Method of interobject connection, device and system for content protection

FIELD: information technologies.

SUBSTANCE: in broadcasting medium that contains broadcasting network and terminal, broadcasting network has object of Broadcasting Service Application (BSA), object of Broadcasting Service Distribution (BSD) and object of Broadcasting Service Management (BSM), at that method of interobject connection comprises performance of registration process by terminal for obtainment of group key for terminal on completion of registration process, performance of process by terminal for connection to service for request of connection to service, and reception of Rights Object by terminal in respect of content from message, which is received in response to request, on the basis of received group key, obtainment of traffic key with application of RO, if message is accepted with traffic key on completion of process of connection to service, reception of coded content in terminal, and decoding of coded content with application of traffic key.

EFFECT: provision of content protection in broadcasting medium in interobject connection system.

35 cl, 11 dwg

 

The level of technology

The technical field to which the invention relates

The present invention relates to a method of interobjective connection device interobjective connection and system interobjective connection to protect the contents in the broadcasting environment.

Prior art

Basically, the service broadcasting refers to the scheme of service, at which, if the server Manager service broadcasting, transmits the encrypted service, then encrypting the service can take many terminals.

Currently, a large number of broadcasting services vary from free services to paid services (for example, services with pay-per-view). Because of the need to provide technology copyright protection to prevent indiscriminate reproduction and distribution of content (e.g., digital content) was introduced technology of Digital Rights Management (DRM DRM), using a Rights Object (RO, OP) user.

Content provided from a service provider, protect, as depicted in figure 1, which is a diagram illustrating the configuration of a conventional General DRM system. The DRM is a standard security technology to protect the contents and provisions of the right-use the encrypted content. Device and/or system that is sportsouth DRM technology, include terminal 3, which reproduces the content using RO and the Rights Issue (RI, SVP), which may create and issue RO determining usage rights for content, etc. That RI belongs to the provider 5 service.

Terminal 3 establishes a secure channel through the authentication procedure with RI and captures RO over the established channel. At this time, since RO decode by DRM may prevent use of the content without authorization. That is, the media information contained in the encrypted content may not be reproduced before the encrypted content is decrypted and executed by the DRM technology through this RO.

Conventional methods of content protection perform the authentication procedure between the service provider and only one terminal. In addition, the associated standard in the mobile communication environment contains the DRM v2.0 Public Associations for Mobile Communications (OMA, OOMS), which is used by content providers to determine how content can be used. But not yet proposed a specific standard relating to the protection of content to multiple terminals using service broadcasting in a mobile communication environment.

In addition, although in the networks of the partnership project third paragraph is colene (3GPP), 3GPP2 and so on, there are several ways of protecting contents in the broadcasting environment, these methods protect the contents depend on the networks in which they are used (e.g., a 3GPP network and so on).

As stated above, conventional methods of content protection based on the existing 3GPP network, and have not yet been proposed detailed methods on how the objects participating in the network broadcasting act to protect digital content.

Disclosure of invention

Accordingly, the present invention was made to solve at least the above-mentioned problems occurring in the prior art, and the present invention is the provision of a method of interobjective connection device interobjective connection and system interobjective connection to protect the contents in the broadcasting environment.

To perform this task in accordance with one aspect of the present invention is provided a method of interobjective connection to protect the contents in the broadcasting environment containing network broadcasting and the terminal, the network broadcasting has Application Services Broadcasting (BSA, PUSH), Distribution Services Broadcasting (BSD, RUSH) and Management Service Broadcasting (BSM, OUCH), the method of interobjective connection contains the implementation of the terminal registration process to obtain hruppovoho key to the terminal; after completing the registration process execution terminal connection process to a service to connect to the desired service and the reception terminal of a Rights Object (RO) in relation to the content of the messages, which take in response to the request based on the received group key; a key traffic using RO, if you receive the message key traffic after completion of the process of connecting to the service; receiving the encrypted content to the terminal; and decrypting the encrypted content using the key traffic.

To perform this task in accordance with another aspect of the present invention is provided a method of interobjective connection to protect the contents in the broadcasting environment containing network broadcasting and the terminal, the network broadcasting contains Application Services Broadcasting (BSA), Distribution Services Broadcasting (BSD) and the Management Service Broadcasting (BSM), the method of interobjective connection contains a reception in the BSM the registration request from the terminal; transmitting from the BSM in the terminal, the reply message with respect to the registration that contains the group key in relation to the group to which the terminal belongs; receiving terminal group key from a received reply message with respect to the registration; request terminal for connection to the service; the formation and transmission through what redstem BSM messages containing a Rights Object (RO) in respect of the service to the terminal; a receiving terminal RO in respect of the service from a received message containing RO, using the group key; transmitting from BSM BSA in key traffic that is used to encrypt the content; receiving at the terminal the message with the key traffic; receiving terminal key traffic from the message with the key traffic using RO; reception in the BSA content from the content provider; encrypting the received content using the key traffic; transmitting the encrypted content to the terminal; and a decoding terminal encrypted content using the key traffic.

To perform this task in accordance with another aspect of the present invention provided with the system interobjective connection to protect the contents in the broadcasting environment, the system interobjective connection contains terminal; a service provider for rendering content and transmitting the generated content; Application Service Broadcasting (BSA) for sifrovania content using the key traffic and transmitting the encrypted content to the terminal through the Distribution of Broadcasting Services (BSD); Managing Service Broadcasting (BSM) for execution by the terminal registration process and process management connection to the service, and the message is key traffic containing the key traffic that is used to encrypt the content; BSD to receive messages from key traffic from BSM and transfer the received message with the key traffic in the terminal; and the terminal receives the key traffic using a Rights Object (RO) is obtained at the connection to the service, when you received the key message traffic, and decrypts the encrypted content using the obtained key traffic.

