Method of protecting security data transmitted by transmitter device to receiver device

IPC classes for russian patent Method of protecting security data transmitted by transmitter device to receiver device (RU 2523952):

H04N7/16 - Analogue secrecy systems; Analogue subscription systems

H04L9/00 - Arrangements for secret or secure communication (spread spectrum techniques H04B0001690000)

G06F21/62 - ELECTRIC DIGITAL DATA PROCESSING (computers in which a part of the computation is effected hydraulically or pneumatically G06D, optically G06E; computer systems based on specific computational models G06N; impedance networks using digital techniques H03H)

Another patents in same IPC classes:

System for capture and selective playback of broadcast programmes / 2521491

Invention relates to television, particularly for capture and selective playback of broadcast programmes. An apparatus for storing broadcast programmes for future transmission to subscribers comprises means for receiving a broadcast channel data stream which comprises a plurality of sequential programmes and a data storage means, wherein video and audio data relating to each programme are extracted from a received broadcast channel data stream and stored on the data storage means at a known position, wherein service information relating to each programme is extracted from the data stream and stored at a known position on the data storage means with data identifying the position on the storage means at which the video and audio data for the programme are stored.

Method of controlling access to set of channels for receiving or decoding device (versions) / 2519395

Invention relates to computer engineering. A method of controlling access to a set of channels using a receiver/decoder comprising a security module (SC), each channel being encrypted by a specific channel control word (CW1, CW2), each channel having a channel identifier and transmitting access control messages ECM containing at least the current channel control word and the channel access conditions. The method comprises the following steps: tuning to a first channel having a first channel identifier (ID1); transmitting the ID1 to the SC; receiving first access control messages ECM1 containing a first control word (CW1); transmitting the first access control messages ECM1 to the SC; decrypting the first access control messages ECM1 and verifying the channel access conditions; if the access conditions are met; transmitting the CW1 to the receiver/decoder; storing of the CW1 and the ID1 in the SC; tuning to a second channel having a second channel identifier ID2; transmitting the ID2 to the SC; calculating, by the SC, the second control word (CW2) by performing the following steps: calculating a root control word (RK) with an inverse cryptographic function F^-1 using the CW1 and the ID1; calculating the CW2 with the cryptographic function F using the RK and the ID2; transmitting the CW2 to the receiver/decoder.

Method of enforcing rules for accessing broadcast product realised by control centre / 2518164

Invention relates to broadcast encryption and specifically to a method of managing authorisation rules in a data broadcasting system. Disclosed is a method of enforcing rules for accessing a broadcast product, received by receivers, which is realised by a control centre. Access is provided by a product key and the management centre manages a set of Boolean positive and negative attributes at receivers, which comprises steps of: associating one positive Boolean attribute with a receiver entitled to the attribute and loading a state therein; associating one negative Boolean attribute with a receiver not entitled to the attribute and loading a state therein; defining a second broadcast encryption scheme for the negative Boolean attributes and associating with each negative Boolean attribute corresponding decryption key material; expressing access conditions for a product as a Boolean expression by combining one positive Boolean attribute and one negative Boolean attribute by Boolean conjunction or disjunction; generating a cryptogram for transmission to a receiver by encrypting the access key with the two combined broadcast encryption schemes according to said Boolean expression.

Multi-level message filtering / 2486677

Invention discloses systems and methods of generating multi-level filtering information, that are applicable to multiple messages. For a first filtering level, a set of filtering values is formed as a combination of all filtering values for filtering criteria which belong to a set of intersection of filtering criteria. On the receiver side, the overall transport entity first undergoes filtering based on second-level filtering information. First-level filtering information can be separated from the transport entity; if the transport entity is not discarded after first-level filtering, second-level filtering information, the obtaining of which requires processing the transport entity, is used to extract messages from a packet.

Conventional access system for digital television and method for its use / 2477923

System includes identification unit, conventional frontend access system unit and receiving device, in which identification unit is bi-directionally connected to receiving device, identifies receiving device, generates unique ID of receiver and identification information, and records the corresponding information in data base; conventional frontend access unit is bi-directionally connected to this data base, reads the information about the receiver from data base for coding the control information about receiver identification, and transmits the information to receiving device in relevant addressing mode; conventional frontend access unit switches on the relevant generator of identification information; receiving device uses ID and identification information for provision of safe conventional access to scrambling programs.

