A portion of the disclosure of this patent document contains material that is subject to copyright protection. The copyright owner has no objection to the facsimile reproduction by anyone of the patent document or the patent disclosure, as it appears in the Patent and Trademark Office patent files or records, but otherwise reserves all copyright rights whatsoever.
The present invention relates generally to the field of content and/or data delivery over a network. More particularly, the present invention relates in one exemplary aspect to provisioning a consumer premises device (e.g., set-top box) in a network having download capability; e.g., such as for conditional access, digital rights management, or trusted domain functionality.
Recent advances in digital information processing have made a wide range of services and functions available for delivery to consumers at their premises for very reasonable prices or subscription fees. These services and functions include digital programming (movies, etc.), digital video-on-demand (VOD), personal video recorder (PVR), Internet Protocol television (IPTV), digital media playback and recording, as well high-speed Internet access and IP-based telephony (e.g., VoIP). Other services available to network users include access to and recording of digital music (e.g., MP3 files), as well local area networking (including wire-line and wireless local area networks) for distributing these services throughout the user's premises, and beyond.
Currently, many of these services are provided and delivered to the user via a wide variety of different equipment environments including, inter alia, cable modems, WiFi hubs, Ethernet hubs, gateways, switches and routers, computers, servers, cable set-top boxes, PSTNs, cellular telephones/smartphones, PDAs, and portable digital music devices such as the Apple iPod™. Additionally, the services associated with such technology are typically provided by multiple vendors including e.g., a cable service provider (e.g., MSO), cellular service provider (CSP), wireless service provider (WSP), VoIP service provider, music download service, Internet service provider (ISP), PSTN telephone service, etc.
The myriad of services, equipment and providers can easily create confusion and economic inefficiency for someone using many of these services on a regular basis. In particular, a user may have to pay for each service or equipment separately, thus eliminating any economies of scale based on integration. Additionally, the equipment or services may not interoperate with one another, thus reducing the overall utility provided to the user, and increasing their frustration level. These problems are particularly acute when the number of different services utilized (and hence number of service providers) is high.
Some improvements in digital service integration have been made over time. For example, cable system subscribers (such as those of the Assignee hereof) can now access VOD, PVR, PPV and broadcast services simultaneously, as well as Internet access via cable modem, and even digital telephony (e.g., VoIP). However, these functions are still substantially disparate in terms of their hardware and software environments (i.e., the user must have a cable modem, set-top box, VoIP telephony unit, PC, etc.), and “cross-over” between the environments (e.g., moving content or data from one environment to the other) is quite limited.
Moreover, the movement of content delivered by these services within the user's premises (or even outside) is substantially frustrated, largely due to concerns relating to protection of valuable (e.g., copyrighted) content and surreptitious reproduction and distribution. Such unauthorized reproduction and distribution not only detracts from the network operator's revenue and commercial viability, but also that of the content source (e.g., movie studio, recording studio/artist, etc.).
Moreover, the lack of a comprehensive and effective scheme for control of content within the user domain effectively precludes content providers from releasing new content over cable or satellite networks contemporaneous with its availability over retail or rental outlets, due in large part to unauthorized access, reproduction and distribution concerns. Stated simply, new release content availability over cable typically lags that of rental/retail, due primarily to the lack of an effective control mechanism for the content once it is delivered to the user domain.
A number of existing technologies have heretofore been employed by network operators in order to attempt to frustrate surreptitious access, copying and distribution of valuable content.
Conditional Access
For example, so-called Conditional access (CA) technologies are typically incorporated into content-based networks, such technologies including the digital encoding of various types of data including audio and video programming and music. Conditional access can generally be defined as the control of when and how a user may view and use the associated programming or information. Different types of conditional access may be desirable in a network delivery system in order to, e.g., accommodate improvements in the technology over time, as well as different conditional access attributes such as security and category of programming or user access level.
A variety of traditional methods of conditional access exist including, e.g., “Powerkey™”, VideoGuard®, and DigiCipher®. A generalized conditional access model is also provided by the well-known DVB (Digital Video Broadcasting) Specification TS 101 197 V1.2.1 (02/02), DVB SimulCrypt; Part 1: “Head-end architecture and synchronization”, and TS 103 197 V1.2.1 (02/02): “Head-end Implementation of SimulCrypt”, each incorporated herein by reference in its entirety. These can be implemented using, for example, the so-called “CableCARD™” plug-in security module access technology (also known as a “a point-of-deployment (POD) module”). See, e.g., the CableCARD-Host interface specification, which defines the interface between a digital cable receiver or STB (Host device) and the CableCARD device provided by the MSO/cable operator. CableCARD was developed to satisfy certain security requirements to allow retail availability of host devices, e.g., set-top boxes, digital cable ready televisions, DVRs, personal computers (PCs), integrated digital televisions, etc., for receiving cable services. The CableCARD, comprising a PCMCIA device, can be inserted into a host device, allowing a viewer to receive cable systems' secure digital video services, e.g., pay per view TV, electronic program guides, premium subscription channels, etc.