To achieve this task in accordance with another aspect of the present invention provided with the system interobjective connection to protect the contents in the broadcasting environment containing network broadcasting and the terminal, the network broadcasting has Application Services Broadcasting (BSA), Distribution Services Broadcasting (BSD) and the Management Service Broadcasting (BSM), the terminal interobjective connection contains a first component for receiving encrypted content stream from BSD; a second component for receiving encrypted content file and at least one encryption key from BSD; the third component to encrypt the encrypted content transmitted from BSD; a fourth component for transmission over at least one encryption key received from the BSM in the third component; the fourth component performs registration and the process of connecting to the service.

To perform even additional the objective in accordance with another aspect of the present invention is provided a terminal device interobjective connection to protect the contents in the broadcasting environment, containing network broadcasting and the terminal, the network broadcasting contains Application Services Broadcasting (BSA), Distribution Services Broadcasting (BSD) and the Management Service Broadcasting (BSM), the terminal device interobjective connection module contains Digital Rights Management (DRM) to control the registration, connection to the service and use of the content; a communication module for exchanging message with BSM and receive messages with a key encrypting traffic and services from BSD; and an authentication module to receive at least the encryption key by verifying a message that is received from the BSM or BSD.

Brief description of drawings

The above and other objectives, features and advantages of the present invention will be more apparent from the subsequent detailed description in conjunction with the attached drawings.

Figure 1 is a block diagram illustrating the configuration of a conventional DRM system.

Figure 2 is a block diagram illustrating the internal structure of the terminal in accordance with the present invention.

3 is a flowchart illustrating a method of protecting content channel broadcasting in accordance with the present invention.

Figure 4 is a precedence diagram illustrating the flow of messages transmitted/received according to the content protection scheme in the analog broadcasting in accordance with the present invention.

Figa-5F are diagrams illustrating the format of a message transmitted/received in accordance with the scheme of the protection services of the present invention.

6 is a precedence diagram illustrating the flow of messages transmitted/received according to the content protection scheme in bidirectional channel in accordance with the present invention.

A detailed description of the preferred options of the incarnation

Next will be described the preferred embodiments of the present invention according to the attached drawings. It should be noted that in the drawings, similar components are denoted by like reference positions. Also, in the subsequent description will be omitted in detailed description contained herein known functions and configurations in that case, if it can obscure the essence of the present invention.

The present invention is directed to a system and method to protect broadcast content against unauthorized use. More specifically, according to the present invention, the objects that make up the network broadcasting, interact with each other to protect broadcast content from unauthorized use and transmission of broadcast content to one or more receiving terminals. From this point of view, nastoyascheevremya enables the safe transfer services broadcast transmitted to the terminal, and its reproduction through transmission/reception and handling of relevant messages according to roles of the terminal and the corresponding objects.

Next will be described the terminal, in which this function is carried out according to figure 2, which is a block diagram illustrating the internal structure of the terminal according to the present invention. The terminal 50 includes application module 100, the module 110 DRM module 140 authentication module 170 safe storage module 180 communication module 190 UIMI/F (Interface Module User Identity, IMIP).

Application module 100 is a module, such as media player, and plays the decrypted content provided from the module 110 DRM. The module 110 DRM functions to control the registration, connect to the service and use the content.

The module 110 contains DRM module 115 controls the DRM module 120 registration module 125 rights management module 130 of the flow control key module 135 decrypt the content. Of them module 120 registration performs operations according to the registration procedure, the module 125 RMS controls the interpretation and use of the RO received when connecting to the service. The module 130 flow control key performs the decryption key traffic encrypted with usernum key in RO, and module 135 performs decryption decrypt the encrypted content using the key traffic. Module 115 management DRM controls the operation of these modules related to DRM.

The module 140 authentication controls the execution of the authentication Protocol between the subscriber identity module and the network, for example by a service provider, and creates and verifies the message using its submodules. The module 140 authentication includes the administrator 145 authentication to assume full implementation of the Protocol and management authentication function and submodules administrator 145 authentication. Submodules administrator 145 contain authentication module 150 encryption/decryption to perform encryption and decryption module 155 digital signatures to sign electronic signature and module 160 MAC (media Access, UDS) to perform the MAC operation.

The module 110 DRM module 140 will verify the authentication message with a response concerning the registration, which is received from the BSM 40 (for example, see figure 3) according to a variant implementation of the present invention, as will be described later, to obtain the group key, get RO from reply messages regarding the connection to the service, received from the BSM 40, using the group key, get clusterfile using RO, if the key message traffic is received from the BSD 30, and decodes the encrypted content transmitted from the BSD 30 using the obtained key traffic.

Module 180 communications is responsible for transmission/reception with the network. In particular, the module 180 communication functions for receiving messages from the network and to send the reply message in response to a received message. According to a variant implementation of the present invention, the module 180 connection receives a message from the BSD 30 on channel broadcasting. Also, according to the present invention, the module 180 may also choose to send and/or receive one or more messages and/or from the BSM 40 bidirectional channel and take the key message traffic and encrypted content from the BSD 30.

Module 170 safe storage stores the encryption key and so on, and the module 190 UIM interface handles communication with the subscriber identity module (UIM).

Next is the description of functional objects that perform the function of protecting the contents according to a preferred variant implementation of the present invention. As shown in figure 3, to protect the contents in the service broadcasts contain CC (shaper content) 10, BSA 20, BSD 30, BSM 40 and the terminal 50. CC 10 is a tool for creating content to create content and services. BSA (Application services to a Wide the broadcast) 20 represents the application using the system of broadcasting. BSD (Distribution Services Broadcasting) 30 provides distribution functions and security features services for broadcasting services. BSM (Management Service Broadcasting) 40 performs connection control service broadcasting. BSD 30 operates to generate service broadcasting in its detailed configuration and for providing the generated service broadcasting in the terminal 50. Accordingly, the terminal 50 receives service broadcasting provided from BSD 30, and plays content received from a broadcasting services. Through the delivery of broadcasting services in the terminal 50 through functional objects, the service becomes available to the terminal 50.

