Method of program traffic set decoding control, receiving system and portable protector

FIELD: information technologies.

SUBSTANCE: invention refers to method of control of decoding of program traffic set received by receiving system. Method of control of decoding of program traffic set received by receiving system implying that sequence of messages is received in conventional access subsystem (9, 10) comprising the specified receiving system, and each message is associated with one of coded program traffic set and represents information return enabling decoding of associated coded traffic by at least one decoding module (12) within receiving system. It is detected whether messages received within certain interval are associated with various coded program traffic set, and at least one of requests presented by messages received within certain interval is rejected, if number of various coded program traffics with which these messages are associated, exceeds preset value.

EFFECT: creation of receiving system, portable protector which enables program traffic provider to control program traffic set to which user of receiving system simultaneously addresses.

16 cl, 2 dwg

 

PRIOR art

The invention relates to a method of controlling the decryption of a variety of software transport streams received by the admissions system.

The invention additionally relates to a reception system that contains the receiver, which contains at least one tuner for receiving a signal carrying a digital transport stream, and at least one demodulator for extracting a variety of software transport streams from a received digital transport stream (flows), and this receiving system further comprises a conditional access subsystem that can perform such a method.

The invention also relates to a portable security device that contains the conditional access subsystem for use in such a reception system, and computer program for execution in such a receiving system.

Examples of such method, the receiving system, portable protection device and a computer program are known, for example, 'a Functional Model of a conditional access system', Technical overview of the European broadcasting Union 266 (EBU Technical Review 266), winter 1995, pp. 64-77. This publication discloses a functional reference model of conditional access system (UD, CA). The normal interface is used between the integrated decoder receiver (FDW IRD) and the UD system. System UD sod is Ritsa affordable patented module, which is associated with the PI via a standard interface. PI receives the encrypted transport stream MPEG-2. Messages access control (ECM) are used for recovery in the decoder control word (CA, CW) decryption. Data filters filter out the ECM, which is sent to the processor protection system UD, which restores control word decryption and returns it to the decoder. Message authorization (EMM) allow the viewer to decrypt the service. At least the CPU protection is usually implemented in the form of a smart card (smart card).

The problem with known systems is that the CPU protection returns control words in response to each ECM, which sent the corresponding EMM. This opens up the possibility of piracy with the help of interception. When piracy by capturing helps to ensure that messages ECM associated with several different program transport streams to a single conditional access subsystem, such as a smart card, and intercept the return control word, which then spread to other receivers, and not to those who are authorized by the subscriber. Thus, one subscription 'shared' by many users.

The INVENTION

The invention provides a method,a receiving system, portable protection device and a computer program such types listed above, which enable the software flow control software transport streams, which simultaneously addresses the user of the receiving system.

The invention achieves this by providing a way to control decryption of the many software of transport streams received by the admissions system in which the method comprises receiving a sequence of messages in a conditional access subsystem contained in the specified reception system, each message is associated with one of multiple encrypted software traffic flow and represents a request to return information to allow the decryption of the associated encrypted transport stream of at least one decrypting module in the receiving system, determining whether associated messages received within a certain interval, with many different encrypted software and traffic flows, and the failure of at least one from queries submitted by the messages that are accepted in some interval, if the number of different encrypted software transport streams with which associated these messages exceeds predoped the military number.

In the context of this application, the term "software transport stream" means unidirectional, group or broadcast transport bit stream, which is generated for the program. The term "program" refers to multiplex the transmission of one or more elementary bit streams (for example, audio data, video data, other data)that share a common scale along the time axis. The program corresponds to the channel in an analog broadcast, but may be intended for a particular recipient. The term "a sequence of received messages" refers to the set of two or more messages, ordered by the time of their reception.

Using the method according to the invention, the conditional access subsystem provides functionality to detect when it ask you to allow decryption of several different program transport streams simultaneously. Programming it then to limit the amount of information that it returns in response to received messages, prevent parallel decryption of the number of threads greater than the allowed amount of program transport streams. The method can preferably be used to detect piracy via the interception, but also for the implementation of payment schemes, through which the which your subscription depends on the number of program transport streams, to which the subscriber is allowed to make simultaneous access.

In a preferred embodiment of the invention determine whether associated messages received within a certain interval, with many different encrypted software traffic flows, analyzing the characteristics of the sequence of received messages.

Analyzing the sequence received her message, not only the content of the message, the conditional access subsystem may not only allow decryption only those software transport streams to which the user of the receiving system access, but it can verify, ask if it is appropriate to allow decryption of one or more of the permitted software transport stream.

One of the variants of the method according to the invention contains the definition of the value of the time interval between two received messages.

If you request information, which permits to allow decryption of several program transport streams, the conditional access subsystem send more messages, and the time interval is reduced. Thus, this alternative implementation has the advantage of simplicity in that the message must not include any additional information. The increase in frequency is, they arrive, is sufficient to prevent the conditional access subsystem attempts to access multiple software transport streams simultaneously.

In a more advanced embodiment, each message contains information representing the time interval between two messages associated with the same encrypted software transport stream, and this method contains a comparison of this information with a certain time interval.

Thus, this method can also be used when the frequency of sending messages is different for each program transport stream, or it changes for one of the software transport stream.