Encryption
In many content-based networks (e.g., cable television systems), the client device or consumer premises equipment (CPE) receives, through the cable TV network, programming content which may be encrypted, e.g., in accordance with the Data Encryption Standard (DES) technique or Advanced Encryption Standard (AES), to secure its delivery.
DES is a well-known symmetrical cipher that utilizes a single key for both encryption and decryption of messages. Because the DES algorithm is publicly known, learning the DES key would allow an encrypted message to be read by anyone. As such, both the message sender and receiver must keep the DES key a secret from others. A DES key typically is a sequence of eight bytes, each containing eight bits. To enhance the DES integrity, the DES algorithm may be applied successive times. With this approach, the DES algorithm enciphers and deciphers data, e.g., three times in sequence, using different keys, resulting in a so-called triple DES (3DES) technique.
The Advanced Encryption Standard (AES), also known as Rijndael, is a block cipher adopted as an encryption standard by many entities including the U.S. government. It is used worldwide, as is the case with its predecessor, DES. AES was adopted by National Institute of Standards and Technology (NIST) and was codified as US FIPS PUB 197 in November 2001.
AES has a fixed block size of 128 bits and a key size of 128, 192 or 256 bits. The key is expanded using the well-known Rijndael key schedule. Most of AES calculations are performed in a special finite field. AES typically operates on a 4×4 array of bytes, termed the state.
AES provides a much higher level of encryption than DES or 3DES, and hence is increasingly being integrated into applications where strong protection is desired, including the delivery of content over cable or other content-based networks.
In contrast to the DES or AES techniques, a public key encryption technique, e.g., an RSA technique (named for its developers, Rivest, Shamir, and Adleman), uses two different keys. A first key, referred to as a private key, is kept secret by a user. The other key, referred to as a public key, is available to anyone wishing to communicate with the user in a confidential manner. The two keys uniquely match each other, collectively referred to as a “public \-private key pair.” However, the private key cannot be easily derived from the public key.
“Trusted Domains”
Another related approach for content protection comprises the creation and enforcement of a “trusted domain” or TD. Specifically, such a “trusted domain” (TD) comprises an area (physically or virtually) within which programming or other content is protected from unauthorized access, distribution and copying. For example, in a cable network, a trusted domain may include not only the network portion where programming content traditionally is secured by, and within total control of, a cable operator (including, e.g., the headend, HFC delivery network, etc.,) but also user devices or customer premises equipment (CPE) at subscribers' premises which are capable of receiving and securely storing programming content. Using the trusted domain approach, the network operator can guarantee certain subscriber access, distribution, and usage policy enforcement with respect to content held within the domain. For example, a digital representation of a movie held within an operator's TD (e.g., on a hard drive of a user device) cannot be distributed over the Internet, wireless network, etc. in viewable form, and cannot become a source for duplication of multiple viewable copies.
One exemplary approach of implementing a trusted domain, described in co-owned U.S. patent application Ser. No. 11/006,404 filed on Dec. 7, 2004 and entitled “Technique For Securely Communicating Programming Content”, which issued as U.S. Pat. No. 8,312,267 on Nov. 13, 2012 and is incorporated herein by reference in its entirety, comprises using two cryptographic elements (e.g., encryption keys), associated with a user and his/her client device(s), respectively, that control access to content stored in the client device(s) within the domain.
The trusted domain is preserved with respect to the stored content so long as the content remains encrypted and continues to be managed under the above-described key management methodology, regardless of which device stores the content. Once the content itself is decrypted, e.g., by a conditional access (CA) mechanism when data is sent from the SDVR CPE to a television monitor for display, the decrypted content is no longer within the trusted domain.
Digital Rights Management (DRM) and Steganograhy
Another approach used to control the distribution and use of protected content within a content-based network is to employ so-called digital rights management (DRM). For example, Media rights management systems such as the Microsoft Windows® Media Digital Rights Manager (DRM), may be used as well. The Windows® Media Player Version 9 comprises audio and video codecs, the Windows Media Encoder, Windows Media Server, Windows Media Software Development Kit (SDK), Digital Rights Management (DRM) technology, and an extensibility model that allows integration into third-party solutions.
According to one such DRM approach, a digital media or content file is encrypted and locked with a “license key.” The license key is stored in a license file or other data structure which is distributed separately from the media or content. A user can obtain the encrypted media file by, e.g., downloading it from a web site, purchasing it on a physical media, etc. To play the digital media file, the user must first acquire the license file including the license key for that media file.
