Method of controlling access to set of channels for receiving or decoding device (versions) |
|
IPC classes for russian patent Method of controlling access to set of channels for receiving or decoding device (versions) (RU 2519395):
 
 Content download system, content download method, content supplying apparatus, content supplying method, content receiving apparatus, content receiving method, and programme / 2432686
Disclosed is a content download system comprises: a content supplying device, a content receiving device, a download apparatus designed to download encrypted content and playing control data necessary for playing said content from said content supplying device according to user operations; obtaining apparatus to confirm the existence of a license which includes a key for decrypting said encrypted content based on said playing control data when playing said downloaded content, and to obtain said license according to the confirmation result; and playing apparatus to play said encrypted content using said obtained license. Playing control metafile describes <content_title>, <drm_server_uri>, <license_id>, <license_type>, <license_description>, <user_confirmation>, <user_messsage>, and <price>. In the case when multiple licenses are set for a single content, the items <license_id> through <price> describe only the number of set licenses.
 Method to grant license to client device corresponding to coded content and system of conversion to manage digital rights, applying this method / 2421806
Method of a conversion system operation to manage digital rights to grant a license to a client's device corresponding to coded content consists in the following. The first content of the first type of digital rights content and the first license corresponding to the first content are converted to manage digital rights in order to generate the second content of the second type of digital rights content and the second license corresponding to the second content. A license request is received, corresponding to the second content distributed by means of superdistribution to a third party. The second license corresponding to the second content distributed by means of superdistribution is requested from a server corresponding to the second management of digital rights. The second license corresponding to the second content distributed by means of superdistribution is received and sent to a third party.
 Method and device for processing dvb-h (digital video broadcasting - handheld) compliant transport stream / 2418367
Invention proposes a method for processing a transport stream (TS) received as an input TS in a processing device (SDR), the transport stream comprising a plurality of elementary streams (ES), each ES being a set of TS packets having the same Packet IDentifier (PID), at least one of these ES being time-sliced so as to be sent in bursts, timing information indicating within a burst the time to the beginning of the next burst, applying a filtering operation to the input TS so as to filter out from the input TS part or all of one or more time- sliced ES; modifying the bursts scheduling of the input transport stream so as to generate a DVB-H compliant output TS from the filtered input TS.
 Controlled communication system / 2417534
First user can support one or more content "portals", which can be accessed by at least a subset of members of an online community. Access to content of any portal can be based on the level of confidentiality of the portal and the level of confidentiality, for example, access parametres provided to a person. The level of confidentiality and linking the content can be hierarchical and/or non-overlapping. That way, a user can transparently exchange data with several uses simultaneously independent of their context or level of confidentiality while preserving the confidentiality boundaries of each portal.
 Method and device to control access to coded data / 2409002
Method includes the following stages: receipt of the first control message (ECM1), containing at least one control word (CW) and time score (TS); receipt of the second control message (ECM2), following the first control message (ECM1), besides, the second control message contains at least one control word (CW) and time score (TS); detection of duration of time period, corresponding to difference between time scores (TS) of two serial messages ECM1, ECM2; increasing counter of errors (CE) in case specified duration of time period is less than previously set duration (CP); reducing counter of errors (CE) in case specified duration of time period equals or exceeds specified previously set duration; return of control word (CW) into module of processing (STB) as waiting time expires, which depends on value of counter of errors (CE).
 Method to control access to coded data / 2408157
Invention relates to method of control of access to data (CT) coded by means of control words (CW) received by protection module in control messages (ECM) and returned to module of coded data processing. Control messages (ECM) contain at least the first control word (CW1) and the second control word (CW2), at the same time each of specified control words provides access to coded data (CT) during the specified period of time called cryptoperiod (CP). Method includes the following actions: transfer of coded data into at least one module of processing; and transfer of control messages (ECM) into specified processing module, besides, control messages (ECM) contain at least two specified control words (CW1, CW2) and are sent to processing module after transfer of data coded by means of the first control word (CW1) and prior to transfer of data coded by means of the second control word (CW2), time shift between transfer into module of processing of data coded by means of the first control word (CW1) and transfer of control message (ECM), containing the first control word (CW1) and the second control word (CW2), makes more than 75% of cryptoperiod.