A preferred variant of the method according to the invention includes receiving channel IDs with each message, and the value channel ID identifies the encrypted software transport stream associated with the message, and the conditional access subsystem limits the amount of program transport streams that can be decoded by returning information to allow decryption only program transport streams in a set of limited size.

Thus, it is possible in order to provide the user of the receiving system of simultaneous access to a limited amount of program transport streams, for example, allowing you to view one program while another program is being recorded, but prohibiting the transfer of the third program to an unauthorized recipient. Using the set of program transport streams that can be decrypted in combination with channel IDs, ensures that all requests for information relating to a program transport streams that can be decrypted.

In an advantageous embodiment of this variant implementation of the conditional access subsystem determines the size of the set on the basis of information contained in the message access adopted by the admissions system.

Thus, the operator of the broadcasting system can dynamically add or remove access to a particular subscriber. In particular, it is possible to take additional fee for each additional program transport stream, which decrypts at the same time.

In a preferred embodiment of the method according to the invention, each message contains a timestamp representing the time value, this method comprises comparing a time value in a received message with a previously stored time value, and the conditional access subsystem limits the amount of program transport streams that can be decrypted only is if the difference between the time values exceeds a particular value of the time interval of free switching.

This provides the operator of the receiving system some interval to change channels. This feature is especially useful if the number of transport streams that can be decoded at the same time, is limited to one, especially if the conditional access subsystem completely denies access when an attempt was made to apply to more than one software transport stream at the same time.

According to another aspect of the invention provides a receiving system that contains a receiver which comprises at least one tuner for receiving the signal carrying digital traffic information, and at least one demodulator for extracting a variety of software transport streams from a received digital transport stream (streams), this receiving system further comprises a conditional access subsystem that can perform the method according to the invention.

The receiver system may contain one integrated receiver/decoder, such as subscriber device (set-top box to the TV), programmed to perform the method according to the invention. Alternatively, it may contain a combination of block receiver/decoder with smart card, with a conditional access module or with a conditional access module, and intellectually the second card. The method may be performed or smart card, or the conditional access module, or both together, depending on the specific configuration.

The most viable option for the implementation of the receiving system is one in which the receiver comprises at least one additional tuner and it is configured for the simultaneous extraction of multiple software transport streams from digital transport streams of information that are transferred signals with different frequencies.

In this embodiment, the operator of the receiving system can actually decrypt two software transport stream simultaneously and completely independently from each other, if the conditional access subsystem allows parallel decryption, as it is not limited to two software traffic flows in the same digital transport stream.

According to another aspect of the invention provides a portable security device that contains the conditional access subsystem for use in a reception system according to the invention, in which the conditional access subsystem may perform the method according to the invention.

The term "portable device" refers to a single device with special features to make the device physically protected otmechatsja, and/or security features implemented in the software that make difficult or impossible to retrieve the information stored in the device. It may be a smart card or any other device - based circuit, or an object with similar functionality and performance, with, for example, a microprocessor and a storage device. It may include devices other than the fee, for example, the key transponder. It can also include devices equipped with a interface specification PCMCIA (specification of the international Association of manufacturers of memory cards for personal computers IBM PC). Portable protection device, such as smart card or the conditional access module may be distributed by the system operator authorization of subscribers. Especially when the portable protection device is used together with the universal receiver with more than one tuner, the system operator authorization subscribers can still control the amount of program transport streams, which are decrypted at the same time.

According to the last aspect of the invention provides a computer program for execution in the receiving system according to the invention, which when executed in the me system allows the conditional access subsystem to perform the method according to the invention.

LIST of FIGURES

The invention will be explained in more detail with reference to the accompanying drawings, in which:

figure 1 - schematic representation of a variant of implementation of the receiving system according to the invention,

figure 2 - sequence of operations variant of the method according to the invention.

DETAILED DESCRIPTION

The receiver system includes a receiver 1. The receiver 1 is presented in the form of subscriber devices (consoles to the TV), but the invention may also be implemented in the form of receiving systems containing digital TV with the integrated functionality of conditional access in the reception system containing an external TV receiver for personal computer, or in a reception system containing personal computer with an installed expansion card - television receiver. Although the diagram in figure 1 represents the receiving system consisting of many components, they need not be implemented as discrete components. Several components can be integrated into a single chip, as is well known in the prior art.

The receiver receives a broadcast signal through the input 2 of the broadcast signal. The broadcast signal may be received via terrestrial, satellite or cable prophetic is s, for example, according to one of the standards for digital television (DVB) (for example, standards of the European broadcasting Union EN 300 421, 300 429, 300 744, 300 748, 300 749). The broadcast signal covers a range of frequencies within which the carrier signals of different frequencies can be distinguished. Each carrier signal transfers the transport stream MPEG-2. The transport stream contains MPEG multiplex transmission of a variety of software and traffic flows, which together form the so-called "bouquet" (group of threads). Every program transport stream contains a multiplex transmission elementary streams of the program (for example, audio data, video data and other data)that share a common scale along the time axis. The software transport stream or separate elementary streams of the program constituting the software transport stream is encrypted using a key that change every 10 seconds or so. The message flow access control transmit each of the software transport stream. Messages access control contain encrypted keys used for encryption of the associated software transport stream and which were separately encrypted.