Another approach to DRM (see, e.g., the RealNetworks “Helix” Platform and Community approach) comprises encrypting a content file (typically performed by the system operator) to create a secured content file, thereby requiring a cryptographic key to access the content in the file. The key is included within a retailer's database, and the secured content file is distributed to users by, e.g., Internet connection or offline distribution of CDs. The retailer itself sets usage rules and policies for licensing the content. A user contacts the retailer's web server, such as via a trusted software client, in order to obtain a license to access the encrypted content. The retailer's web server requests certain rights from the operator's license server, the latter which creates a license containing the key for the requested content file.
Related to DRM is the practice of steganography. Steganography is the art and science of including hidden data in such a way that no one apart from the intended recipient or sender knows of the existence of the data; this is in contrast to cryptography, where the existence of the data itself is not disguised, but the content is obscured. For example, digital steganographic data may included within the recorded data/content, such as digital watermarking data.
Emerging Technologies and Provisioning Requirements
More recently, emerging technologies have focused on so-called “downloadable” conditional access systems (DCAS), which are intended to be implemented in next-generation two-way, cable-ready digital TV sets, set-top boxes and/or other related devices. This “download” approach would enable cable operators to download conditional access software directly to TV sets, set-top boxes and other digital entertainment devices in the subscribers' premises, and would be especially suited to interactive services such as VOD, PVR, etc. This would also obviate the physical CableCARD form factor.
With the so-called FCC “navigation order” (Further Notice of Proposed Rulemaking (“FNPRM”), FCC 00-341, adopted Sep. 14, 2000; released Sep. 18, 2000 relating to, inter alia, the adoption of unidirectional plug and play, cable system operators are also required to support digital cable-ready devices on their systems. Downloadable conditional access (CA) functionality is one proposed conditional access technology that also meets this requirement. In addition to the requirements imposed by FCC 03-225, it is also desirable to support bi-directional cable-ready devices on its systems, as well as “separable security” functionality (i.e., the CA functionality is physically, or at least logically) separable from the host device. Ideally, such enhanced functionality would also allow both basic bi-directional functions (so-called single-stream devices) as well as the use of more advanced multi-stream devices such as digital video recorders (DVRs). It is also desirable to allow download-enabled devices to participate (ad hoc or otherwise) in the operator's trusted domain (TD).
In recent years, numerous systems for providing interconnectivity among devices in a premises (e.g., home, enterprise, university, etc.) have been developed, allowing premises networks to include DSTBs, personal computers, cellphones, PDA devices, etc. Because of the increasing popularity of premises networking and the demand for seamless interconnectivity between heterogeneous hardware/software environments (e.g., “plug and play”), there is a growing need for a strategy that enables a user to perform authorized transfer of protected content, e.g., transferring content from their cable system CPE to other devices in a premises network, or even outside of the network, and at the same time prevent unauthorized distribution and reproduction of the protected content. The foregoing CA, DRM, steganographic, and trusted domain technologies, while providing some degree of protection, simply do not support such control and protection within the increasingly complex user domain.
Specifically, these techniques do not support cryptographic key management and distribution systems that operate with both legacy or new CA systems, and are not under direct network operator (e.g., MSO) control. They also accordingly do not support advanced provisioning techniques which would allow the operator to maintain configuration control and databases (e.g., address allocation, billing, etc.), device enablement/deactivation, and so forth.
Moreover, such existing techniques often cannot be smoothly integrated with retail (third party) devices, and are typically quite platform specific. They are often also specific to the content delivery mode (i.e., VOD, broadcast, broadcast-switched, and other content delivery paradigms).
These existing techniques also will not support seamless transition between independent implementations of CA, trusted domain, and DRM security features and policies, and are not standardized to any significant degree.
Prior art conditional access (CA) systems such as the Scientific Atlanta “Powerkey” approach described above have no authentication entity or “proxy” that can authenticate CPE or other connected devices in anticipation of providing download services, and hence by nature are highly localized. Generally speaking, any “trusted domains” that might be established are not extendable beyond the CPE on the client side of the delivery network.
Moreover, the aforementioned DCAS and other such “downloadable” CA approaches require special provisioning capabilities not present in such prior art devices or systems. This stems largely from the fact that a unique, secure entity (e.g., the SM or secure microprocessor) is resident on each DCAS host, and the ability to download common and personalized images to this device requires specific controls and protocols, which also extend into the network operator's billing and content provisioning systems. For example, the DCAS approach provides the capability to simultaneously support multiple CA system instances and servers within the same network topology. That is, a given host could have access to one or more CA systems, and the provisioning system must be able to direct the host to the desired CA system based on considerations including e.g., compatibility, host capability, service profile, and other administrative and operational considerations. New administrative policies to provide device revocation, and to monitor and control the state of a specific host given its key status (as reported by e.g., a trusted authority) must be supported also. The provisioning system must also be able to support configuration control for each CA, DRM, and TD/ASD host in the network.