Next will describe the components that exist in the respective objects to protect the contents of the broadcast.

Component 22 Encryption of the Content Provider (CP-E, W-PS) encrypts and performs the broadcast content, and the component 42 Management-CP (CP-M, Y-PS) performs the creation of the encryption key, connection control, etc. Component 32 Flow Distribution (SD, RP) provides broadcasting of streaming content, and the component 34 Distribution File (FD) provides broadcast contents of a file containing the message encryption. Component 52 Client-SD(C) transmits an encrypted soda is one thread transferred from the component 32 SD, component 56 Decrypt-CP(D) to decrypt, and component 54 Client-FD(C) transmits an encrypted content file transmitted from the component 34 FD, component 56 CP-D to decrypt. Component 58 Client-CP(C) performs registration and connection with the component 42 CP-M Thus, the component 58 CP-C captures the encryption key used to decrypt the encrypted content, and transmits the encryption key into the component 56 CP-d Component 56 CP-D decrypts the encrypted content transmitted from the component 32 SD-C or component 54 FD-C, using the encryption key.

Now will be described a method of protecting content through the channel broadcasts or two-way channel according to figure 4, illustrating the method of securing the content in the channel broadcasting according to the present invention.

First, according to figure 4 and figure 5 will be described procedures for registering and connecting to the service terminal to protect the contents of the broadcast.

According to figure 4 the procedure of content protection begins at step 200 where the BSM 40 generates the Group key (GK, GK), the Service Key (SK, SK) and Key Traffic (TK, CT). The group key is an encryption key for the group to which the terminal 50, and the Service key is used to decrypt the encrypted Key Traffic. Key Proc. of the fika is used to encrypt the content for transmission to the terminal.

After that, at step 210, the terminal 50 to register with the BSM 40 transmits the request message to the registration component 42 CP-M BSM 40. At this time, as due to the characteristics of the channel broadcasting the terminal cannot transmit the message directly to BSM 40, it transmits the message to the BSM 40 through out-of-band scheme. An example of out-of-band scheme may include a scheme in which the terminal 50 transmits a request message for registration to the BSM 40 through a special tool, such as a PC. The format of the message with the registration request shown on figa. According figa the format of the message with the registration request contains a set of fields that correspond, respectively, ID-T, representing identification information of the terminal, and RND (1)representing information of random numbers, TS (1), representing the first time stamp and Sign_T representing the electronic signature of the terminal 50. Among others in the field Sign_T electronic signature terminal 50 sets the information terminal signs using its own encryption key, respectively, providing the opportunity recognition BSM 40 messages sent from a specific user. Electronic signature Sign_T is an optional field.

If from terminal 50 take this message with the registration request (as shown in figa), component 2 CP-M BSM 40 using a request message to register checks the terminal 50. At step 215 BSM 40 transmits to the component 34 FD BSD 30 in response to the message registration request message with a response concerning the registration, which contains the Group key (GK) corresponding to the group containing the terminal 50. At step 220, the component 34 FD BSD 30 transmits the response message with respect to the registration terminal 50. Is the response message regarding the registration has the format as illustrated in figv. On figv the response message regarding the registration contains information in which the group key was sirawan public key of the terminal 50. This information may be briefly expressed by the formula E(K, D). This formula represents the operation to encrypt the data (D) encryption key (K). Accordingly, the information in which the group key (GK) was sirawan public key PK_T terminal 50 can be expressed by the formula E (PK_T, GK). Here E is the encryption. After the broadcast reply message with respect to the registration message with the answer regarding the registration goes through a component 54 FD-C terminal 50. The terminal 50 checks the object that generated the message by verifying the electronic signature public key PK_T terminal 50, and verifies whether the message is a valid message. Registration is not possible if the terminal 50 fails when verify is the message. However, if the terminal 50 has a successful verification message, the reply message regarding registration can be obtained group key. The terminal 50 can receive the group key GK, which is an encryption key corresponding to the group of the subscriber, through the process S210 registration.

Meanwhile, if the registration is completed, the component 58 CP-C terminal 50 may send a connection request to the service component 42 CP-M BSM 40. Since the connection to the service corresponds to the process for obtaining the RO for the content, the terminal 50 may, at step 230 to transmit the request message to RO component 42 CP-M BSM 40. Even in this case, since the terminal 50 due to the characteristics of the channel broadcasts cannot send the message directly, the terminal 50 transmits a request message to RO component 42 CP-M BSM 40 using out-of-band scheme. Request message to RO has a format as illustrated in figs, which contains a field ID_SERVICE, representing the ID of the service to which to connect the terminal 50, ID_T, representing identification information of the terminal, RND(3), representing the third information of random numbers, TS (3), representing the third time stamp.

Component 42 CP-M BSM 40 in response to the request message to RO at step 235 generates an RO containing the pre-formed service key, and at step 240 transmits the response message regarding RO, which contains RO, the encrypted group key component 34 FD BSD 30. Then the component 34 FD BSD 30 at step 245 transmits the response message relative to RO, that is the response message about connecting to the service terminal 50, which has requested the connection to the service, through the channel of the broadcast. If the BSD 30 message received with the response relative to the RO, the terminal 50 performs verification for messages with response and decrypts the RO RO using the group key obtained through the registration process, as a result receiving the RO. The response message relative to the RO has the format as illustrated in fig.5D. As a result, the terminal 50 can receive the RO through the process 230 for connecting to the service, as described above.