Programmable multimedia controller with programmable functions / 2460119

Disclosed is an integrated system which is based on a general purpose computer and is capable of interfacing with, controlling or managing a wide variety of audio, video, communication, data transmission or other devices. The system includes a programming environment for creating functions or user experiences that may incorporate features or functionalities of several devices that are conventionally used as separate, standalone devices.

Method of multimedia data protection / 2449494

Method of data transmission to client computer executing client program includes following steps: a) data transmission to client program, b) transmission of program code containing algorithm from protection server to client program where algorithm result is function of client program status, c) executing the mentioned code by client program and returning result to protection server and facilities connected with protection server, and d) determination by protection server or facilities connected with protection server whether the obtained result indicates absence of client program modification.

Device for processing data elements which can be reproduced to user / 2446614

Device (DVR) is processing data elements which can be reproduced for user. Example of such device is digital videorecorder. The device (DVR) contains network interface (NWIC, NWIM) which connects the device (DVR) to network which contains other devices. Content analysis initiator (ECF) in the device (DVR) detects that other device comprising part of network contains content analyser. Content analysis initiator (ECF) applies content analyser (AVCA) of other device to data element (AVF).

Content download system, content download method, content supplying apparatus, content supplying method, content receiving apparatus, content receiving method, and programme / 2432686

Disclosed is a content download system comprises: a content supplying device, a content receiving device, a download apparatus designed to download encrypted content and playing control data necessary for playing said content from said content supplying device according to user operations; obtaining apparatus to confirm the existence of a license which includes a key for decrypting said encrypted content based on said playing control data when playing said downloaded content, and to obtain said license according to the confirmation result; and playing apparatus to play said encrypted content using said obtained license. Playing control metafile describes <content_title>, <drm_server_uri>, <license_id>, <license_type>, <license_description>, <user_confirmation>, <user_messsage>, and <price>. In the case when multiple licenses are set for a single content, the items <license_id> through <price> describe only the number of set licenses.

Method to grant license to client device corresponding to coded content and system of conversion to manage digital rights, applying this method / 2421806

Method of a conversion system operation to manage digital rights to grant a license to a client's device corresponding to coded content consists in the following. The first content of the first type of digital rights content and the first license corresponding to the first content are converted to manage digital rights in order to generate the second content of the second type of digital rights content and the second license corresponding to the second content. A license request is received, corresponding to the second content distributed by means of superdistribution to a third party. The second license corresponding to the second content distributed by means of superdistribution is requested from a server corresponding to the second management of digital rights. The second license corresponding to the second content distributed by means of superdistribution is received and sent to a third party.

Method for three-dimensional nonlinear replacement transformation / 2519004

Invention relates to computer engineering and telecommunication and is intended to solve the problem of protecting computer information. The method of performing three rounds of transformation is carried out along x, y, z axes. The first round involves performing N two-dimensional replacement transformations of layers L_x0, L_x1, …, L_x(N-1); the second round involves N two-dimensional replacement transformations of layers L_y0, L_y1, …, Ly_(N-1); the third round involves N two-dimensional replacement transformations of layers L_z0, L_z1, …, L_z(N-1).

Method of encrypting n-bit unit m / 2518950

Method of encrypting an n-bit data unit M includes generating a secret key by generating subkeys Q and R and auxiliary subkeys in form of mutually simple multi-bit binary numbers m₁ and m₂, generating an auxiliary n-bit data unit T, generating an n-bit auxiliary cryptogram C_M by performing a block encryption operation E over the M depending on Q using the formula C_M=E_Q(M), generating n-bit auxiliary cryptograms C_T by performing a block encryption operation E over T depending on R using the formula C_T=E_R(T), generating a cryptogram C in form of a solution of a system of two identities C≡C_Mmodm₁ and C≡C_Tmodm₂ with unknown C. In a particular version of the method, m₁ and m₂ are prime numbers.