The receiver 1 includes the first block 3 configuration and the second block 4 settings. Thus, the receiver can odnovremennoubezhdaet on two different carrier signal within the broadcast signal. The advantage is the ability to accept and software to decode transport streams from various "bouquets" at the same time.

The first demodulator 5 extracts the first software transport stream containing the associated message flow conditional access (UD)from the carrier signal, which is configured of the first block 3 settings. The second demodulator 6 extracts the second software transport stream with an associated message flow UD from the carrier signal, which is configured of the second block 4 settings. The controller 7 receiver sends the extracted bit streams to other components of the receiving system.

In the shown embodiment, the receiver system includes an interface tool (pair) 8 between the receiver and a conditional access subsystem. Subsystem conditional access module contains 9 conditional access, is inserted in the slot (seat) in the receiver 1 and the smart card 10 inserted in the module 9 conditional access. The receiver system includes an interface to associate the connection with the conditional access subsystem. In this example, the receiver system includes an interface 8, for example, the interface specification PCMCIA between receiver 1 and module 9 conditional access. The receiver system further comprises an interface between the conditional access module and smart card 1. In the example which will be described smart card 10 is configured to perform the method of the invention.

The configuration other than the configuration shown in figure 1, are also possible within the scope of the invention. For example, the conditional access subsystem may be implemented in software in the receiver 1, and lacks a removable security module, such as module 9 conditional access or smart card 10. In this case, the method according to the invention is performed in the receiver. In another embodiment, smart card 10 performs the method according to the invention, but it is inserted directly into the reader, smart card contained in the receiver 1. In yet another embodiment, the conditional access subsystem contains only module 9 conditional access, which performs the method according to the invention do not use the smart card 10. Potentially there is another variant implementation, in which the module 9 and conditional access smart card 10 together carry out the method according to the invention, as will also be explained below.

In the example of figure 1, the data stream containing at least one of the two traffic flows extracted software and ECM messages for two different program transport streams, prog is the CIO through the interface 8 between the receiver 1 and module 9 conditional access. Module 9 conditional access contains a decoder 12, which can decrypt software traffic flows, using an appropriate control words and messages ECM, using the key, and control words, and the key he needs to receive from the smart card 10. Module 13 filter module conditional access filters out messages UD from a received data stream and forms them into an ordered sequence of messages that are delivered to the smart card 10. Thus, the conditional access subsystem contains a module for receiving a sequence of messages, each message is associated with one of the many different program transport streams. Each message represents a request to return information to allow the decryption decoder 12 in the receiving system associated software transport stream. Information may be either a control word that allows you to decrypt the elementary streams of the program, or the key to decrypt one or more messages access control. In all cases, the smart card 10 checks the set of access parameters permanently stored in the smart card 10 or passed messages access permissions (EMM), to determine whether the message is associated with the TS transport stream, to which the user of the receiving system is authorized to access. However, instead of performing all requests for control words that allow access to program transport streams to which the user is allowed access, the invention provides a radio or broadcaster (GPB) to control the amount of program transport streams that designerour at the same time, even though the subscriber, essentially, in principle, has the right to apply to each of them. With this purpose, analyze the characteristics of the sequence of messages sent to the smart card 10.

In the described embodiment, smart card 10 includes an integrated circuit 14 that contains the processor, memory, and electrically erasable programmable permanent memory (EEPROM EEPROM)that stores computer program code that enables smart card 10 to perform the method according to the invention.

Smart card 10 includes an analysis module, embodied, for example, in the code of a computer program, to determine whether associated received her message with many different encrypted software traffic flows. The module can be implemented in a variety of ways.

In the first embodiment of the invention, the analysis module calculates the mn is an increase in the time interval between successive messages. This analysis uses the fact that the control word used to encrypt the software transport stream or messages ECM, change at regular intervals, for example every 10 seconds. If you send messages that are associated with more than one software transport stream, the frequency with which messages are sent smart card 10, is increased. To provide the capability of determining the value of the time interval, the receiver system includes a real time clock (not shown). Real-time clock can be in the receiver 1 or module 9 conditional access, in this case, the smart card 10 must request time. Real-time clock can also be contained directly in the smart card 10.

In a preferred variant of the first variant implementation, messages sent to smart card 10, contain the information representing the time interval between two consecutive messages associated with the same encrypted transport stream. The analysis module is configured to extract this information from the received messages, and to compare these time intervals between consecutive messages that define using the real-time clock based on the extracted information. This option is NT has the advantage of functioning in those cases, when messages ECM associated with different program transport streams are sent at different frequencies. It also allows the broadcaster to change the frequency with which it sends messages ECM, without requiring modifications in the module analysis.

In another embodiment of the first variant of implementation, the analysis module maintains a table that contains a set of previously defined values of the time interval between successive messages. The analysis module is configured to compare a certain interval of time between two received messages, at least one value derived from previously defined time intervals stored in the table. Thus, the analysis module analyzes the contents of the table, for example, to determine the average frequency with which a message arrives, or to detect some combination, for example, an irregular sequence of time intervals between successive ones you receive. Consider the case in which messages ECM software for the first transport stream is sent every 10 seconds, and for the second program transport stream is sent every 20 seconds. In this case, a possible sequence of time intervals between messages, adopted in the conditional access subsystem may be this: 10 C - 1 C - 9 C - 10 C - 1 C - 9 C -, and so In this embodiment the analysis module provides a set of rules, giving him the opportunity to discover combinations of time intervals between messages, which are indicative of the sequence of messages associated with multiple software transport stream.