A variety of different approaches to network device provisioning are known in the prior art. For example, U.S. Pat. No. 5,982,412 to Nulty issued Nov. 9, 1999 entitled “Coaxial testing and provisioning network interface device” discloses a broadband network for providing broadband signals, such as cable television signals, to a subscriber location that includes a network interface device installed at the subscriber's end of the broadband network. The network interface device includes circuitry that provides for the selective provisioning of services to the subscriber location from the broadband network and a test circuit that can be selectively connected for testing signals appearing on the broadband network.
U.S. Pat. No. 6,009,103 to Woundy issued Dec. 28, 1999 entitled “Method and system for automatic allocation of resources in a network” discloses a method and system for automatically allocating network resources such as IP addresses to control access to the network by utilizing at least one DHCP server, and a common network database formed from a LDAP directory for storing respective user configuration parameters, hardware address registration, and current binding information. A DHCP server can add new hardware address registrations to the LDAP using an “unregistered” service class. The DHCP server sends a DHCP reply tailored for unregistered devices, such as by allocating a privately-allocated IP address with no Internet access, or an IP address for a self-provisioning web server. A DHCP server views IP address allocation as indefinite, while a user will view an IP address allocation as having a short duration. Thus, if the IP network configuration does not change, the user terminal will continue to receive the same allocated IP address due to the DHCP server's perception of an indefinite lease.
U.S. Pat. No. 6,233,687 to White issued May 15, 2001 entitled “Method and apparatus for providing configuration information in a network” discloses a method and apparatus for providing message authentication between a first device (such as a provisioning server) and a plurality of other devices (such as cable modems) without need to share a secret key between the first device and the plurality of second devices.
U.S. Pat. No. 6,657,991 to Akgun, et al. issued Dec. 2, 2003 and entitled “Method and system for provisioning network addresses in a data-over-cable system” discloses a method and system for provisioning network addresses in a data-over-cable system. Provisioning of network addresses allows multiple “always-on” network devices with multiple associated devices to be used on a data-over-cable system with a limited public network address pool. The “always-on” network devices provide services, such as, Voice over Internet Protocol (“VoIP”), that typically require instant access to data-over-cable system. Network devices such as “always-on” cable modems may allocated private network addresses (e.g., Internet Protocol addresses) on the data-over-cable system. The private network addresses are not addressable outside the data-over-cable system. Other network devices associated with the cable modems, such as customer premise equipment, may be allocated public network addresses (e.g., Internet Protocol Addresses) on the data-over-cable system. The public network addresses are addressable outside the data-over-cable system. The network address provisioning is accomplished by selecting a private network address marker and a public network address marker for selected network devices and using an extended Address Resolution Protocol table to determine a device type. The private network address marker or public network address marker is added to a Dynamic Host Configuration Protocol message field by a cable modem termination system. A Dynamic Host Configuration Protocol server uses the private or public address marker to allocate a private network address or a public network address on the data-over-cable system.
U.S. Pat. No. 7,092,397 to Chandran, et al. issued Aug. 15, 2006 entitled “Method and apparatus for mapping an MPLS tag to a data packet in a headend” discloses a method of using DOCSIS 1.1 features to allow the addition of ISPs and QOS levels to a single cable modem without having to modify the CMTS is described in the various figures. Instead of using the SID of a data packet to determine the VPN tag of a data packet (DOCSIS 1.0), a service flow is used to identify the appropriate tag. This is done using the DOCSIS 1.1 configuration file. By doing so, the need for creating additional sub-interfaces in the cable modem interface does not arise. Instead, the configuration is modified at the provisioning server, i.e., the DHCP/TFTP server.
U.S. Pat. No. 7,107,326 to Fijolek, et al. issued Sep. 12, 2006 entitled “Method and system for integrating IP address reservations with policy provisioning” discloses a method and system for policy provisioning and access managing on a data-over-cable system. One method includes receiving a first message on a first network device such as a CMTS from a second network device and marking the first message with an identifier of a network access device. The method further includes intercepting the first message on a third network device prior to a first protocol network server such as a Dynamic Host Configuration Protocol (“DHCP”) server receives the first message. When the third network device intercepts the first message, the third network device determines the identity of the second network device. Based on the identity of the second network device and using the identifier of the network access device, the third network device manages an assignment of configuration parameters for the second network device.