 Device and method for processing of data flow, having sequence of packets and information of synchronisation related to packets / 2407214
Device (3400) for processing of coded data flow (3401), comprising a decoding module (3402) to generate decoded data flow (3403) from coded data flow (3401), detection module (3404) for detection of information on position of at least one intra-coded frame in coded data flow (3403) and substitution module (3405) for substitution on the basis of detected information on position of coded data flow (3401) parts with according parts of decoded data flow (3403).
 Method of creating integrated news channel / 2402165
Metadata which classify new bulletins as a whole and their separate subject matter are formed; said metadata are sent to a user terminal. Received metadata are recorded into memory which may or may not be integrated into the user terminal. Recorded metadata are compared with previously recorded news bulletins and their subject matter; based on said comparison, recorded news bulletins are divided into video files of news items; obtained video files are recorded into memory. A database of news items is created with possibility of further browsing in an audio-visual information display device. In order to provide the proper accuracy of dividing recorded news bulletins into video files of news items, the timing device of the user terminal is periodically corrected using standard time signals.
 Information processing device, information recording medium, information processing method and software program / 2376628
Invention relates to an information processing device, an information recording medium and a method of processing information. Several content administration modules, which correspond to a name, index and some other information, are installed by dividing into parts content stored on an information recording medium. Different module keys, which are encryption keys, are allocated for different content administration modules. At least content data arriving in real time, included in each content administration module, are encrypted using the module key, and the encrypted data are stored. When playing back content, modules are identified, and decryption for playing back is carried out using the module key which corresponds to each module.
 Method of authorisation duration management in security module / 2355124
Invention concerns security modules actuated at device receiving encoded digital data; claimed method is particularly intended for transfer of data on date and current time to security module, and for decoding authorisation management based on validity period for data received or stored by indicated device. Method of authorisation duration control in security module installed in device with internal clock, where the device received digital data flow encoded with reference words included in authorisation reference messages, involves the following stages: data from internal device clock, including information on current time, are receiver over security module; information on current time is stored in security module; authorisation reference message requiring decoding of at least on reference word is received over security module; information on previous time when previous authorisation reference message was processed is read; authorisation reference message is processed if time indicated in current time information is ahead of time indicated in previous time information.
 Video encoding method and apparatus, and video decoding method and apparatus / 2519280
Invention relates to video encoding and decoding. Disclosed is a video encoding method which comprises steps of: dividing a current picture into at least one maximum coding unit, determining encoded depth to derive the final encoding result according to at least one division region obtained by dividing the maximum the region of the maximum coding unit according to depths, by encoding at least one division region based on depth which is increased in proportion to the number of times the region of the maximum coding unit is divided; and outputting image data constituting the final encoding result according to at least one division region, and encoding information on encoded depth and a prediction mode according to at least one maximum encoding unit.
 Method of encoding video and apparatus for encoding video based on coding units defined according to tree structure, and method of decoding video and apparatus for decoding video based on coding units defined according to tree structure / 2518996
Method of encoding video comprises steps of: breaking down a video image into one or more maximum coding units, encoding the image based on coding units according to depths obtained via hierarchical breakdown of each of the one or more maximum coding units, and outputting data which are encoded based on the coding units, having a tree structure, information with respect to the encoded depths and the encoding mode and information of the structure of the coding units, indicating the size and variable depth of the coding units.
 Method and apparatus for encoding and decoding image and method and apparatus for decoding image using adaptive coefficient scan order / 2518935
Method of encoding an image using an adaptive coefficient scan order comprises: projecting coefficients of a current block to a reference axis, from among a horizontal axis and a vertical axis, along a first straight line perpendicular to a second straight line with a predetermined angle α from the reference axis; scanning the coefficients of the current block in an arrangement order of the projected coefficients projected to the reference axis; and entropy-encoding information about the predetermined angle α and the scanned coefficients.
 Hypothetical reference decoder for scalable video coding / 2518904
Invention relates to a hypothetical reference decoder (HRD) for scalable video coding (SVC). The invention proposes to modify the H.264/AVC HRD standard for use with the SVC of advanced video coding (AVC). That implementation defines HRD constraints for each interoperability point of SVC. The changes for spatial, temporal and SNR scalability are shown. There are also changes to the related HRD parameters that are shown. At least one implementation proposes the SVC-HRD rules as modifications to the AVC-HRD rules. A user may use the proposed SVC-HRD rules to build an SVC-HRD and test a bitstream for SVC compliance.