In another embodiment of the invention, which can be combined with the above-described variants of the invention, each message received smart card 10 contains the channel ID. The channel ID identifies the encrypted software transport stream associated with the message. The analysis module analyzes the characteristics of the sequence of received messages through their channel IDs.

In one embodiment, shown in figure 2, ID (ID, ID) channel of each received message is compared with the previously accepted by the channel ID. This implementation will be described in more detail below.

In another embodiment, the analysis module configured to populate the table consistently accepted values of the channel ID for searching at least one predefined type combinations in the table. This implementation has the advantage that it is able to conduct R is slice between the case, when the sequence of received identifiers of channel changes due to a user selects a different program transport streams for decryption, and the case where it changes due to attempts to decrypt multiple program transport streams simultaneously.

Assume that the program transport streams have value channel ID 1, 2, 3, 4, etc. Sequence of values of the channel ID in the table is 1-1-1-1-1-1-1-...if the smart card 18 will only accept requests for control words, allow to decrypt one of the software transport stream. If the viewer sometimes switch to other program transport stream, and then returns to the previous thread, the pattern will look something like this: 1-1-1-2-2-2-1-1-.... If the viewer quickly switched through the channels, stopping for a few seconds on each channel, then the sequence will be: 1-1-2-2-3-3-4-4-.... Attempt to decrypt the software transport streams 1 and 2 at the same time can lead to a sequence of values of channel ID: 1-2-1-2-1-2.... In this embodiment of the invention, this type of combination corresponds to a predetermined type of combination that the analysis module is programmed to recognize.

Regardless of the type of Ana is iza, used to detect attempts to decrypt several different program transport streams simultaneously, at least one of the requests on the return control word will be rejected smart card 18, if it detects such an attempt.

In one embodiment, smart card may be programmed so that it rejected all requests, if it detects an attempt to decrypt more than the permitted number of transport streams. This effectively disables the receiving system.

In another embodiment, the channel IDs to take it with each message, and the value channel ID identifies the encrypted software transport stream associated with the message. The conditional access subsystem limits the amount of program transport streams that can be simultaneously decoded, returning information, that is, control words, allow decryption only program transport streams in a set of limited size. In this embodiment, set with a limited number of values of the channel ID. The conditional access subsystem performs only the requests submitted by message ID Cana is a, which is in this set. All other requests are rejected. The advantage of this alternative implementation is that it can be used by the broadcaster to resolve the preset number of program transport streams that the subscriber has the right to decrypt completely. In other words, completely rejected not only the decryption software traffic flows, channel IDs which are not in the above set, but also fully permitted decryption software traffic flows, channel IDs which are mentioned in the set. Thus, the broadcaster may determine that the subscriber is allowed to decrypt the three software transport stream at the same time, but no more.

In an advantageous embodiment, the set size, i.e. the number of transport streams that can be decoded simultaneously, determine from the information contained in the smart card 10 or the access-accept message, adopted by the admissions system. Thus, the broadcaster may surcharge to increase the number of authorized software transport stream.

As mentioned, figure 2 shows another variant embodiment of the invention, in which the channel IDs are used to detect the pursued attempts to simultaneously decrypt multiple program transport streams. In this embodiment, each message received smart card 10, further comprises a timestamp representing a time value. The timestamp can be placed in the ECM by the broadcaster or receiver 1 can add a timestamp to the ECM at the reception. If the timestamp in the message, adopted by the conditional access subsystem, remove from the timestamp contained in the message to access the associated software transport stream, adopted by the admissions system, it has the advantage that it is impossible to mislead the smart card through the provision of the transfer sequence of delayed messages.

In the embodiment of figure 2 the invention is used for the resolution of the receiving system at the same time to decrypt a certain number (three in this example) program transport streams to which the subscriber is allowed access. The analysis module in the subsystem conditional access support table 15, containing many records, each record contains the value of the channel identifier and the timestamp value.

After receiving the message, extract the timestamp values and channel ID contained in the message. The analysis module compares the extracted time stamps with each of the stored time values. E. what if the smallest difference between the extracted timestamp value and the stored value of the time less than some time interval is free switching, the extracted values of the channel ID and timestamp retain in table 15, replacing the value of the account that was used to determine the smallest difference time values.

If the difference between the extracted timestamp value and each of the time values stored in the table 15, exceeds the value of the time interval of free switching, but less than a certain value of the lockout period, the analysis module compares the extracted value of the channel identifier with each of the ID values in table 15. Only if the extracted value of the channel identifier matches one of the values of the channel ID in the set of values of the channel identifier stored in the table 15, the desired control word is returned to smart card 10. Otherwise, reject the request, presents the message, from which was taken the value of the channel identifier, that is, the requested information is not returned. In this case, the receiving system is in lock mode channel: can desirous only the channels identified in table 15.