Method of embedding message in jpeg 2000 digital image / 2517337

Method of embedding a message in a JPEG 2000 digital image involves replacing coding coefficients of medium-frequency and high-frequency wavelet transformation subranges, wherein embedding is performed after the procedure of quantisation into blocks of wavelet coefficients measuring N×N. Bit values of the embedded message are coded by the parity of the sum of values of wavelet coefficients in a block, wherein if the value of the embedded bit does not match the parity of the sum of values of wavelet coefficients in the block, the value of one of them is increased by one, wherein the wavelet coefficient whose value has the greatest fractional part is selected for modification.

Secure information transmission method / 2509423

Useful signal is encoded into a binary code; a first generator generates a source deterministic random signal by modulating parameters of the random signal with the useful digital signal and the obtained signal is transmitted over a communication channel to a receiving side where it is divided into two identical signals which are transmitted to a second generator and a third generator, which are identical with respect to control parameters, selected to facilitate a mode for general synchronisation with the first generator; signals obtained from the outputs of said first and third generators are transmitted to a subtractor and presence or absence of oscillations determines presence of a useful digital signal presented in form of a digital code, wherein periodic signals are obtained at the outputs of the second and third generators.

Methods and apparatus for selective data encryption / 2505931

Method includes a step, at an encryption device (710), of: determining whether the length of a message M is greater than, equal to or less than the length of a key k; and if the length of the message M is greater than the length of the key k, exactly k bits of the message M are encrypted; if the length of the message M is equal to the length of the key k, said k bits of the message M are encrypted; if the length of the message M is less than the length of the key k: the message M is connected in series with the next message to obtain a message which is elongated by at least k bits. At least one next message contains bit stream data and is the payload of the next packet; and exactly k bits of the elongated message are encrypted, wherein the message M is the payload of the packet and contains bit stream data.

Method for iterative cryptographic transformation of data / 2504911

Method involves generating a sequence of round keys K₁, K₂,…, K_R, where R is the number of transformation rounds, from a private key using a key turning procedure; executing R transformation rounds; each round key used at the i-th round (K_i) is used to generate N round sub-keys K_i1. K_i2,…, K_in, where N is the number of paths of round transformations in each round; when executing each i-th round, N copies C_i1, C_i2,…, C_in of an input unit C are created, each copy C_ij subjected to stochastic transformation E_ij, which is recorded in the form C_ij:=F_ij(C_ij, K_ij); the transformed values C_ij are transmitted to inputs of a combinational circuit F, the function of which is a parallel composition of different paths of round transformations; the result of actions of the combinational circuit C:=F(C_i1, C_i2, …, C_in) is declared the round result, which is transmitted to the input of the next round for i<R, and the result of the actions of the last round is the transformation result.

Method for cryptographic transformation of information and apparatus for realising said method / 2503135

Method is based on breaking down an initial 32-bit input vector into eight serial 4-bit input vectors. Conversion tables are placed in each replacement unit, each table having sixteen rows, each row having four padding bits corresponding to 4-bit output vectors. Four replacement units are used, one for each pair of 4-bit input vectors, wherein each replacement unit employs a 16-byte or more central processing unit register in which two conversion tables are placed, and conversion of pairs of 4-bit input vectors to pairs of 4-bit output vectors in accordance with the conversion unit is carried out by switching the rows of the conversion tables to the central processing unit register of the corresponding replacement unit using pairs of 4-bit input vectors in form of switching addresses, after which the 4-bit output vectors are combined in series into a 32-bit output vector.

Method of detecting radio-electronic equipment / 2497285

Method involves further multiplication and low-pass filtering of the output voltage of each antenna element with reference signal voltages corresponding to all antenna elements and presenting the multiplication and filtration results in form of a cross-correlation matrix of signals; performing corresponding multiplication, summation and subtraction operations with signals of corresponding elements of the cross-correlation matrix of signals to obtain the determinant of the cross-correlation matrix of signals; finding the maximum value of the determinant of the cross-correlation matrix of signals and, for the maximum value of the determinant of the cross-correlation matrix of signals, based on reference signal parameters, determining the frequency value and direction of arrival of the signal of continuously emitting radio-electronic equipment.