U.S. Pat. No. 7,154,912 to Chong, et al. issued Dec. 26, 2006 entitled “System and method for provisioning broadband service in a PPPoE network using a list of stored domain names” discloses a modem that includes a list of the multiple domain names. Each of the domain names is associated with a different Broadband Service Node (BSN). A PPPoE session is established, and an authentication request, containing the identifier and a generic password, is transmitted from a modem to multiple domain names over the PPPoE network. Subsequently, authorization is received from at least one of the domain names. The authorization preferably comprises at least one static Internet Protocol (IP) address. The modem then obtains full configuration details from an Internet Service Provider (ISP). A system and a computer program product for provisioning broadband service in a Point-to-Point Protocol Over Ethernet (PPPoE) network is also disclosed.
United States Patent Application Publication No. 20020129358 to Buehl, et al. published Sep. 12, 2002 entitled “Cable billing systems and methods enabling independence of service marketing and provisioning from billing and collection of revenue” discloses systems and methods that divide the billing function of a billing system from the provisioning function of a service in digital cable systems. Because the billing system is only responsible for billing, rather than the provisioning of services, new services may be added to cable systems without the task of configuring the billing system specifically for new services added to the system. The services are implemented using an offering package created by the service, where the offering package contains billing related information forwarded to the billing system to bill for the service.
United States Patent Application Publication No. 20030048380 to Tamura published Mar. 13, 2003 entitled “Self provisioning Set-Top Box” discloses a self provisioning television Set-Top Box. The STB has an interface that couples the STB to a service provider and incorporates a cable modem. A programmed processor boots from a boot ROM and carries out a process for self provisioning in the event the STB is new and not set up to use the current service provider. The process includes initiating communication with the service provider using the cable modem and sending equipment identifying information including a Set-Top Box serial number and a smart card identifier to the service provider. The service provider replies with system specific information including an application server identifier from the service provider. The STB then sends a user profile to the service provider, and the service provider replies by sending account information including an account identifier.
United States Patent Application Publication No. 20030069965 to Ma, et al. published Apr. 10, 2003 entitled “Provisioning per cable modem” discloses a method and apparatus for provisioning on a per cable modem level includes associating any customer provided equipment behind a gateway cable modem to the same internet service provider as the cable modem.
United States Patent Application Publication No. 20040260798 to Addington, et al. published Dec. 23, 2004 entitled “Systems and methods for distributing software for a host device in a cable system” discloses systems and methods that may be used for provisioning, configuring, and controlling a host embodied in a cable set top box or other digital device attached to a digital communication network, such as cable distribution network. A services system maintains various host files for various types of hosts that a cable subscriber may purchase and connect to the cable network. The Services Server interacts with the host using the host files. The host files may be downloaded from the host manufacturer into a database that distributes the modules as required to the various enhanced services systems. The host may be purchased by the cable subscriber and provisioning may be initiated by the retailer at the time of purchase using a provisioning network interacting with the appropriate cable system serving the subscriber.
United States Patent Application Publication No. 20050015810 to Gould, et al. published Jan. 20, 2005 entitled “System and method for managing provisioning parameters in a cable network” discloses a system and method for managing provisioning parameters in a cable network. A dynamic TFTP (DTFTP) server and a CMTS manage the provisioning of devices in a cable network. The DTFTP server and the CMTS share common provisioning parameters. A provisioning parameter has a name and a value. When changes are made in the value of a provisioning parameter that is also used by a CMTSs supported by that DTFTP server, the DTFTP server securely communicates the new provisioning parameter values to each such CMTS. In one embodiment, the DTFTP server pushes the new provisioning parameter values to the CMTSs. In another embodiment, a poller pulls the provisioning parameters from the DTFTP server to a central datastore where changes in provisioning parameters used by the CMTSs supported by the DTFTP are identified. The changed provisioning parameter values are pushed from the central datastore to the CMTSs.
Despite the foregoing, there is a need for improved apparatus and methods for provisioning network devices or CPE (such as for example DSTBs used in a cable or satellite network) that specifically is compatible and complementary to the operation of so-called “downloadable” conditional access, DRM or TD systems (e.g., a DCAS system). Such improved provisioning apparatus and methods would ideally include the ability to rapidly and seamlessly add new CPE/host devices to the operator's network, and configure them with the necessary firmware, etc. to enable operation with the “download” CA/DRM/TD environments previously described. Moreover, the network operator would also ideally be able to remotely provision the hosts if desired, and deactivate the hosts remotely as well.