 Method and apparatus for encoding and decoding motion vector based on reduced motion vector predictor candidates / 2518718
Invention relates to predictive encoding and decoding of a motion vector. The method of encoding a motion vector comprises steps of generating information about the motion vector based on a motion vector of a current block and a motion vector predictor of the current block, generating a virtual motion vector, generating vector differences between the virtual motion vector and the plurality of motion vector predictor candidates, comparing the vector differences with the information about the motion vector, and selectively excluding the second motion vector predictor candidate according to the comparison, and encoding the information about the motion vector and information about the motion vector predictor of the current block.
 Device and method of receiving content, device and method of transmitting content, programme and recording medium / 2518513
Invention relates to distribution of selected content. The method includes obtaining data associated with content to be transmitted at a transmission speed which is not synchronised with playback speed from a download schedule created in advance; determining if the content is content of a forced-type service for receiving content to be viewed and listened to, independent of a user request and if so, describing said data along with data associated with the content in first control data generated as data associated with content to be transmitted over a predetermined logical channel; generating second control data describing data for defining each of the logical channels in a physical channel serving as the transmission path of the broadcast wave signal of a predetermined frequency range; multiplexing the first control data and the second control data with content data, and multiplexing data to be transmitted over a plurality of said logical channels as data to be transmitted over a single physical channel, and modulating the multiplexed data for transmission as a broadcast signal.
 Distribution server, method of distributing data and programme / 2518497
Invention relates to a distribution server for transmitting data obtained from a video image, for example, with an image of a sports game, for example, a football match. Disclosed is a data distribution server which comprises: an analysis module for analysing basic data used in statistics to generate statistical data for a sports game (number of shots etc), a control module for receiving a request to obtain basic data and statistical data from a communication terminal, a bandwidth control module for controlling link bandwidth, connected to the communication terminal, a compactness computing module for calculating compactness for simultaneous transmission of basic data and statistical data to the communication terminal through the link based on the data size for the basic data and statistical data and the available link bandwidth, a division module for dividing basic data and statistical data into given modules based on the compactness and a module for transmission to the communication terminal for transmitting basic data and statistical data divided into given blocks.
 Information processing device, information processing method, information processing system and programme therefor / 2518494
Invention relates to an apparatus/method for processing information using DLNA (Digital Living Network Alliance) technology, which facilitates smoother continuous reproduction. The information processing apparatus includes: a reproducing means for requesting an information providing device to transmit content, for which a reproduction instruction was issued by a user, receiving content transmitted in response to the request and reproducing the content; and a control means for stopping reproduction of content by the reproducing means, and transmitting, to another information processing apparatus, instructions to prepare for continuous reproduction, which includes a continuous reproduction position which is a position for stopping reproduction of content when a user issues an instruction to prepare for continuous reproduction.
 Method, system, device and terminal for downlink transmission mobile multimedia broadcasting service manual / 2518448
Invention relates to wireless communication for downlink transmission of a mobile multimedia broadcasting service manual. Disclosed is a method for downlink transmission of a mobile multimedia broadcasting service manual, which comprises steps where: a content operation management platform generates an information part of basic services of the service manual and facilitates downlink transmission of the information part of basic services of the service manual to a terminal over a broadcast network; a mobile services management platform generates an information part of services of the service manual and facilitates downlink transmission of the information part of the services of the service manual to the terminal over a mobile network; and the terminal combines the information part of basic services and the information part of services of the service manual to provide a user with the service manual.
 Method of organising and controlling access to content during hierarchical encoding, processor and transmitting unit for implementing method / 2518444
Invention relates to controlling access to scrambled content during hierarchical encoding. The hierarchical access control method includes: receiving and transmitting to a protective processor second cryptograms (CWi)Ki for i, ranging from 1 to k-1, obtained by encoding control words CW1-CWk-1 using corresponding keys K1-Kk-1, built using at least part of an array formed by data residing in ECMk, and an operational key CEk; decoding the second cryptograms (CWi)Ki, only if access conditions CAk, obtained in the ECMk message, correspond to access rules TA, and without preliminary comparison of access conditions CAi with access rules TA for i, strictly less than k, and, otherwise, blocking decoding of the second cryptograms (CWi)Ki, if access conditions CAk do not correspond to access rules TA.