Information protection method / 2494553

Disclosed is a method of protecting information based on identification data, which involves encrypting a source message and subsequent decryption using a secret key generator and by applying a computational technique, characterised by that the following procedures are performed: at the initial initialisation step, calculating a secret master key and a system public key; at the second step, sending the secret master key to the input of an algorithm which executes the secret key computation step and generates, at the request of the decryption algorithm, a secret key for the new system user; at the encryption step, encrypting the source message using the identifier of the new user and the system public key obtained at the initial initialisation step; at the decryption step, transmitting to the input of the decryption algorithm the secret key for the new user and decrypting the message obtained at the encryption step.

Method of encrypting messages presented in form of multibit binary number / 2485600

In the method for block encryption of a message M, which is presented in form of a multibit binary number, a private key and a cryptogram, which depends on the message M and the private key, are generated, wherein the private key is generated in form of a set of subkeys K₁, K₂,…, K_h, where h≥1, and auxiliary multibit binary numbers p₁, p₂,…, p_u, p_u+1, where u≥1; auxiliary multibit binary numbers R_1, R₂,…, R_u, D are generated and a cryptogram is generated in form of a multibit binary number C, which satisfies the comparison system C≡R₁ mod p₁, C≡R₂ mod p₂,…, C≡R_u mod p_u, C=D mod p_u+1, where at least one of the numbers R₁, R₂,…,R_u depends on the message M and one of the subkeys K₁, K₂,…, K_h.

Centre access conflict resolution method and system implementing said method / 2523935

Invention relates to computer engineering. The method of resolving a conflict in accessing a conflict-free messaging device (CFMD), which employs a CFMD and numbered objects which transmit to and receive from the CFMD optical signals via a separate wireless link for each object at three possible frequencies, wherein the signal at the first frequency is pulsed and is used by the objects to determine the time of propagation of the signal from the object to the CFMD, the signal at the second frequency is pulsed, has one of four durations ν, ρ, σ, τ, linked by the relationship 3ν<σ<ρ<τ and is transmitted simultaneously only by one of the objects, the signal at the third frequency is constant, is transmitted by to the CFMD by the objects and is returned to said objects by the CFMD with temporary interruption of the reception by the CFMD of the signal at the second frequency from the object, wherein the CFMD counts the time interrupted and resuming upon the arrival of the signal at the second frequency, or upon achieving a predetermined time value.

FIELD: radio engineering, communication.

SUBSTANCE: invention relates to a method of protecting security data transmitted by a transmitter to a receiver, the method comprising periodic transmission to a receiver, alternately with said security data, of neutral data intended to prevent security data filtering.

EFFECT: improved data protection.

16 cl

The technical field to which the invention relates.

The invention relates to the field of data transmission and more specifically relates to a method for protecting security data transmitted by the transmitter device to the receiver device.

The invention also relates to the terminal of the transmitter, which is located in the head module operator's network and configured to transmit operation messages in the terminal receiver.

The invention also relates to a computer program, stored on a data carrier and is designed to work in the terminal transmitter for implementing the method in accordance with the invention on the side of the transmission.

The invention also relates to the terminal of the receiver is configured to receive messages transmitted mentioned terminal of the transmitter, and to a computer program stored on a storage medium and designed to work in the terminal receiver for implementing the method in accordance with the invention.

More specifically, the invention is directed to improving the protection of EMM messages that are transmitted to the main module of the network operator system for receiving user. However, more generally it refers to the protection of all transmission of messages between objects, connected networks of data transmission, regardless of the nature and characteristics of the above-mentioned object is in and mentioned networks.

The level of technology

During the development of the distribution of content over the data network is a risk that such content will be subject to hacker attack, becomes the primary concern for both providers and recipients of this content.

Hence, the main task is the protection of the distributed content from the risk that the right of access associated with this content, will be forwarded by fraud, as well as against the falsification of these rights by the user.

Indeed, access control systems type CAS distributable content usually encode and decode due to logical authorization (user can access the content for a certain period of time), combined with keys, called the operating keys, the latter provides the ability to decode other messages that authorize access to the content. Logical authorization and operating keys are typically transmit in the terminal receiver in EMM (Message disposition of rights) and the ESM (Message control rights) in specific messages access control, which themselves must be protected.