Such improved provisioning apparatus and methods would also ideally be delivery-mode agnostic; i.e., they would be compatible with VOD, broadcast, broadcast-switched, and other content delivery paradigms, and would further allow for an interoperable architecture with components from different network, secure component, and CPE vendors, in effect standardizing many aspects of device provisioning, billing, and content control.
The present invention addresses the foregoing needs by disclosing apparatus and methods for provisioning CPE within a content-based network, as well as devices or domains associated therewith.
In a first aspect of the invention, a network apparatus is disclosed. In one embodiment, the apparatus is disposed substantially at a first location of a content-based network and adapted for provisioning of a security device at a second location of the network, and comprises: a provisioning subsystem comprising both cable modem and video provisioning apparatus. The exemplary provisioning apparatus is adapted to maintain identifying information of the security device, information regarding a topological context of the security device in the network, and the software configuration of the security device.
In one variant, the network apparatus further comprising a conditional access apparatus in communication with the provisioning subsystem; and an authentication apparatus in communication with at least the conditional access apparatus. The authentication and conditional access apparatus are configured to cooperate to transmit to the security device both: (i) at least one cryptographic key, and (ii) encrypted code configured to provide at least protection of content at the security device.
In another variant a personalization server (PS) apparatus in communication with the conditional access system is provided. The PS is adapted to select the at least one cryptographic key and encrypted code based at least in part on a communication received from the security device.
In a second embodiment, the network apparatus is disposed substantially at a first node of a content-based network and adapted for delivery of security information to a second node of the network, and comprises: a content provisioning apparatus; a security management apparatus in communication with the provisioning apparatus; and an authentication apparatus in communication with at least the security management apparatus. The provisioning, management, and authentication apparatus cooperate to: provision a client device coupled to the network; establish an account associated with the client device; authenticate a physically secure element of the client device; and provide at least one secure software image to the secure element, the at least one secure image enabling at least in part access to content distributed over the network.
In a third embodiment, the network apparatus is adapted for use with a client-side security management apparatus in operative communication with a content-based network, the client-side apparatus adapted to maintain at least a portion of a trusted domain within a client device using at least a secure element. The network apparatus comprises: a content provisioning apparatus; a conditional access apparatus in communication with the provisioning apparatus; and an authentication apparatus in communication with at least the conditional access apparatus. The authentication, provisioning and conditional access apparatus are configured to cooperate to transmit to the secure element of the client device both: (i) at least one cryptographic key, and (ii) encrypted code configured to provide at least protection of the content at the client device.
In a fourth embodiment, the network apparatus comprises: a provisioning system; a common image server; and a device-specific image server. The apparatus is adapted to securely obtain and deliver a device-specific software image, as well as a common software image, to at least a secure element of a target client device, the common image being applicable to all of a plurality of client devices having a common configuration and disposed within a network, and the device-specific image being specific to only the secure element of the target client device. Delivery of the device-specific image and the common image is conducted pursuant to the client device being provisioned within the network by the provisioning system.
In a fifth embodiment, the network apparatus is adapted for use in providing secure content and software downloads to a plurality of client devices within a cable television network, and comprises: secure download infrastructure adapted for data communication with a trusted authority (TA); a media provisioning system in data communication with the infrastructure; a billing system in data communication with the provisioning system; and a media security system in data communication with the provisioning system. In one variant, the secure download infrastructure and the TA cooperate to provide cryptographic elements and at least one secure client device software image for delivery by the infrastructure to the client devices. The provisioning system and the security system determine and apply entitlements for selected ones of the client devices in order to authorize providing the cryptographic elements and the at least one software image thereto.
In a second aspect of the invention, a method of delivering secure software over a network to a client device is disclosed. In one embodiment, the method comprises: entering information associated with the client device within at least one of a DNCS or billing system of the network; coupling the client device to the network; establishing a network address for the client device; providing via a first entity device credentials along with a cryptographic element for the client device to a second entity; returning a client device-specific personalized software image to the first entity from the second entity; returning a common software image to the first entity from the second entity; encrypting at least the device-specific image for the specific client device based at least in part on the cryptographic element; and sending via the first entity the encrypted device-specific image and the common image.
In a third aspect of the invention, a method of provisioning is disclosed. In one embodiment, the method is used for provisioning a client device for operation within a cable television network, the client device having a security device substantially unique to the client device, and the method comprises: acquiring a network address for the client device; placing an authentication entity in contact with the security device; authenticating the security device to the entity; obtaining personalization information associated with the security device based at least in part on the authenticating; providing the personalization information to the security device over the network; obtaining a software image common to all of a plurality of client devices having a common configuration and disposed within the network; and processing one or more messages at the client device in order to determine conditional access privileges.