 Cryptographic secret key distribution / 2517408
Invention relates to distribution of a cryptographic secret key between a transmitting side and a receiving side. An apparatus for secure reception and transmission of data comprises a key generation controller and a unit for providing the number of iterations.
|
FIELD: physics, computer engineering. SUBSTANCE: invention relates to computer engineering. A method of controlling access to a set of channels using a receiver/decoder comprising a security module (SC), each channel being encrypted by a specific channel control word (CW1, CW2), each channel having a channel identifier and transmitting access control messages ECM containing at least the current channel control word and the channel access conditions. The method comprises the following steps: tuning to a first channel having a first channel identifier (ID1); transmitting the ID1 to the SC; receiving first access control messages ECM1 containing a first control word (CW1); transmitting the first access control messages ECM1 to the SC; decrypting the first access control messages ECM1 and verifying the channel access conditions; if the access conditions are met; transmitting the CW1 to the receiver/decoder; storing of the CW1 and the ID1 in the SC; tuning to a second channel having a second channel identifier ID2; transmitting the ID2 to the SC; calculating, by the SC, the second control word (CW2) by performing the following steps: calculating a root control word (RK) with an inverse cryptographic function F-1 using the CW1 and the ID1; calculating the CW2 with the cryptographic function F using the RK and the ID2; transmitting the CW2 to the receiver/decoder. EFFECT: reducing channel switching time when a user selects another channel. 9 cl, 3 dwg
The technical field to which the invention relates. The present invention relates to the field of pay-TV, specifically to the problem of time switching channels in the system of pay-TV. The level of technology In any communication system with conditional access switching time between channels significantly depends on the following factors: time of the detection signal, the detection time of the service channel, transmitting all the information about the structure of multiplexing (the position of the video components, the number and position of the audio component, the channel address messages ECM and so on), the maximum time-out messages ECM (Entitlement Control Message, the message access control), the message processing ECM (decryption and authentication), transmission control word decoder. The known solution is described in document US 5349641, in which the message ECM current channel is transmitted to the first speed, when this message ESM other channels also embedded in the flow of the ESM this channel, but are transmitted at a lower speed. In document WO 2009/092016 proposed solution is to combine the messages ECM various channels into a single message ECM and the transmission of this group messages ECM in each channel. This decision has the disadvantage that is excessive channel loading facilities the reference data, not used directly in this channel. In document WO 2005/020564 described system scans potential additional channels to retrieve the corresponding control words. After that, each control word is stored in memory being directly accessible when the channel is selected by the user. The disadvantage of this solution is the need to develop special selector channels to scan other channels for receiving messages ECM other channels. This decision is limited to channels within the same frequency band, and the selector is bound to this band for receiving the current channel and can't switch lanes without interrupting the view. In document EP 0740870 invited to send from one operator total for a set of channels, the first message containing the root control word. Each channel has its own message containing access conditions and parameter diversification to calculate the control word channel. Disclosure of inventions Various proposed solutions do not allow you to create a flexible system that operates at high speed without increasing the volume of management data in the stream. In accordance with this invention proposes a method of controlling access to the set of channels using the receiver decode the and, includes security module, each channel special encrypted control word channel has a channel identifier and transmits messages access control ECM containing at least the control word of the current channel and the conditions of access to the channel. The method includes the following steps: tune to the first channel with the identifier of the first channel; transmit the identifier of the first channel to the security module; receive the first message access control ESM containing at least the first control word; transmit the first message to the access control ESM to the security module; decrypting the first message access control ECM and check the conditions of access to the channel; if the access is made, transmit the first control word to the receiver-decoder; retain first control word and the ID of the first channel in the security module; tune to a second channel having an identifier of the second channel and the encrypted second control word, and the first control word is the result of a cryptographic function F, using the identifier of the first channel and the root control word and the second control word is the result of a cryptographic function F, using the identifier of the second channel and the root control is the term; transmit the identifier of the second channel to the security module; calculate using the security module, the second control word by performing the following steps: calculate the root control word using the inverse cryptographic function F-1using the first control word and the ID of the first channel; calculate a second control word using a cryptographic function F, using the root control word and the identifier of the second channel, and transmit the second control word to the receiver-decoder. As will be clear, the whole system is slightly modified in comparison with the