modified.

EFFECT: protection of content, prevented unsanctioned processing of content.

15 cl, 8 dwg

FIELD: cryptographic protocols, in particular, efficient encoding at content level.

SUBSTANCE: method is provided for generation of digital data with cryptographic protection, encoding content and composed into messages. Encoding of at least a part of the message is performed and encoded messages are provided in form of output signal in format, allowing the interface of server service to compose a message in form of at least one packet, including at least one header and useful load, where at least one header includes information, which allows the service interface in the client to assemble each message for decoding application using useful load of packets. Each message is divided onto the first and at least one additional section of the message. At least one of the message sections is encoded in such a way that it may be decoded independently from other message sections. Assembly of encrypted message is performed by addition of resynchronization marker, separating the message section from adjacent message section and including precise information about synchronization, at least for additional sections of the message.

EFFECT: synchronized decoding process in case of data loss.

14 cl, 8 dwg

FIELD: receivers/decoders of services, provided in conditional access mode, in particular, receivers having storage block (memorization device), such as a hard drive.

SUBSTANCE: method is claimed for storing an event, encrypted with usage of at least one control word (CW) in receiver/decoder (STB), connected to safety block (SC), where at least one control word and access privileges for aforementioned event are contained in access control messages (ECM-messages), method includes following operations: recording of encrypted event, and also of at least one ECM-message in storage block; transmission of at least one ECM-message into safety block (SC), verification of the fact that safety block (SC) contains access privileges for aforementioned event, generation of receipt (Q), which contains data related to management of event in reproduction mode, where receipt (Q) contains signature (SGN), generated on basis of the whole ECM-message or its part with usage of secret key (K) contained in safety block (SC) and specific for every safety block, where during later consumption of event the authenticity of the receipt (Q) is verified in prioritized manner compared to conventional access privileges, stored in safety block (SC), storage of aforementioned receipt (Q) in storage block.

EFFECT: provision of method for storing an event.

6 cl, 3 dwg

FIELD: receivers/decoders of services, provided with certain conditions, in particular in a system for accessing an encrypted data stream, priced per time unit.

SUBSTANCE: system contains control center (2), which transmits a data stream through a broadcasting channel, encrypted by means of control words, which are included in composition of access control messages, and meant for receipt by at least one user device (1), connected to safety block (3), having unique address and containing credit, which is reduced with purchase of products or consumption of data stream, where safety block (3) is provided with means for reducing credit for value, dependent on product, or for value, dependent on duration of access to data stream, where aforementioned values and/or duration are determined in access control messages or in conditional access messages, and system contains means, made independent from user device (1), for transmitting identifier, representing a unique number, and price code which indicates size of credit subject to load, in control center (2), and control center (2) additionally contains devices for receipt and verification of price code and for transmission of an encrypted message through broadcasting channel, having a unique address, corresponding to identifier, and giving a command to the safety block (3) to load the credit in defined amount.

EFFECT: development of a new approach to provision of access to paid television for broad clientele, substantially reduced subscriber management related costs.

5 cl, 1 dwg

FIELD: information encryption.

SUBSTANCE: system contains an encrypted data broadcasting centre, at least one control centre, a terminal device, a decoder located between the encrypted data broadcasting centre and the terminal device, the decoder includes an encrypted data reception and decryption module and a data access authority control module; the data access authority control module contains a protection module.

EFFECT: provision of system allowing to simplify access authority control at broadcasting centre level and ensuring optimal data security.

12 cl, 2 dwg

Up!