Lock channel for each of these (three) entries in table 15 continues for some period of lock. If the time difference between the extracted from the timestamp value and one of the time values in the table exceeds the value of the lockout period, the corresponding entry in table 15 substitute value channel ID and the value of the timestamp extracted from the received message, and the smart card 10 returns control word, which prompted with this message.

Shown in figure 2 an implementation option has the advantage that the analysis of the sequence of messages is quite simple. If the table 15 contains only one entry, then the received value channel ID is compared only with the previously adopted value channel ID. Resulting from the use of interval time switch and lockout period is the ability to switch channels, which would otherwise be impossible if the received value channel ID always corresponded to the previously accepted value channel ID. For example, a typical time interval is free switching can be two minutes, and the value of the lockout period is equal to 20 seconds.

The invention is particularly applicable to such receiving systems, as the receiver system shown in figure 1. The receiver includes a memory 16 on the hard discs of one of the received software traffic flows and the corresponding ECM. While one of the software transport streams recorded, the contents of the other can is to be shown on TV (not shown). To this end, the decoder 12 decodes the messages ECM, EMM and software transport stream, subject to screening, but also messages ECM software transport stream to be recorded. The latter is necessary because the information necessary for playback of the recorded stream should be removed from the ECM messages when you receive a software transport stream. Thus, in this embodiment, it should be possible to decrypt all or part of two encrypted software transport streams received by the receiver 1, but not more. At least elementary streams (video, audio or other data) of one of the encrypted software transport streams recorded on the memory 16 on the hard disk in encrypted form, together with the encrypted control words, enabling them to decrypt the recorded data during playback. Additionally, other software decode transport stream decoder 12, using information downloaded from the smart card 10. The decrypted software transport stream demultiplexer in the demultiplexer 17, which rejects any different program elementary streams (video, audio, and other data)contained in the software transport stream. VI is adecoder 18 decompresses and decodes the elementary stream, providing a transfer signal on output 19. Audio decoder audio 20 decompresses and decodes the elementary stream, ensuring the accompanying audio signal to an audio output 21.

It should be understood that the invention is not limited to the above-described variants of implementation, which may be modified within the scope defined by the attached claims. In particular, each method that can be used by the analysis module to detect simultaneous decryption of many software transport streams may be combined with any of these options. In addition, possible ways of implementation, in which the module 9 conditional access processes requests submitted through messages access control, and sends only messages access control, in response to which should be provided for transmission of the control word to the smart card 10. In fact, the module 9 performs conditional access method according to the invention, by selecting the queries that need to run, and the requested information is generated smart card 10.

1. The method of controlling the decryption of a variety of software transport streams received by the admissions system, the method contains the steps that take a sequence of message the deposits of the subsystem (9, 10) conditional access contained in the above-mentioned reception system, each message is associated with one of multiple encrypted software traffic flow and represents a request to return information from the subsystem (9, 10) conditional access in at least one decrypting module (12)to allow the decryption of the associated encrypted transport stream referred to at least one decrypting module (12) in the receiving system, determine whether associated messages received within a certain interval, with many different encrypted software and traffic flows, and reject at least one of the requests submitted messages adopted in some interval, if the number of different encrypted software transport streams with which associated these messages exceeds a predetermined amount.

2. The method according to claim 1, wherein determine whether associated messages received within a certain interval, with many different encrypted software traffic flows, analyzing the characteristics of the sequence of received messages.

3. The method according to claim 2, containing phase, which determines the time interval between two received messages.

4. The method according to claim 3, in which each message sod is RIT information representing the time interval between two messages associated with the same encrypted software transport stream, this method comprises a stage on which to compare this information with a certain time interval.

5. The method according to claim 3, comprising stages that support a table that contains a set of previously defined values of the time interval between successive messages, and compare a specific time interval at least one value retrieved from a table that contains pre-defined time intervals.

6. The method according to claim 2, comprising stages, which are the channel IDs with each message, and the value channel ID identifies the encrypted software transport stream associated with the message, and analyze the characteristics of the sequence of received messages through their channel IDs.

7. The method according to claim 6, comprising stages, which fill the table consistently accepted values of the channel ID and searches for at least one predefined type combinations in the table.

8. The method according to any one of claims 1 to 7, containing the phase in which the accept channel IDs with each message, and the value of the ID of the channel which identifies the encrypted software transport stream, associated with the message, and the subsystem (9, 10) conditional access limits the number of transport streams that can be decoded by returning information to allow decryption only program transport streams in a set of limited size.

9. The method according to claim 8, in which the subsystem (9, 10) conditional access determines the size of the set of program transport streams based on the information contained in the message access adopted by the admissions system.

10. The method of claim 8 in which each of the messages received by the subsystem (9, 10) conditional access, contains the encrypted control words, and the subsystem (9, 10) conditional access decrypts and returns at least these control words.

11. The method according to claim 8, in which each message contains a timestamp that represents the time value, this method comprises a stage on which to compare the time value in a received message with a previously stored time value, and the subsystem (9,10) conditional access limits the number of transport streams that can be decrypted only if the measured time exceeds a time interval of free switching.

12. The method according to claim 11, in which the previously stored value remeniscent time value in a received message, if the measured time exceeds a particular value of the lockout period.