prior art. The main modification is in the structure of the control words for the different channels. The root control word is generated typically by a random number generator. In solutions of prior art is the root control word is not actually transmitted. This root control word for each channel is generated by a special control word channel. This generation is based on the use of cryptographic function F, having as parameters the root control word and the channel ID. The control center responsible for encrypted channels, generates for each new encryption of the root control word and calculates upravlyaushymoscow for each channel using a cryptographic function and channel ID. Similarly, the security module, which is known cryptographic function and the inverse cryptographic function may calculate the control words for all channels, provided that you know the ID of the channel. Brief description of drawings The invention will be clearer from the following detailed description, in which reference to the accompanying drawings, provided as non-limiting example. Figure 1 shows the user system. Figure 2 shows the operations performed by the security module. Figure 3 shows the operations performed by the control center. The implementation of the invention The main technical result provided by the present invention, is to reduce the time of switching of channels when the user selects another channel. The time required to display the new channel pay television after receiving the command from the user, can be calculated as follows: - remove the handle (stream audio, video, data) from the Table of distribution programs (PAT, Program Allocation Table); - set the filter in accordance with the descriptor of services; - extract a data stream from a set of threads associated with this channel. - waiting messages access control ESM, which is contained in the data stream; - ereaut message access control ECM to the security module; - process message access control ECM using the security module, check the right and extract the control word; - transmit control word to the receiver-decoder; - use the control word to the audio/video data to obtain open (unencrypted) audio/video data; - expect the first full picture (I frame, 1 frame); - display the incoming group of images. As can be seen, the receiver-decoder waits twice, once to get the first message ECM, and the second time to obtain the first 1-frame. Pay TV systems meets for the first time out, with special attention paid to the reduction of this delay. The first measure is to repeat messages ECM in the stream data so as to minimize the time between two messages ECM. This time, as a rule, 250ms, ie 4 messages ECM per second. Increasing the repetition rate will adversely affect the available bandwidth. In addition, the computational power of the security module is constantly increasing but at the same time, the decryption and verification become more difficult for security reasons. It is necessary not only to decrypt the message ECM, but also to check the condition or conditions that are associated with some complex queries) compared with the PRA is AMI, stored in the security module. With today's technology, the time between the transmission of messages ECM and reception of the corresponding control word leaves about 150 MS. As a result, almost half of the switching time necessary for the procedure of pay television. The security modules, as mentioned above, can be implemented in a variety of ways, for example on the microprocessor Board, on payment card with an embedded microprocessor or in any electronic module in the form of an identification badge or key. Such modules usually are portable devices and removable from the receiver-decoder, and the design provides protection from unauthorized access. The most common type of module has electrical contacts, however, there is a contactless version of the type ISO 14443. There is also another variant of implementation of the security module, in which it is directly soldered on the inside of the receiver-decoder, and a variation of this alternative is the module connected to the socket or connector, such as a SIM card. Another embodiment is a security module that is built into the chip, which performs a different function, for example in the module diskriminirovaniya or microprocessor module receiver-decoder. Module bezopasnostiu also be implemented using software. Figure 1 shows a receiver-decoder STB (Set Top Box, a television STB)connected to a television receiver. In this example, the security module SC is detachable and is inserted into the slot of the receiver-decoder. Remote control TC allows the user to send commands, such as command channel selection. As explained above, the security module receives information containing the ID of the channel. This ID is contained in the PAT (Program Allocation Table, the allocation table), which includes a description of all the threads available in the frequency band on which the system is set up at the moment. Middleware receiver-decoder STB is responsible for processing this table, when the user selects a different channel. For a given user channel 1 is the first in its own channel list. However, this channel has a different ID that is specified by the broadcaster. For example, channel 1 of the user corresponds to the channel 27 and channel 2, the user corresponds to the channel 12 broadcasters. This channel ID is contained in table PAT. In the DVB (Digital Video Broadcasting, digital video broadcasting), the channel is identified using the DVB triplet. This triplet consists of three fields, namely, ONID/TSID/SID. ONID=Original Network Idntifier (original network ID), TSID=Transport Stream identifier of the transport stream), and SID=Service Identifier (service ID). The term "channel identifier" may include a simple identifier, such as 27, the DVB triplet, or the value of the hash function, or any known function of the triplet. This information is transmitted to the security module, as soon as the receiver-decoder STB receives a request for channel switching. This information is directly available to the receiver-decoder STB, as stored in