For a better understanding of the terminology, in this specific technical field to which the invention relates, may be with Elana link to the following document: "FUNCTIONAL MODEL OF A CONDITIONAL ACCESS SYSTEM", EBU REVIEW-TECHNICAL, EUROPEAN BROADCASTING UNION. BRUSSELS, BE, no 266, 21 December, 1995.

One disadvantage of the prior art arises from the fact that these messages can be intercepted and analyzed to determine the conditions of access and keys needed to decode the content.

In some cases, the operator may wish to remove or restrict access to certain recipients. In this case, the messages EMM and ECM this purpose include relevant information.

Another form of fraud is to filter the messages transmitted by the operator, to prevent their use by the security processor of the terminal receiver.

In addition, a hacker who wants to restore the message EMM, can determine its effect experimentally, exposing it, for example, processing in the system of reception reserved for this test.

In addition, the operation of the access control system performed by the operator enters the EMM messages for additions, modifications, or removal of the rights on certain dates of the month that represents a group of data processing by computer and can help the hacker to distinguish between new messages EMM resulting from this treatment, and may allow a hacker to develop a strategy for filtering.

In the case when the message authentication access control on Westside, using cryptographic redundancy, this measure does not have any effect in the following cases:

- if a hacker successfully received the key, or if it has successfully obtained the correct cryptographic redundancy. This is particularly possible if the aforementioned cryptographic redundancy is symmetrical.

- if the hacker managed to make the security processor has accepted the message as containing the correct cryptographic redundancy and, thus, as an authentic message. This case is particularly possible when the physical violation of the operating environment of the processor system security, reception, responsible for the inspection of such authenticity. Such violations include, for example, a sharp increase in temperature, fluctuations in signal power or the clock frequency, the impact on the component of the laser pulses, the transmission of electromagnetic waves or radiation from radioactive particles.

In the case when messages are protected by transmission to the terminal receiver combination of positive and negative indications, this measure is of interest only when the hacker has something to lose. In particular, some attacks are illegal adding rights in the official processors security (called MOSC, the modified optical intellectual the nye card). In this case, the hacker only loses when filtering messages, if the operator changes the operating keys.

Thus, it is preferable not to transmit such keys in the multiplexed signal to prevent unnecessary disclosure.

It appears, therefore, that it is not always possible for the access control system (CAS) to resist hacker attacks, and, in particular, to resist removal of unwanted messages or insert messages that should not be transferred to the processor of the security.

The purpose of the invention is to overcome the disadvantages of the access control systems of the prior art described above.

Disclosure of inventions

The invention is based on the idea of maintaining a regular flow of messages between the transmitter and the receiver so that the message was sent, even if the operator has not filed any request.

In the invention it is recommended that the method consisting in periodic transmission in the above-mentioned receiver, alternately with the mentioned data security, neutral data intended to prevent filtering of such data security.

This regularity allows to encrypt the data transfer between transmitter and receiver for an external observer, making it difficult, therefore, malicious filter the security messages. It may also provide for the receiver to detect it possible to filter these messages.

Depending on the variant embodiment of the invention and the nature of the secondary message in the sequence after it can follow the operation detection or jamming. Different types of detection can be used, such as a memory write event log or sequential incrementing of counter detection. Countermeasures may, for example, be a temporary disabling or destruction of the card that contains the security processor.

In accordance with another feature of the invention, the transfer mentioned neutral data start after a time delay, following after the last data transmission from the transmitter to the receiver.

Preferably, the aforementioned neutral data represent a structure similar to that of data security.

In one embodiment, the method in accordance with the invention contains the following steps:

- determine the duration DR, separating two successive reception by the receiver of the data transmitted by the transmitter, and

at the moment t is measured interval TR of time that has passed after reception by the receiver of the data transmitted by the transmitter,

- if the interval TR, the time is longer than the duration of the DR, the transmit signal is l alarm management module counter.