In another embodiment, the method of provisioning is used for consumer premises equipment (CPE) comprising a conditional access (CA) download-enabled secure host, and modem and set-top box functionality. When the CPE is connected to a content-based network, the method comprises: enabling the modem functionality of the CPE; assigning a network address to the CPE; and providing the CPE with at least one image for the conditional access host chosen by an operator of the network. In one variant, the modem comprises a DOCSIS-compliant cable modem, and the network address comprises an IP address. The at least one image comprises at least a personalized image (PI) that is unique to the CPE.
In a fourth aspect of the invention, a method of doing business over a content-based network is disclosed. In one embodiment, the method comprises selectively configuring at least one network client device based at least in part on a service request from e.g., a subscriber associated with the at least one device. The selective configuration comprises: entering information associated with the at least one device into at least one of a billing system or digital network control system (DNCS) of the network; generating personalization data specific to the at least one client device when the at least one device is coupled into communication with the network; transmitting the data to the at least one client device; and establishing at least one security permission or policy within a secure element of the at least one client device, the at least one permission or policy enabling provision of the requested service.
In a fifth aspect of the invention, a client device adapted for provisioning according to a downloadable security/CA paradigm is disclosed. In one embodiment, the device comprises a modem and set-top box functionality, and further includes a secure microprocessor adapted to authenticate itself to an authentication entity after establishing communication via the modem.
In a sixth aspect of the invention, a method of deactivating a host of a client device is disclosed. In one embodiment, the network comprises an HFC cable television network having a video provisioning system, and the client device is not operable on the network (i.e., turned off, or not coupled to the network, etc.). In another embodiment, the client device is coupled and in communication with the head-end of the network.
In a seventh aspect of the invention, a method of doing business over a content-based network is disclosed. In one embodiment, the method comprises: migrating a client device having a first conditional access profile from a first location within said network to a second location within said network, said migrating comprising downloading a second conditional access profile to said device at said second location; and provisioning said device so as to allow for operation thereof within said network at said second location. In one variant, the provisioning comprises: entering information associated with said client device into at least one of a billing system or digital network control system (DNCS) of said network; performing at least one of generating or verifying personalization data specific to said client device when said device is coupled into communication with said network at said second location; and establishing at least one security permission or policy within a secure element of said client device, said at least one permission or policy enabling provision of a requested service.
In an eighth aspect of the invention, a network apparatus adapted for delivery of security data to a node of a content distribution network is disclosed. In one embodiment, the network apparatus comprises: a security management apparatus; and an authentication apparatus in data communication with the security management apparatus; wherein the security management and authentication apparatus are configured to cooperate to: authenticate a physically secure element of a computerized client device in data communication with the content distribution network, the authentication of the physically secure element enabling the computerized client device to be added to an authorized domain; and provide security data to the physically secure element, the security data enabling at least in part access via the computerized client device to content distributed over the content distribution network, the content originating from a content source disposed at a node of a third party network in data communication with the content distribution network.
In a second embodiment, the network apparatus further comprises a provisioning apparatus; wherein the provisioning apparatus is configured to cooperate with the security management and authentication apparatus to (i) provision the computerized client device with at least one software component, and (ii) process a plurality of messages associated with the authentication and the provision of the security data.
In one variant, the processing of the plurality of messages comprises data communication via a web service interface, the web service interface being implemented based on Simple Object Access Protocol (SOAP).
In another variant, the processing of the plurality of messages comprises data communication via hypertext transport protocol (HTTP) or secure HTTP (HTTPS).
In a third embodiment, the security data comprises a cryptographic key, the cryptographic key useful for the enablement of the at least in part access to the content; and the network apparatus further comprises a trusted authority (TA) apparatus configured at least to manage a plurality of cryptographic keys.
In one variant, the TA apparatus is further configured to receive data representative of a request for the cryptographic key.
In another variant, the TA apparatus is further configured to provide the cryptographic key to the computerized client device for storage on the physically secure element.
In a fourth embodiment, the security data is configured for provision of digital rights management (DRM) protection of the content.
In one variant, the provision of the DRM protection of the content comprises provision of data relating to one or more restrictions associated with the content, the one or more restrictions relating to at least one of usage, copying, or distribution of the content.
In a ninth aspect of the invention, a computerized apparatus for delivering security data to a plurality of computerized client devices via at least a content distribution network is disclosed. In one embodiment, the computerized apparatus comprises: network interface apparatus configured to support data communication with the plurality of computerized client devices; processing apparatus in data communication with the network interface apparatus; and storage apparatus in data communication with the processing apparatus, and comprising at least one computer program, the at least one computer program comprising a plurality of instructions which are configured to, when executed by the processing apparatus, cause the computerized apparatus to: receive data representative of a request to provision one of the plurality of computerized client devices; cause determination of whether a physically secure element of the one of the plurality of computerized client devices is configured to enable addition of the one of the plurality of computerized client devices to an authorized domain; and provide at least security data to the one of the plurality of computerized client devices, the at least security data configured to enable access via the one of the plurality of computerized client devices to digitally rendered content distributed over the content distribution network, the digitally rendered content sourced from a content server of a third party network in data communication with the content distribution network.