At step 250, the component 42 CP-M BSM 40 transmits to the component 34 FD BSD 30 message TK containing the key traffic encrypted service key. At step 255, the component 34 FD BSD 30 broadcasts messages TK terminals. Message TK has a format as illustrated in Figi. Upon receipt of a message TK terminal 50 decrypts the encrypted key traffic service key, consequently getting the key traffic. Here RO obtained through the process of connecting to the service, contains the service key, so that the terminal 50 can receive the key traffic using the service key.

Meanwhile, CC 10 generates the content. At step 265 CC 10 transmits the generated content in BSA 20. At step 270 BSA 20 encrypts the received content using the key traffic. Here, at step 260, form the key traffic component 42 CP-M BSM 40 and transmit component 22 CP-E BSA 20. Then the component 22 CP-E BSA 20 at step 270 encrypts the content, and at step 275 transmits the encrypted content through the BSD 30 in the terminal.

If the encrypted content is a file format that is broadcasting the encrypted content via the component 34 FD. If the encrypted content is the format of the stream is broadcasting the encrypted content via the component 32 SD. An encrypted content has a format as illustrated in fig.5F. When the content is received at terminal 50 corresponds to the content stream, the content stream reaches component 56 CP-D terminal 50 via the component 32 SD. When the content is received at terminal 50 corresponds to the contents of the file, the contents of the file reaches the component 56 CP-D terminal 50 via the component 34 FD. Then the component 56 CP-D decrypts the received content key traffic for execution. For example, if the content decrypted by the key traffic, the decrypted content may be reproduced by the application 100.

In the above description describes the case in which the terminal uses an encrypted content through the channel broadcasting. Another variant of implementation of the present invention describes the case in which the terminal directly queries the registration and connection to the service, through the bidirectional channel and uses an encrypted content. Further, according to Fig.6, which is the precedence diagram illustrating the method of securing the content through the bidirectional channel, will be described the case of using an encrypted content according to another variant implementation of the present invention.

Because the step 800 figure 6 is identical to the step 200 in figure 4, and the process of receiving content, comprising stages 840, 845, 850, 855, 860 and 865, respectively, identical to the process of receiving content, comprising stages 250, 255, 260, 265, 270 and 275, for clarity, the details here will be omitted.

Comparing the method of protecting content through the bidirectional channel according to the present invention with a method of protecting content through the channel broadcasting, according to the present invention, when using a channel broadcasting, component 58 CP-C terminal 50 cannot directly send the message to the network broadcast. However, when using bi-directional channel, the component 58 CP-C terminal 50 can directly send the message to the network broadcast. Accordingly, the terminal 50 can directly exchange message to the component 42 CP-M BSM 40. However, when using channel broadcasting, the component 42 CP-M BSM 40 may transmit a message to the terminal 50 through the BSD 30, and the terminal 50 may transmit a message only through other devices.

At step 810 figure 6 terminal 50 passes directly through the bidirectional channel request message to the registration component 42 CP-M BSM 40. The message with the registration request has the format as illustrated in figa. At step 815 BSM 40 transmits the response message with respect to the registration terminal 50 through the bidirectional channel in response to the registration request from the component 58 CP-C terminal 50. The response message regarding the registration has the format as illustrated in figv, which contains information corresponding to the group key that was encrypted with the public key of the terminal 50. Through this encryption information can be transferred safely.

If the response message regarding the registration taken from the BSM 40, the terminal 50 must perform the verification reply message with respect to the registration. To perform the verification reply message with respect to the registration terminal 50 checks whether the message transmitted from the component 42 CP-M BSM 40 message that should be transmitted to the terminal 50. Accordingly, if the terminal 50 fails in verification with the bscene with a response concerning the registration, the terminal 50 ignores the response message regarding the registration transferred from the BSM 40. However, when the terminal 50 verifies the response message with respect to the registration terminal 50 checks the time field of the reply message with respect to the registration. As a result of this checking, if the time field shows the time delay greater than the set value, the terminal 50 ignores the response message with respect to the registration. If the terminal 50 successfully verifies the electronic signature, and a certain time field is within a predetermined value (for example, less than the preset value), the terminal 50 decrypts the group key with your public key, as a result receiving the group key.

If the terminal 50 receives the group key by performing the registration process, as described above, the terminal 50 passes directly to step 820, a message request to connect to the service, that is, the message requesting RO, component 42 CP-M BSM 40 through the bidirectional channel.

When the terminal 50 is directly performs the connection request to the service and receives the contents of the RO component of 42 CP-M BSM 40, the terminal 50, is seen as connected to the service. The request message for connecting to the service has a format as illustrated in figs, which contains the service ID, the cat is Roy must connect the terminal 50. At step 825 RO shaped component 42 CP-M BSM 40, is transmitted to the terminal 50 that performed at step 830 the connection request to the service, and the message transmitted to the terminal 50 has a format as illustrated in fig.5D. RO contained in the message has a service key, the encrypted group key for protection. As the process of connecting to the service, contains the steps 820, 825 and 830 figure 6 differs from the process connection to the service, contains the steps 235, 240 and 245 figure 4, the fact that the BSM 40 directly transmits the message through the bidirectional channel, the details will be omitted.

If the connection to the service terminal 50 is completed through the above process, the BSD 30 can pass it to the appropriate terminal content that was taken from CC 10 via the component 22 CP-E BSA 20. In the present invention, the key message traffic and RO can be provided in the terminal regardless of the point in time at which the terminal is provided contents. That is, RO can be transferred to the terminal after the content previously provided to the terminal. Otherwise, after the RO has been transmitted to the terminal, the terminal can be provided content for execution.

According to the present invention, as described above, messaging and operation is performed between the terminal and the objects that make up the net widely is emania, role-based terminal and objects, is possible the detailed design of the system for protecting content in a broadcasting environment.