In this embodiment, the method further comprises a step consisting in counting the number of signals N alarm sent by the receiver in the above-mentioned control module counter, write the number N in the above-mentioned control module counter, determining the number of SA alarms, representing the threshold value to start the permit comparison of the number of SA with the number N written in the control module opposition, and the procedure of the counter, if the number N exceeds the number of SA.

The mentioned procedure counter can be activated locally by the receiver or remote transmitter and is in the temporary or permanent suspension of the operation of the receiver.

In one specific embodiment of the method in accordance with the invention designed to increase the security of your access control system type CAS, data security and neutral data are transmitted to the receiver in the EMM messages.

Said data security and mentioned neutral data can be encrypted to increase security. However, they can be transmitted in coded form.

Data security and neutral data can be transmitted to the receiver in the data stream, optionally containing encoded audiovisual programs. In this case, temporary or permanent priostanovlenni the work is that no longer handle the EMM messages when read multimedia content.

The method in accordance with the invention is implemented via a terminal of the transmitter in the head module of the network operator, made with the possibility of transmission of operating messages in the terminal receiver from a variety of terminals connected via the network mentioned operator.

This terminal includes a tool storage maximum duration D of the interval between two successive transmissions in the above-mentioned flow, the measuring interval T has passed since the last transmission of the message, and the tool insert neutral messages mentioned in the thread, if the time interval T since the last transmission of messages, greater than or equal to said duration D.

The method in accordance with the invention is implemented on the side of the network module by a computer program stored on the medium and intended to run in the terminal transmitter to save the maximum length D of the interval between two successive transmissions in the mentioned thread, for the measurement interval T has passed since the last transmission of the message, and to insert in the above-mentioned flow neutral messages, if the time interval T since the last transmission of the message is to be placed, greater than or equal to said duration D.

The terminal receiver in accordance with the invention includes a tool storage maximum duration DR, greater than or equal to the duration D of the interval between two successive receptions of the messages in the above-mentioned flow, the means of measuring the time interval TR has passed since the last reception of the message, and the notification tool time in the launcher counter, if the time interval TR, the last after the last message is received, greater than or equal to the duration of the DR.

The method in accordance with the invention implemented on the receiver side by means of a computer program stored on the medium and intended to run in the terminal of the receiver to store the maximum duration DR of the interval between two successive receptions of the messages mentioned in the thread, for measuring the time interval TR has passed since the last reception of the message, and for notification of the time in the launcher counter, if the time interval TR, the last after the last message is received, greater than or equal to said duration DR.

Brief description of drawings

Other properties and advantages of the invention will be understood after reading the following description, which is represented as reogranization the first example, with reference to the attached drawings, on which:

- figure 1 shows the General block diagram of the sequence of operations illustrating the main steps of the method in accordance with the invention.

- figure 2 shows schematically the block diagram of the sequence of operations illustrating detection filtering messages terminal receiver in accordance with the invention.

Detailed description of the invention

The following description relates to one variant of the method in accordance with the invention in a specific version of application in which the terminal of the transmitter, located in the main module of the operator, and transmits the digital content to the receivers connected to the network mentioned operator. The digital content of the first encode using a control word, which is passed to the terminal of the receiver in the EMM messages.

The operator can use different channels to broadcast messages EMM and different addressing modes for sending messages to different people. Thus, the EMM-GA designed for all users (GA - global audience), EMM-S is designed for a group of users (S - shared), and EMM-U is designed for a single user (U - user). The channel is typically used for broadcast messages EMM in each of these ways and is resale.

It is also possible, even in the case of a single addressing mode, to have different channels EMM. For example, in a mobile phone, some messages may be transmitted in the same multiplexed signal that contains video data, and others may be sent as SMS. It is also likely that some users will accept messages. Each EMM-U transferred to the user, should be considered as the EMM channel in the context of the invention.

To maintain a regular schedule in each of the channels EMM, open between the terminal of the transmitter and each terminal of the receiver, the method in accordance with the invention applies to all types of EMM channel, regardless of the type of message conveyed in this channel.

As in the standard CAS system, the operator shall submit the transfer request message to the CAS system. The rest of this description these messages are called "workers".