13. The receiver system containing the receiver (1), which contains at least one unit (3, 4) configuration for receiving the signal carrying digital traffic information, and at least one demodulator (5, 6) to extract a variety of software transport streams from a received digital transport stream (flow) information, in this case, the receiver system further comprises a subsystem (9, 10) conditional access, which can perform the method according to any one of claims 1 to 12.

14. The receiver system according to item 13, in which the receiver (1) comprises at least one additional block (3, 4) configure the receiver (1) is configured for the simultaneous extraction of multiple software transport streams from digital transport streams of information that are transferred signals with different frequencies.

15. A portable device (9, 10) for controlling decryption of many software transport streams received by the admissions system according to item 13 or 14, containing the conditional access subsystem for use in the above-mentioned receiving system and the conditional access subsystem capable of performing the method according to any one of claims 1 to 12.

16. The conditional access subsystem, implemented by the processor of the receiving system, optionally with the containing a series of receiver (1), which contains at least one unit (3, 4) configuration for receiving the signal carrying digital traffic information, and at least one demodulator (5, 6) to extract the set of encrypted software traffic flows and message from a received digital transport stream information, and each message is associated with one of multiple encrypted software traffic flow and represents a request to return information to allow the decryption of the associated encrypted transport stream, and the conditional access subsystem is configured to determine whether associated messages received within a certain interval, with many different encrypted software traffic flows; reject at least one of the queries submitted by the messages, adopted referred to in some interval, if the number of different encrypted software transport streams with which associated these messages exceeds a predetermined amount.



 

Same patents:

FIELD: information technology.

SUBSTANCE: decoder and subscription television data control system proposed contain at least two decoders, each of those is connected to at least one removable protective module. The protection is realised using identification data, contained in the decoder and protective module indicated. Besides, each of the decoders contains a descrambler and subscription television data processing deactivation units. Each decoder also contains a counter, which influences the deactivation units mentioned. Besides, at least one of the removable protective modules is assigned as primary and therefore contains decoder counter reinitialisation units.

EFFECT: provision of capability to regulate decoder operation time and to adjust operation parameters at any time using protective module.

19 cl, 13 dwg

FIELD: information encryption.

SUBSTANCE: system contains an encrypted data broadcasting centre, at least one control centre, a terminal device, a decoder located between the encrypted data broadcasting centre and the terminal device, the decoder includes an encrypted data reception and decryption module and a data access authority control module; the data access authority control module contains a protection module.

EFFECT: provision of system allowing to simplify access authority control at broadcasting centre level and ensuring optimal data security.

12 cl, 2 dwg

FIELD: receivers/decoders of services, provided with certain conditions, in particular in a system for accessing an encrypted data stream, priced per time unit.

SUBSTANCE: system contains control center (2), which transmits a data stream through a broadcasting channel, encrypted by means of control words, which are included in composition of access control messages, and meant for receipt by at least one user device (1), connected to safety block (3), having unique address and containing credit, which is reduced with purchase of products or consumption of data stream, where safety block (3) is provided with means for reducing credit for value, dependent on product, or for value, dependent on duration of access to data stream, where aforementioned values and/or duration are determined in access control messages or in conditional access messages, and system contains means, made independent from user device (1), for transmitting identifier, representing a unique number, and price code which indicates size of credit subject to load, in control center (2), and control center (2) additionally contains devices for receipt and verification of price code and for transmission of an encrypted message through broadcasting channel, having a unique address, corresponding to identifier, and giving a command to the safety block (3) to load the credit in defined amount.

EFFECT: development of a new approach to provision of access to paid television for broad clientele, substantially reduced subscriber management related costs.

5 cl, 1 dwg

FIELD: receivers/decoders of services, provided in conditional access mode, in particular, receivers having storage block (memorization device), such as a hard drive.

SUBSTANCE: method is claimed for storing an event, encrypted with usage of at least one control word (CW) in receiver/decoder (STB), connected to safety block (SC), where at least one control word and access privileges for aforementioned event are contained in access control messages (ECM-messages), method includes following operations: recording of encrypted event, and also of at least one ECM-message in storage block; transmission of at least one ECM-message into safety block (SC), verification of the fact that safety block (SC) contains access privileges for aforementioned event, generation of receipt (Q), which contains data related to management of event in reproduction mode, where receipt (Q) contains signature (SGN), generated on basis of the whole ECM-message or its part with usage of secret key (K) contained in safety block (SC) and specific for every safety block, where during later consumption of event the authenticity of the receipt (Q) is verified in prioritized manner compared to conventional access privileges, stored in safety block (SC), storage of aforementioned receipt (Q) in storage block.

EFFECT: provision of method for storing an event.

6 cl, 3 dwg

FIELD: cryptographic protocols, in particular, efficient encoding at content level.

SUBSTANCE: method is provided for generation of digital data with cryptographic protection, encoding content and composed into messages. Encoding of at least a part of the message is performed and encoded messages are provided in form of output signal in format, allowing the interface of server service to compose a message in form of at least one packet, including at least one header and useful load, where at least one header includes information, which allows the service interface in the client to assemble each message for decoding application using useful load of packets. Each message is divided onto the first and at least one additional section of the message. At least one of the message sections is encoded in such a way that it may be decoded independently from other message sections. Assembly of encrypted message is performed by addition of resynchronization marker, separating the message section from adjacent message section and including precise information about synchronization, at least for additional sections of the message.