Although for illustrative purposes has been described the preferred implementation of the present invention, for specialists in the art it is obvious that various modifications, additions and substitutions without deviating from the context and nature of the invention disclosed in the attached claims, including the full use of its equivalents.

1. The way interobjective connection to protect the contents in the broadcasting environment containing network broadcasting and the terminal, the network broadcasting has the Application object Service Broadcasting (BSA), the object Distribution Services Broadcasting (BSD) and the object Management Service Broadcasting (BSM), the method of interobjective connection contains:

run a terminal registration process to obtain the group key for the terminal

the requesting terminal connection process to the service

the reception terminal, in response to the connection request to the service, a message containing the Rights Object (RO)associated with the content based on the received group key,

a key traffic using RO, if you receive the message with the key traffic after completion of the process is to connect to the service,

receiving the encrypted content to the terminal, and

decrypting the encrypted content using the key traffic.

2. The way interobjective compound of claim 1, wherein the registration process includes:

the transmission through the object BSD reply message concerning the registration of the terminal in response to the request message for registration, when the terminal through the object BSM message received with the registration request and the response message regarding the registration contains the group key corresponding to the group that owns the terminal, and

the verification terminal in the received message with the answer about registering for group key.

3. The way interobjective connection according to claim 2, in which the terminal corresponds to the terminal using the channel broadcasting, and transmits the request message to register the object BSM through a special tool.

4. The way interobjective connection according to claim 2, in which the terminal corresponds to a terminal that uses a bi-directional channel, and the object BSM sends the response message with respect to the registration confirmation.

5. The way interobjective connection according to claim 2, in which the stage of obtaining the group key contains:

the field verification of electronic signature and time fields contained in the message of the Council concerning the registration for verification, when the object BSD accepted the response message with respect to the registration, and

decrypting the encrypted group key contained in the message with a response concerning the registration, using the public key of the terminal to receive the group key when the verification is successful.

6. The way interobjective compound according to claim 1, in which the process of connecting to the service, contains:

the formation of the via object BSM RO using the service key, when the terminal message received with the connection request to the service

the transmission through the object BSM in the object BSD reply message regarding connection to the service, contains the RO, the encrypted group key,

broadcast by object BSD terminal of reply messages regarding the connection to the service, and

decrypting the encrypted terminal RO contained in the message with the answer regarding connecting to the service using the received group key to obtain the RO.

7. The way interobjective compound according to claim 1, in which the process of connecting to the service, contains:

the formation of the via object BSM RO using the service key, when the terminal through the bidirectional channel message received with the connection request to the service

decrypting the encrypted terminal RO contained in the broadcast transmitted message about connecting to the service using the received group key to obtain the RO.

8. The way interobjective connection according to claim 6, in which the request message for connecting to the service, contains the ID of the service to which to connect the terminal.

9. The way interobjective compound according to claim 1, in which RO contains a service key that is an encryption key that is assigned when the terminal connects to a specific service, and the traffic is key encryption key used to encrypt the content.

10. The way interobjective compound according to claim 1, in which the terminal receives the key traffic through decryption of the encrypted key traffic using the service key contained in the received RO, after the object BSM transmits the key message traffic in the object BSD, and the object BSD transmits the key message traffic in the terminal, and the key message traffic contains an encrypted key traffic generated by the encryption key traffic service key.

11. The way interobjective connection to protect the contents in the broadcasting environment containing network shirakavan the I and the terminal, network broadcast contains the Application object Service Broadcasting (BSA), the object Distribution Services Broadcasting (BSD) and the object Management Service Broadcasting (BSM), the method of interobjective connection contains:

reception at the object BSM message with the registration request from the terminal

the transfer of the object BSM in the terminal reply message with respect to the registration that contains the group key corresponding to the group to which the terminal belongs,

the receiving terminal group key from a received message with a response concerning the registration,

the requesting terminal for connecting to the service,

the formation and transmission through the object BSM messages containing a Rights Object (RO)associated with the service,

the receiving terminal RO in respect of the service from a received message using the group key,

the transfer of the object BSM in the object BSA key traffic to encrypt the content,

the receiving terminal of the message with the key traffic

the receiving terminal key traffic from the message with the key traffic using RO,

reception at the object BSA content from the content provider,

encryption of the received content using the key traffic

transmitting the encrypted content to the terminal, and

races shall imovane terminal encrypted content using the key traffic.

12. The way interobjective connections in claim 11, in which the terminal corresponds to the terminal using the channel broadcasting, and transmits the message to the object BSM through a special tool.

13. The way interobjective connections in claim 11 in which the step of transmitting the reply message with respect to the registration contains:

receiving via an BSM message with the registration request from the terminal through special means,

forming a message containing the group key encrypted with the public key of the terminal, in response to receiving the request message for the registration and transfer of the object BSD-formed message containing the encrypted group key, and

broadcast by object BSD terminal a received message containing an encrypted group key.

14. The way interobjective connections in claim 11 in which the step of transmitting the reply message with respect to the registration contains:

receiving via an BSM from a terminal a request message for registration and

the formation of the via object BSM message that contains the group key encrypted with the public key of the terminal, in response to receiving the request message for the registration and transfer of the generated reply message with respect to the registration through the bidirectional channel of the terminal.

15. The way interobjective connections in claim 11 in which the step of obtaining the group key contains:

the test terminal of the field of electronic signature and time fields contained in the message with the answer regarding the registration for verification, when the terminal object BSD accepted the response message with respect to the registration, and

decrypting the encrypted group key contained in the message with a response concerning the registration, using the public key of the terminal to receive the group key when the verification is successful.

16. The way interobjective connections in claim 11, in which the stage of formation and transmission of messages containing RO, contains:

the transmission request message for connecting to the service object BSM through special means, when the terminal corresponds to the terminal using the channel broadcasting,

the formation of the via object BSM RO using the service key and the transfer object BSD reply message regarding connection to the service, contains the RO, the encrypted group key, and

broadcast by object BSD terminal of reply messages regarding the connection to the service.