the memory card channels. Each ID of the custom channel has a corresponding identifier broadcast channel. In the example below, we will look at how the user switches from the user channel 1 on the user's channel 2, which corresponds to switching from a broadcast channel 27 broadcast on channel 12. According to the present invention, the security module saves the last control word passed to the receiver-decoder STB corresponding to the channel 27. Control words represent the current control word and the next control word. These control words were extracted, while the receiver-decoder STB was tuned to the channel 27. According to our example, the security module receives information indicating that the new channel is the channel 12. Figure 2 is provided to processing, performed with the purpose of obtaining a control word for channel 12. The identifier ID1 in this example is 27, and ID2 - 12. Control word channel 27 (CW1) is transmitted first cryptographic function having as parameter the ID of the channel 27 (ID1). The result of this function serves as an intermediate result, which is called the root control word or the root key (RK). To obtain the control word (CW2) channel 12 is the second cryptographic function having as parameters the root key (RK) and the ID of the channel 12 (ID2). The result is a control word (CW2) for channel 12. The first cryptographic function is the inverse with respect to the second cryptographic function. These cryptographic functions are encryption (decryption), such as IDEA (International Data Encryption Algorithm, international data encryption algorithm), DES (Data Encryption Standard, data encryption standard), AES (Advanced Encryption Standard, advanced encryption standard). Using the above method not only calculates the current control word, but with minimal costs also processed and computes the next control word, valid for the next period encryption, which was received in the message access control until the receiver-decodebin is configured to channel 27. According to the first variant implementation of the control words simply passed on to the receiver-decoder and is used to access the encrypted channel 12. When using the pay-TV are strongly encouraged to apply access control. For quick change channels and access control can be applied to various solutions. The first solution is called "learning". The security module stores in its memory a list, each element of which contains the channel ID and the reference value. According to the first variant of the control value represents the value of the counter. By default, the counter is equal to zero. When the security module receives a message ECM and successfully transmits a control word, this means that access to the current channel is enabled. In this case, the list is updated, it shows the channel ID and a predetermined value, resets the counter, such as 10. When the user is sent to this channel, the security module verifies that the channel ID received from the receiver-decoder STB, was in the list, and the count was >0. In this case, the new control word is calculated and transmitted to the receiver-decoder STB, and the counter is decremented on e is inico. A predetermined value, resets the counter determines the number of control words transmitted to the receiver-decoder STB without authorization. This value can be pre-set in the security module, to the accelerated process was available immediately. If the default value is >0, the security module may immediately enable the solver control words for the new channel, performing the sequence in which the control word can be transferred to the receiver-decoder STB, even if the user does not have authorized access to this channel. In this case the default value will be small, in the range from 5 to 10. The default value and the value of the reset counter can be different. The default value does not take into account the conditions of access and will be installed, or to zero (without prior access to the channel, if the user does not have the rights), or by a small amount, for example 10 (temporary access). When the first message ECM is found in the data stream and transmitted to the security module that is processing messages ECM, check the conditions of access, and if access is made, the control word is transmitted to the receiver-decoder STB. Simultaneously, the counter is set to a predetermined value, restart the expense of the ICA. If the access condition is not met, the counter is reset to not pass more calculated control word. Preset value reset counter can be programmed in the security module or extract from the message of the ESM. Similarly, the control is attached to the channel ID may serve as a temporary limit. Message ECM contains the current time, and with each successful verification of the conditions of access of this channel (with the help of his messages ECM) time limit specified channel is updated, it is assigned the value of the current time plus the period of authorization, such as a day or week. In the last example, you must access this channel for quite a long time to get the message ECM times a week to keep the system in an enabled state. According to another variant of implementation, the list of security module is filled with control data received from the control center. Messages EMM (Entitlement Management Message, the authorization message subscribers are used to load the rights in the security module, then these rights compare with the access conditions contained in the message ECM. Messages EMM can be used to load in each element of the table is s channel ID and reference values. As explained above, this reference value may be a value of the counter, which is decremented by one each time when the transmission of the control word in connection with the channel ID. This reference value may be a time during which the security module is allowed to send control words for this channel. This time downloading, extracting this information from the message EMM, it preferably will correspond to the subscription period for this channel. The time information is set using messages ECM or EMM. Each message contains