EFFECT: synchronized decoding process in case of data loss.

14 cl, 8 dwg

FIELD: copy/access protection.

SUBSTANCE: audio/video stream processing system includes module for inputting audio/video stream, which receives audio/video stream, containing field of information about audio/video content, including first copy control information, and audio/video content field, including second copy control information; reading module which extracts first and second copy control information from received audio/video stream and determines whether first copy control information is modified; and module for decoding audio/video stream, which processes received audio/video stream in accordance to predetermined criteria, if first copy control information is modified.

EFFECT: protection of content, prevented unsanctioned processing of content.

15 cl, 8 dwg

FIELD: engineering of systems for loading and reproducing protective unit of content.

SUBSTANCE: in accordance to invention, in receiving device 110 for protected preservation of unit 102 of content on carrier 111 of information unit 102 of content is stored in protected format and has associated license file, file 141 of license being encrypted with usage of open key, associated with a group of reproduction devices 120,121, and, thus, each reproduction device 121 in group can decrypt file 141 of license and reproduce unit 102 of content, and devices not belonging to group can not do that, while device 121 for reproduction may provide the open key, specific for given device, to system for controlling content distribution, and then system for controlling content distribution returns secret key for group, encrypted with open key of device 121 for reproduction, after that device 121 of reproduction by protected method receives secret key of group and may decrypt file 141 of license.

EFFECT: creation of system for loading and reproducing protected unit of content, making it possible to constantly control usage of unit of content.

3 cl, 4 dwg

FIELD: digital audio and video technologies.

SUBSTANCE: device for storing information is made with possible receipt of data carrier, decoder is made with possible receipt of compressed encoded signals from data carrier and transmitting signals to decrypter. Decrypter is made with possible decryption of compressed encoded data encrypted data and transmitting these to decompressor. Decompressor is made with possible receipt of compressed encoded signals from decrypter and decompression of compressed encoded signals to reproduce the image.

EFFECT: higher precision, higher efficiency.

3 cl, 17 dwg

FIELD: broadcasting systems.

SUBSTANCE: method includes broadcasting of message, including text portion intended to reach user, while said message is transferred in form of conditional access message.

EFFECT: broader functional capabilities.

5 cl, 7 dwg

FIELD: television.

SUBSTANCE: device converts signals to digital video information. Compression device is made in such a way, that it receives digital video data, coming from source data generator, and compresses digital images. Encoding device receives compressed digital video data coming from compression device and encodes compressed digital video data. Recording device stores encoded compressed digital audio data at data carrier.

EFFECT: higher data transfer speed.

3 cl, 17 dwg

FIELD: electricity.

SUBSTANCE: invention is related to the field of electrical engineering, in particular, to borehole telemetering systems for transfer of signals between surface device and borehole instrument installed in borehole. Wired drill pipe is suggested for drilling stem of borehole instrument installed in borehole that penetrates geological layer. Wired drill pipe includes drill pipe, cable and wire holder. Drill pipe is provided with slot in its end. Slots are able to receive at least one transformer. Drill pipe has internal surface that forms channel for flow of borehole mud through it. Cable passes from transformer into channel of drill pipe. Wire holder is located on internal surface of drill pipe. Wire holder is intended for cable fixation in it.

EFFECT: reduction of probability of electric faults and/or failures because of proper contact between neighbouring pipes.

37 cl, 51 dwg

FIELD: communications.

SUBSTANCE: in different types of broadcasts, with different levels of coverage in a wireless broadcast network, each base station processes data for global transmission in accordance with the first mode (or coding and modulation scheme) for generating data symbols for global transmission and processes data for local transmission in accordance with the second mode for generating data symbols for local transmission. The first and second modes are selected based on the desired coverage for the global and local transmission, respectively. The base station also generates control signals and additional service information for local and global transmission. Data, control signals and additional service information for local and global transmission are multiplexed in their transmission intervals, which can be different sets of frequency sub-ranges, time segments or different groups of sub-ranges in different time segments. More than two types of transmissions can also be multiplexed and transmitted.

EFFECT: design of a wireless broadcast network, which can efficiently transmit different types of information with various fields of coverage.

59 cl, 13 dwg

FIELD: technology for simultaneous broadcasting radio-transmission of signals with analog modulation and of digital transmission signals.

SUBSTANCE: in accordance to the invention, amplitude-modulated signal of simultaneous broadcasting radio-transmission, which incorporates digital transmission signal and analog transmission signal in one transmission channel, is characterized by the fact that one side band of carrier of signal of simultaneous broadcasting transmission is modulated by digital transmission signal, and another band is modulated by correcting signal, which ensures provision of analog transmission signal of waveform envelope for demodulation. Generator of amplitude-modulated signal is intended to be used for generation and transmission of aforementioned signals.

EFFECT: creation of method for simultaneous transmission of digital and analog signals through a single channel.

4 cl, 2 dwg

FIELD: technology for simultaneous broadcasting radio-transmission of signals with analog modulation and of digital transmission signals.