17. The way interobjective connections in claim 11, in which the stage of formation and transmission of messages containing the RO, who will win:

the transmission terminal in the object BSM request message for connecting to the service, and

the formation of the via object BSM RO using the service key, and transmitting to the terminal through the bidirectional channel reply message regarding connection to the service, contains the RO, the encrypted group key.

18. The way interobjective connections in claim 11 in which the step of obtaining the key traffic contains:

decrypting the encrypted terminal RO using the group key, as a result receiving RO,

the receiving terminal of the message with the key of the traffic generated by the object BSA through the object BSD and

decrypting the encrypted key traffic using the service key contained in the received RO, upon receipt of a message with a key traffic to get the key of the traffic.

19. The way interobjective connection p, in which the key message traffic contains an encrypted key traffic generated by the encryption key traffic service key corresponding to the encryption key generated according to the connection to the service.

20. System interobjective connection to protect the contents in the broadcasting environment, the system interobjective connection contains:

the terminal

the content provider to maintain formation is th and transmitting the generated content

the Application object Service Broadcasting (BSA) to encrypt the content using the key traffic and transmitting the encrypted content to the terminal through the object Distribution Services Broadcasting (BSD),

the object Management Service Broadcasting (BSM) to complete the registration process and process control by connecting to the service terminal and the message key traffic containing the key traffic that is used to encrypt the content,

the object BSD to receive messages from key traffic from an object BSM and transfer the received message with the key traffic in the terminal, and

the terminal receives the key traffic using a Rights Object (RO)obtained when connecting to the service, when you received the key message traffic, and decrypts the encrypted content using the obtained key traffic.

21. System interobjective connections in claim 20, in which the object BSM receives a message with the registration request from the terminal through the bidirectional channel, and generates and transmits to the terminal the response message with respect to the registration that contains the group key corresponding to the group containing the terminal that contains the group key in relation to the group containing the terminal, and

the terminal verifies the response message regarding the region is ation, taken from the object BSM, to obtain the group key.

22. System interobjective connection item 21, in which the object BSM receives a message with the registration request from the terminal through special means, when the terminal corresponds to the terminal using the channel broadcasting, and transmits the generated message with the answer regarding the registration in the terminal through the object BSD.

23. System interobjective connection item 21, in which the object BSM transmits the response message regarding connection to the service, contains the RO corresponding to the content when the terminal message received with the connection request to the service, and

the terminal receives the RO from a received reply messages regarding the connection to the service using the group key.

24. System interobjective connection item 23, in which the object BSM receives the request message for connecting to the service through a special tool, when the terminal corresponds to the terminal using the channel broadcasting, and transmits the generated message response regarding connecting to the service to the terminal through the object BSD.

25. System interobjective connections in claim 20, in which the object BSA contains the Encryption of the Content Provider (CP-E) to encrypt the content.

26. System interobjective connection is possible in claim 20, in which the object BSM contains a component to manage the Content Provider (CP-M) to generate an encryption key for the terminal and control terminal.

27. System interobjective connections in claim 20, in which the object BSM contains a component to manage the Content Provider (CP-M) for the formation of the encryption key, and the control connection of the terminal.

28. System interobjective connection item 21, in which the object BSD contains a component Flow Distribution (SD) for broadcast streaming content, the encrypted object BSA, and Distribution component File (FD) for broadcasting content file, the encrypted object BSA.

29. System interobjective connection p, in which the terminal includes:

component Client-SD (SD-C) for receiving the encrypted streamed content received from the component SD,

component Client-FD (FD-C) to receive the message or the encrypted content file transmitted from the component FD,

component Decrypt-CF (CP-D) for the corresponding decryption streaming content and decrypt the contents of the file which are transferred from the component SD-C and component FD-C, respectively, and

component Client-CF to obtain the encryption key used for rasshifrovka the project for the encrypted content when performing registration processes and connect to the service component CF-M object BSM, and transmitting the received encryption key in the component CF-D.

30. System interobjective connections in claim 20, in which the object BSD accepts the service key and the key traffic from an object BSM, forms the key message traffic that contains the key traffic encrypted service key, and transmits the key message traffic that contains an encrypted key traffic in the terminal through the channel of the broadcast.

31. System interobjective connections in claim 20, in which the object BSM generates the group key to encrypt the service key, where the encryption key corresponds to the group containing the terminal, the service key is an encryption key issued when the terminal connects to a specific service, and the traffic is key encryption key used to encrypt the content provided from the service provider.

32. System interobjective connection to protect the contents in the broadcasting environment containing network broadcasting and the terminal, the network broadcasting has the Application object Service Broadcasting (BSA), the object Distribution Services Broadcasting (BSD) and the object Management Service Broadcasting (BSM), the terminal interobjective connection contains:

the first component for receiving from an object BSD encrypted content stream,

the second component for receiving from an object BSD encrypted content file is a and, at least the encryption key,

the third component to encrypt the encrypted content transmitted from BSD

a fourth component for transmitting at least the encryption key received from the object BSM, the third component,

where the fourth component performs the registration process and the process of connecting to the service.

33. The terminal device interobjective connection to protect the contents in the broadcasting environment containing network broadcasting and the terminal, and the network broadcast contains the Application object Service Broadcasting (BSA), the object Distribution Services Broadcasting (BSD) and the object Management Service Broadcasting (BSM), and the terminal device interobjective connection contains:

module Digital Rights Management (DRM) to control the registration, connection to the service and use of content

a communication module for exchanging message with the object BSM and reception of the object BSD message key encrypting traffic and services and

the authentication module to receive at least the encryption key by verifying a message received from at least one of the object BSM and object BSD.