If no message is associated with a channel EMM, the latter, however, can remain active: then functionally neutral" message will be inserted by the CAS system in this channel. Functionally neutral message is a message with a valid syntax, which is designed to analyze the terminal of the recipient, but which does not contain any information from the operator and, in particular, any request for Akti is the situation of the processing in the terminal.

The flow of messages coming from the CAS system, therefore, is a message flow consisting of workers or neutral messages.

1 schematically illustrates the main steps of the method in accordance with the invention, for the case when working message passed into independent channels EMM so that each of them has its own context "unchanged" in the stream.

Stage 2 is the preliminary phase configuration terminal operator of the transmitter and receiver. This phase consists of determining the maximum duration of inactivity separated for this thread and for this user, in the case of personal stream. The default value is set for the duration.

It should be noted that the operator can change the maximum duration of inactivity posted to this thread. For example, in case of doubt in the integrity of the user, the operator may enforce the requirement to receive messages up to a certain day on channel EMM-U.

The terminal of the receiver is then made to take a certain period of time between multiple messages for each channel, in which they are addressed.

During this operation, a computer program, embodied in the terminal transfer in the head module is hildren, starts scanning stage 4, comprising determining whether the operator to transfer the operating message to the terminal of the receiver.

If this is confirmed, working message is determined at the step 6 and step 8, the working, the message is passed to the terminal of the receiver. The process is then repeated from step 4.

If it is not confirmed, perform a check to determine whether the message was transmitted to the receiver through an interval shorter than a length D, defined in step 2.

If this is confirmed, the process is repeated from step 4.

If it is not confirmed, neutral message is determined at the step 12, which then transmit (step 8) to the terminal of the receiver.

Figure 2 schematically illustrates the stages that provide the possibility of detecting malicious filtering work messages transmitted by the terminal to the transmitter terminal to the receiver. It can be noted that the operator can enable or disable the detection terminal of the receiver can filter working message by transmitting a specific command in the appropriate receiver.

It should be noted that to perform such a procedure of detecting the operator determines the duration DR, separating two successive reception by the receiver of the data transmitted by the transmitter at a given time t, the software installed is the terminal of receiver, measures the interval TR of time that had elapsed after the receiver has completed the reception of data transmitted by the transmitter, and transmits, if the time interval TR is greater than said duration DR, alarm in the administration module counter.

In this example, the control module counter is installed in the terminal of the receiver so that the terminal does not transmit any information to the head module network.

At step 20, the operator transmits the command to the receiver to enable detection of malicious filtering.

At step 22 the software installed in the terminal of the receiver measures the time between two consecutive messages sent through this channel, and compares the phase 24 modified time duration DR.

If the time interval TR is greater than the duration of the DR, the terminal of the receiver believes that there was a malicious attempt to filter and transmits an alarm signal to the control module counter (step 26), and the control module counter applies a sanction (step 30).

The sanction may consist in the fact that no longer perform message processing ECM when reading a multimedia content, which makes it impossible to decode the last.

Other sanction may consist in removing all operating keys and just content with AB is Orsk right in the security processor of the terminal receiver.

In the first embodiment, the control module opposition procedure applies only sanctions after a specified number N of alarms sent by the receiver in the control module counter.

In the second embodiment, the control module opposition gradually selects subject to application of the procedure of the counter in accordance with the number of recorded alarms. The counter may, for example, consist in the fact that no longer handle the ESM after two alarms, or even destruction of the rights and operating keys processor security after ten alarms.

If the interval TR of time shorter than the duration of the DR, at step 28, the software installed in the terminal of the receiver, runs the command, passed in the working messages.

It should be noted that the processing by the terminal receiver perform in accordance with the following steps:

- when I turn on the terminal or when he starts after the waiting period, the terminal waits for messages EMM,

- when you receive the EMM message, regardless of whether it is a work message or functionally neutral message, it is processed as in the prior art.