SUBSTANCE: in accordance to the invention, amplitude-modulated signal of simultaneous broadcasting radio-transmission, which incorporates digital transmission signal and analog transmission signal in one transmission channel, is characterized by the fact that one side band of carrier of signal of simultaneous broadcasting transmission is modulated by digital transmission signal, and another band is modulated by correcting signal, which ensures provision of analog transmission signal of waveform envelope for demodulation. Generator of amplitude-modulated signal is intended to be used for generation and transmission of aforementioned signals.

EFFECT: creation of method for simultaneous transmission of digital and analog signals through a single channel.

4 cl, 2 dwg

FIELD: communications.

SUBSTANCE: in different types of broadcasts, with different levels of coverage in a wireless broadcast network, each base station processes data for global transmission in accordance with the first mode (or coding and modulation scheme) for generating data symbols for global transmission and processes data for local transmission in accordance with the second mode for generating data symbols for local transmission. The first and second modes are selected based on the desired coverage for the global and local transmission, respectively. The base station also generates control signals and additional service information for local and global transmission. Data, control signals and additional service information for local and global transmission are multiplexed in their transmission intervals, which can be different sets of frequency sub-ranges, time segments or different groups of sub-ranges in different time segments. More than two types of transmissions can also be multiplexed and transmitted.

EFFECT: design of a wireless broadcast network, which can efficiently transmit different types of information with various fields of coverage.

59 cl, 13 dwg

FIELD: electricity.

SUBSTANCE: invention is related to the field of electrical engineering, in particular, to borehole telemetering systems for transfer of signals between surface device and borehole instrument installed in borehole. Wired drill pipe is suggested for drilling stem of borehole instrument installed in borehole that penetrates geological layer. Wired drill pipe includes drill pipe, cable and wire holder. Drill pipe is provided with slot in its end. Slots are able to receive at least one transformer. Drill pipe has internal surface that forms channel for flow of borehole mud through it. Cable passes from transformer into channel of drill pipe. Wire holder is located on internal surface of drill pipe. Wire holder is intended for cable fixation in it.

EFFECT: reduction of probability of electric faults and/or failures because of proper contact between neighbouring pipes.

37 cl, 51 dwg

FIELD: information technologies.

SUBSTANCE: invention refers to method of control of decoding of program traffic set received by receiving system. Method of control of decoding of program traffic set received by receiving system implying that sequence of messages is received in conventional access subsystem (9, 10) comprising the specified receiving system, and each message is associated with one of coded program traffic set and represents information return enabling decoding of associated coded traffic by at least one decoding module (12) within receiving system. It is detected whether messages received within certain interval are associated with various coded program traffic set, and at least one of requests presented by messages received within certain interval is rejected, if number of various coded program traffics with which these messages are associated, exceeds preset value.

EFFECT: creation of receiving system, portable protector which enables program traffic provider to control program traffic set to which user of receiving system simultaneously addresses.

16 cl, 2 dwg

FIELD: physics; communications.

SUBSTANCE: preferred variant of this method involves reception of first data on first broadcast channel in receiver, playback of the first data, reception of second data on second broadcast channel in the receiver and storage of the segment of received second data, if the second data are received during playback of the first data. The stored segment is played back after playing back at least, part of the first data and the received second data are played back after playback of the stored segment, where the playback speed of the stored segment is different from the playback speed of the received second data.

EFFECT: possibility of simultaneous reception data broadcast from two or more broadcast channels for playback or storage.

53 cl, 18 dwg

FIELD: information technologies.

SUBSTANCE: in broadcasting medium that contains broadcasting network and terminal, broadcasting network has object of Broadcasting Service Application (BSA), object of Broadcasting Service Distribution (BSD) and object of Broadcasting Service Management (BSM), at that method of interobject connection comprises performance of registration process by terminal for obtainment of group key for terminal on completion of registration process, performance of process by terminal for connection to service for request of connection to service, and reception of Rights Object by terminal in respect of content from message, which is received in response to request, on the basis of received group key, obtainment of traffic key with application of RO, if message is accepted with traffic key on completion of process of connection to service, reception of coded content in terminal, and decoding of coded content with application of traffic key.

EFFECT: provision of content protection in broadcasting medium in interobject connection system.

35 cl, 11 dwg

FIELD: physics, computer technology.

SUBSTANCE: invention refers to the sphere of digital television immediately dealing with systems providing for update of digital television receiver software. The proposed method of digital television receiver software update envisages the following: service software multiplexing into a traffic flow under a protocol pre-defined; retrieval of the service software data from the traffic flow by the digital television receiver and data storage; resetting the digital television receiver to enable receipt of the opposite side interface function addresses by the software of the digital television receiver and the service software; updating (via the software of the digital television receiver and the service software and in accordance with the addresses to have been retrieved) the default function addresses of the service software interface and the digital television receiver software.

EFFECT: independent update of service software whenever required without the digital television service provider having to particularly update terminal software.

10 cl, 4 dwg

FIELD: physics, communication.

SUBSTANCE: invention is related to transmission of information in global distribution network, such as Internet. Method for sending of information to target mobile station in anticipation mode includes definition of whether information should be sent in the form of short data batches (SDB) messages, and information sending in the form of SDB not waiting for reset of traffic channel.

EFFECT: development of mechanism for determination of messages to be transmitted in the form of SDB, so that no time-sensitive messages are delayed.

24 cl, 12 dwg

Up!