34. The terminal device interobjective connection p in which the DRM module contains:

the registration module to perform operations is based registration process

module rights management for management analysis and use of a Rights Object (RO)obtained when connecting to the service,

module flow control key to perform decryption key traffic encrypted service key that is assigned when you connect to the service,

module decrypt the contents to perform the decryption of the content, the encrypted key traffic, and

the Manager module DRM to control the operation of the above-mentioned modules, respectively.

35. The terminal device interobjective connection p, in which the authentication module contains:

module administrator authentication to control the execution of the Protocol and management authentication function,

module encryption/decryption to perform encryption and decryption,

module digital signatures to sign electronic signature and

module control (MAC media access) to perform the MAC operation.



 

Same patents:

FIELD: physics; communications.

SUBSTANCE: preferred variant of this method involves reception of first data on first broadcast channel in receiver, playback of the first data, reception of second data on second broadcast channel in the receiver and storage of the segment of received second data, if the second data are received during playback of the first data. The stored segment is played back after playing back at least, part of the first data and the received second data are played back after playback of the stored segment, where the playback speed of the stored segment is different from the playback speed of the received second data.

EFFECT: possibility of simultaneous reception data broadcast from two or more broadcast channels for playback or storage.

53 cl, 18 dwg

FIELD: information technologies.

SUBSTANCE: invention refers to method of control of decoding of program traffic set received by receiving system. Method of control of decoding of program traffic set received by receiving system implying that sequence of messages is received in conventional access subsystem (9, 10) comprising the specified receiving system, and each message is associated with one of coded program traffic set and represents information return enabling decoding of associated coded traffic by at least one decoding module (12) within receiving system. It is detected whether messages received within certain interval are associated with various coded program traffic set, and at least one of requests presented by messages received within certain interval is rejected, if number of various coded program traffics with which these messages are associated, exceeds preset value.

EFFECT: creation of receiving system, portable protector which enables program traffic provider to control program traffic set to which user of receiving system simultaneously addresses.

16 cl, 2 dwg

FIELD: electricity.

SUBSTANCE: invention is related to the field of electrical engineering, in particular, to borehole telemetering systems for transfer of signals between surface device and borehole instrument installed in borehole. Wired drill pipe is suggested for drilling stem of borehole instrument installed in borehole that penetrates geological layer. Wired drill pipe includes drill pipe, cable and wire holder. Drill pipe is provided with slot in its end. Slots are able to receive at least one transformer. Drill pipe has internal surface that forms channel for flow of borehole mud through it. Cable passes from transformer into channel of drill pipe. Wire holder is located on internal surface of drill pipe. Wire holder is intended for cable fixation in it.

EFFECT: reduction of probability of electric faults and/or failures because of proper contact between neighbouring pipes.

37 cl, 51 dwg

FIELD: communications.

SUBSTANCE: in different types of broadcasts, with different levels of coverage in a wireless broadcast network, each base station processes data for global transmission in accordance with the first mode (or coding and modulation scheme) for generating data symbols for global transmission and processes data for local transmission in accordance with the second mode for generating data symbols for local transmission. The first and second modes are selected based on the desired coverage for the global and local transmission, respectively. The base station also generates control signals and additional service information for local and global transmission. Data, control signals and additional service information for local and global transmission are multiplexed in their transmission intervals, which can be different sets of frequency sub-ranges, time segments or different groups of sub-ranges in different time segments. More than two types of transmissions can also be multiplexed and transmitted.

EFFECT: design of a wireless broadcast network, which can efficiently transmit different types of information with various fields of coverage.

59 cl, 13 dwg

FIELD: technology for simultaneous broadcasting radio-transmission of signals with analog modulation and of digital transmission signals.

SUBSTANCE: in accordance to the invention, amplitude-modulated signal of simultaneous broadcasting radio-transmission, which incorporates digital transmission signal and analog transmission signal in one transmission channel, is characterized by the fact that one side band of carrier of signal of simultaneous broadcasting transmission is modulated by digital transmission signal, and another band is modulated by correcting signal, which ensures provision of analog transmission signal of waveform envelope for demodulation. Generator of amplitude-modulated signal is intended to be used for generation and transmission of aforementioned signals.

EFFECT: creation of method for simultaneous transmission of digital and analog signals through a single channel.

4 cl, 2 dwg

FIELD: technology for simultaneous broadcasting radio-transmission of signals with analog modulation and of digital transmission signals.

SUBSTANCE: in accordance to the invention, amplitude-modulated signal of simultaneous broadcasting radio-transmission, which incorporates digital transmission signal and analog transmission signal in one transmission channel, is characterized by the fact that one side band of carrier of signal of simultaneous broadcasting transmission is modulated by digital transmission signal, and another band is modulated by correcting signal, which ensures provision of analog transmission signal of waveform envelope for demodulation. Generator of amplitude-modulated signal is intended to be used for generation and transmission of aforementioned signals.

EFFECT: creation of method for simultaneous transmission of digital and analog signals through a single channel.

4 cl, 2 dwg

FIELD: communications.

SUBSTANCE: in different types of broadcasts, with different levels of coverage in a wireless broadcast network, each base station processes data for global transmission in accordance with the first mode (or coding and modulation scheme) for generating data symbols for global transmission and processes data for local transmission in accordance with the second mode for generating data symbols for local transmission. The first and second modes are selected based on the desired coverage for the global and local transmission, respectively. The base station also generates control signals and additional service information for local and global transmission. Data, control signals and additional service information for local and global transmission are multiplexed in their transmission intervals, which can be different sets of frequency sub-ranges, time segments or different groups of sub-ranges in different time segments. More than two types of transmissions can also be multiplexed and transmitted.