In the case when the detection of a malicious message filtering, processing changes t is thus, when taking a message EMM, date (sent or received) retain in memory, or maximum date expected for the next send or receive messages EMM, calculated as the sum of the previous date and the maximum duration of inactivity, then store in a storage device, and when the EMM message is accepted if the calculated date is less than the previous saved the date for sending or receiving messages EMM more than the maximum duration of inactivity, or, if this date is less than the previous maximum of the expected date of the next transmission or reception stored in the memory of EMM messages, then the terminal stores in memory detection filter message (s).

It should be noted that the processing time of the working message and neutral messages is not possible to distinguish the type of message.

In the third embodiment of the invention, the control module counter installed in the head module of the network, and the operator controls this module. In this case, the procedure of the counter is to install the configuration of the terminal transmitter for transmitting messages EMM sanctions intended terminal of the receiver. This message sanctions EMM handle by means of a terminal receiver, and it indicates what the opposition should be taken by the tea when there are multiple levels of resistance.

The invention can be implemented selectively, in particular, depending on the EMM channel or in General for all these channels, or depending on the nature of the work messages intended for broadcast.

1. The way to protect data security, transmitted by the transmitter to the receiver, containing the stage at which alternately with the data security periodically transmit to the receiver neutral data intended to prevent filtering, data security,
the method further comprises the steps are:
set (20) duration DR, separating two successive reception by the receiver of the data transmitted by the transmitter, and
at a fixed time t measured (22) the time interval TR has passed after reception by the receiver of the data transmitted by the transmitter,
if the time interval TR, the time is longer duration DR, transmit a signal (28) the alarm management module counter.

2. The method according to claim 1, in which the transmission neutral data start after the specified time after the last data transmission from the transmitter to the receiver.

3. The method according to claim 1, in which a neutral data have a structure similar to that of data security.

4. The method according to claim 1, additionally containing phase, which counts the number N of alarms sent by the receiver module of the control counter, and retain the number N of the memory management module counter.

5. The method according to claim 4, additionally comprising stages, which are:
set the number of SA alarms, representing a threshold value for starting the sanctions;
compare the number of SA with the number N stored in the memory of control module opposition, and
follow the procedure of reaction, if the number N exceeds the number of SA.

6. The method according to claim 5, in which the procedure counter activate locally using the receiver.

7. The method according to claim 5, in which the procedure counter activate remotely with a transmitter.

8. The method according to claim 6 or 7, in which the procedure of the counter is in the temporary or permanent suspension of the operation of the receiver.

9. The method according to claim 1, in which the data security and neutral data are transmitted to the receiver in the EMM messages.

10. The method according to claim 9, in which the data security and neutral encode data.

11. The method according to claim 1, in which the data security and neutral data are transmitted to the receiver in the data stream, optionally containing encoded audiovisual programs.

12. The method according to claim 8, in which the temporary or permanent suspension of the work lies in the fact that the stop processing messages ECM when reading media content.

13. The terminal transmitter, have been fitted the th in the head module operator's network and configured to flow working message the method according to claim 11 in the terminal receiver, characterized in that it includes means for:
a) store the maximum length D of the interval between two successive transmissions in the stream,
b) measuring the time T elapsed after the last transfer message,
c) send the message EMM sanctions terminal of the receiver, if the time interval T since the last transmission of messages, greater than or equal to the duration D.

14. Media containing a computer program for execution in the terminal transmitter at 13:
a) to save the maximum length D of the interval between two successive transmissions in the stream,
b) to measure the time T elapsed after the last transfer message,
c) to send the message EMM sanctions terminal of the receiver, if the time interval T since the last transmission of messages, greater than or equal to the duration D.

15. The terminal receiver, configured to receive the message transmitted by the terminal of the transmitter according to item 13, characterized in that it includes means for:
a) storing a maximum duration DR of the interval between two successive receptions of the messages in the stream,
b) measuring the time interval TR, the last after the last message is received,
c) notification of the time in the control module protiva esteem, if the time interval TR, since the last transmission of messages, greater than or equal to the duration of the DR.

16. Media containing a computer program for execution in the terminal receiver according to § 15:
a) to save the maximum duration DR of the interval between two successive receptions of the messages in the stream,
b) to measure the time interval TR, the last after the last message is received,
c) for notification of the time in the launcher counter, if the time interval TR, the last after the last message is received, greater than or equal to the duration of the DR.