a time reference that is stored in the security module. The last time information updates the previous entry. This time information is compared with the time information attached to the channel ID, for a decision on the transfer of the control word to the receiver-decoder STB. After the subscription period for this channel has expired, the time information corresponding to that channel (or channels as the subscription agreement may cover multiple channels) is not updated, and the security module stops transmitting the calculated control words. In the case when the user switches from channel 1 (Sukhumvit MRT=27) on channel 2 (Sukhumvit MRT=12), and then 3 (Sukhumvit MRT=34), the implementation of Auda the following operations: the security module reads the last used control word, and using the channel ID 1 calculates the root key; the security module receives a channel identifier 2, and calculates the control words (current and next) using a root key and a channel ID 2; at the next switch on channel 3 root key can still be used to calculate the control word for channel 3. You can imagine that instead of storing the control words of the current channel for the possibility of changing the channel security module directly calculates the root key using the functions described above and stores the root keys (odd and even root key). There is no need to save the current control words in the security module, the storage root words will be enough. In the latter case there is also no need to store the ID of the current channel. It should be noted that usually formed by the two control words, the current and the next. After the current root key calculated by the current control word, channel 1 and channel ID, compute the following root key using the following control word channel 1 and channel ID. Then these root keys stored in the security module, if j is the motor is given another command switch. Cryptographic function F is similar to encryption or decryption, and the root key is the data that requires encryption (decryption), and the ID of the channel plays a key role. Because the key usually has a high entropy, which is not performed in relation to the channel ID, channel ID previously used function diversification, before it can be used as a key. According to the first variant implementation of this function diversification can mix the channel ID with predefined values known to the security module and the control center. This may be accomplished by use of the encryption key known to the control center and the security module. According to another variant implementation of the function diversification uses parameters diversification contained in the message ECM. Thus, this diversification is not available to any third party not having the ability to successfully decrypt the message ECM. This option is diversification should be common to all messages ECM received on different channels at this time. An example of such a parameter diversification can serve as the current time. This current time is retrieved from the last decrypted messages ECM from which the above example was extracted reference control word, and control words belong to channel 1. The time contained in the message ECM, known to the control center (as formed) and the security module when processing messages ECM and removing the reference control word. These timing data can be used for the function of diversification along with the channel ID. One of the main advantages of the present invention is compatible with existing solutions on the receiver side. Receivers that do not have the characteristic features of the present invention may nevertheless continue, because the message ECM each channel contains control words. The old security module will continue receiving messages ECM and send control words, the new security module can compute new control words before taking messages ECM new channel. Cryptographic function F and F-1can be implemented in the security module. However, in another embodiment, this function is implemented in hardware, in order to keep the algorithm secret. 1. Method for managing access to a set of channels using the receiver-decoder that includes a security module, each channel special encrypted control word channel has a channel identifier, and transfer the t messages access control ESM, containing at least the control word of the current channel and access channel, comprising the following steps: 2. The method according to claim 1, characterized in that the security module contains a list, each element of which contains at least the identifier of the channel and the reference value, the method includes the following steps: 3. The method according to claim 2, characterized in that the reference value is the value of the counter, the check of the control value includes testing positive counter value, and the value of the specified counter is reduced by one when the transmission of the second control word to the receiver-decoder. 4. The method according to claim 3, characterized in that it contains the following steps: 5. The method according to any one of claims 1 to 4, characterized in that it contains the following steps: 6. The method according to claim 5, characterized in that the parameter diversification is extracted from the first message access control ASM. 7. Method for managing access to a set of channels using the receiver-decoder that includes a security module, each channel special encrypted control word channel has a channel identifier and transmits messages access control ECM containing at least the control word of the current channel and access channel, comprising the following steps: 8. The method according to claim 7, characterized in that the security module contains a list, each element of which contains the channel ID and the reference value, the method includes the following steps: 9. The method of claim 8, wherein the reference value is the value of the counter, the check of the control value includes testing positive counter value, and the value of the specified counter is reduced by one when the transmission of the second control word to the receiver-decoder.
|