EFFECT: design of a wireless broadcast network, which can efficiently transmit different types of information with various fields of coverage.

59 cl, 13 dwg

FIELD: electricity.

SUBSTANCE: invention is related to the field of electrical engineering, in particular, to borehole telemetering systems for transfer of signals between surface device and borehole instrument installed in borehole. Wired drill pipe is suggested for drilling stem of borehole instrument installed in borehole that penetrates geological layer. Wired drill pipe includes drill pipe, cable and wire holder. Drill pipe is provided with slot in its end. Slots are able to receive at least one transformer. Drill pipe has internal surface that forms channel for flow of borehole mud through it. Cable passes from transformer into channel of drill pipe. Wire holder is located on internal surface of drill pipe. Wire holder is intended for cable fixation in it.

EFFECT: reduction of probability of electric faults and/or failures because of proper contact between neighbouring pipes.

37 cl, 51 dwg

FIELD: information technologies.

SUBSTANCE: invention refers to method of control of decoding of program traffic set received by receiving system. Method of control of decoding of program traffic set received by receiving system implying that sequence of messages is received in conventional access subsystem (9, 10) comprising the specified receiving system, and each message is associated with one of coded program traffic set and represents information return enabling decoding of associated coded traffic by at least one decoding module (12) within receiving system. It is detected whether messages received within certain interval are associated with various coded program traffic set, and at least one of requests presented by messages received within certain interval is rejected, if number of various coded program traffics with which these messages are associated, exceeds preset value.

EFFECT: creation of receiving system, portable protector which enables program traffic provider to control program traffic set to which user of receiving system simultaneously addresses.

16 cl, 2 dwg

FIELD: physics; communications.

SUBSTANCE: preferred variant of this method involves reception of first data on first broadcast channel in receiver, playback of the first data, reception of second data on second broadcast channel in the receiver and storage of the segment of received second data, if the second data are received during playback of the first data. The stored segment is played back after playing back at least, part of the first data and the received second data are played back after playback of the stored segment, where the playback speed of the stored segment is different from the playback speed of the received second data.

EFFECT: possibility of simultaneous reception data broadcast from two or more broadcast channels for playback or storage.

53 cl, 18 dwg

FIELD: information technologies.

SUBSTANCE: in broadcasting medium that contains broadcasting network and terminal, broadcasting network has object of Broadcasting Service Application (BSA), object of Broadcasting Service Distribution (BSD) and object of Broadcasting Service Management (BSM), at that method of interobject connection comprises performance of registration process by terminal for obtainment of group key for terminal on completion of registration process, performance of process by terminal for connection to service for request of connection to service, and reception of Rights Object by terminal in respect of content from message, which is received in response to request, on the basis of received group key, obtainment of traffic key with application of RO, if message is accepted with traffic key on completion of process of connection to service, reception of coded content in terminal, and decoding of coded content with application of traffic key.

EFFECT: provision of content protection in broadcasting medium in interobject connection system.

35 cl, 11 dwg

FIELD: physics, computer technology.

SUBSTANCE: invention refers to the sphere of digital television immediately dealing with systems providing for update of digital television receiver software. The proposed method of digital television receiver software update envisages the following: service software multiplexing into a traffic flow under a protocol pre-defined; retrieval of the service software data from the traffic flow by the digital television receiver and data storage; resetting the digital television receiver to enable receipt of the opposite side interface function addresses by the software of the digital television receiver and the service software; updating (via the software of the digital television receiver and the service software and in accordance with the addresses to have been retrieved) the default function addresses of the service software interface and the digital television receiver software.

EFFECT: independent update of service software whenever required without the digital television service provider having to particularly update terminal software.

10 cl, 4 dwg

FIELD: physics, communication.

SUBSTANCE: invention is related to transmission of information in global distribution network, such as Internet. Method for sending of information to target mobile station in anticipation mode includes definition of whether information should be sent in the form of short data batches (SDB) messages, and information sending in the form of SDB not waiting for reset of traffic channel.

EFFECT: development of mechanism for determination of messages to be transmitted in the form of SDB, so that no time-sensitive messages are delayed.

24 cl, 12 dwg

FIELD: physics, communications.

SUBSTANCE: invention concerns digital broadband data transfer systems, particularly decoding of frame error correction of multiple-protocol encapsulation (MPE-FEC) in handheld digital video broadcasting system (DVB-H). Invention claims method and device for MPE-FEC frame decoding in DVB-H. Filtration of packet identification (PID) is performed in TS packet received over wireless network to identify TS packet, and table ID is detected by data heading information intended for identification of section data type. If section data are MPE section, then the frame is buffered. If after IP datagram storage for last MPE section some part remains in data area, then remaining part is augmented with zeros. If section data are MPE-FEC section, then frame is buffered based on parity data obtained from MPE-FEC section.

EFFECT: efficient method of MPE-FEC frame decoding in handheld DVB-H for reception of transport stream (TS) packet and Internet protocol (IP) datagram reconstruction.

18 cl, 12 dwg

FIELD: physics; communication.

SUBSTANCE: invention relates to transmission of data to a mobile data processing unit. Data are received by a digital audio and/or television receiving device (100), where the data are contained in traffic of digital audio and/or television signals. The data are then extracted from the traffic of digital audio and/or television signals and electromagnetic signals are transmitted by the digital audio and/or television receiving device (100) so as to transmit data extracted from the digital audio and/or television receiving device (100) to a mobile data processing unit (200). The extracted data are transmitted from the digital audio and/or television receiving device (100) to the mobile data processing unit (200) in response to periodic queries from the mobile data processing unit (200) to the digital audio and/or television receiving device (100).

EFFECT: provision for additional data provider and mobile unit user with proportional capacities to act on data, which are currently being transmitted to the mobile unit.

24 cl, 5 dwg, 2 ex

Up!