In a second embodiment, the at least security data comprises a cryptographic key; and the determination of whether the physically secure element of the one of the plurality of computerized client devices is configured to enable the addition of the one of the plurality of computerized client devices to the authorized domain comprises verification of a prescribed software and one or more cryptographic elements being present on the one of the plurality of computerized client devices.
In a third embodiment, the at least security data is included within the digitally rendered content.
In a fourth embodiment, the authorized domain comprises one or more other computerized client devices, the one or more other computerized client devices comprising a data connection to one another and each authenticated to receive the at least security data.
In a fifth embodiment, the authorized domain comprises a subset of consumer premises equipment (CPE), the CPE comprising one or more client devices which do not belong to the authorized domain, the one or more client devices connected to the one of the plurality of computerized client devices; wherein delivery of the digitally rendered content to the one or more client devices comprises application of an additional security mechanism to the digitally rendered content, the additional security mechanism unassociated with the at least security data.
In a tenth aspect of the invention, a computerized method of providing security data to a computerized client device in data communication with an unmanaged content distribution network is disclosed. In one embodiment, the computerized method comprises: authenticating a physically secure element of the computerized client device; adding the computerized client device to an authorized domain of client devices; and providing security data to the computerized client device, the security data configured to enable at least in part access to digitally rendered content, the digitally rendered content provided to the computerized client device via at least the unmanaged content distribution network.
In a second embodiment, the computerized method further comprises provisioning the computerized client device with a software image, the software image configured for enabling the authenticating.
In one variant, the computerized method further comprises providing a cryptographic key, the cryptographic key useful for the enabling of the authenticating; and wherein the providing of the cryptographic key comprising data communication via a web service interface, the web service interface implemented based on Simple Object Access Protocol (SOAP).
In another variant, the provisioning comprises sending a unicast message comprising at least a portion of the software image.
These and other aspects of the invention shall become apparent when considered in light of the disclosure provided herein.
Reference is now made to the drawings wherein like numerals refer to like parts throughout.
As used herein, the term “application” refers generally to a unit of executable software that implements a certain functionality or theme. The themes of applications vary broadly across any number of disciplines and functions (such as on-demand content management, e-commerce transactions, brokerage transactions, home entertainment, calculator etc.), and one application may have more than one theme. The unit of executable software generally runs in a predetermined environment; for example, the unit could comprise a downloadable Java Xlet™ that runs within the JavaTV™ environment.
As used herein, the terms “client device” and “end user device” include, but are not limited to, set-top boxes (e.g., DSTBs), personal computers (PCs), and minicomputers, whether desktop, laptop, or otherwise, and mobile devices such as handheld computers, PDAs, personal media devices (PMDs), such as for example an iPod™, or Motorola ROKR, and smartphones.
As used herein, the term “codec” refers to an video, audio, or other data coding and/or decoding algorithm, process or apparatus including, without limitation, those of the MPEG (e.g., MPEG-1, MPEG-2, MPEG-4, etc.), Real (Real Video, etc.), AC-3 (audio), DiVX, XViD/ViDX, Windows Media Video (e.g., WMV 7, 8, or 9), ATI Video codec, or VC-1 (SMPTE standard 421M) families.
As used herein, the term “computer program” or “software” is meant to include any sequence or human or machine cognizable steps which perform a function. Such program may be rendered in virtually any programming language or environment including, for example, C/C++, Fortran, COBOL, PASCAL, assembly language, markup languages (e.g., HTML, SGML, XML, VoXML), and the like, as well as object-oriented environments such as the Common Object Request Broker Architecture (CORBA), Java™ (including J2ME, Java Beans, etc.), Binary Runtime Environment (BREW), and the like.
As used herein, the term “conditional access” refers to any access control scheme, whether implemented in hardware, software, or firmware (or combinations thereof), including without limitation members of the “Powerkey” family, NDS (including VideoGuard, mVideoGuard, etc.), DVB, and Motorola/General Instrument DigiCipher® family (DigiCipher II, MediaCipher, etc.). These can be implemented using, for example, CA-specific hardware/software elements embedded in the device, the so-called “CableCARD” plug-in security module access technology, a downloadable CA system (DCAS), or otherwise.
The terms “Customer Premises Equipment (CPE)” and “host device” refer to any type of electronic equipment located within a customer's or user's premises and connected to a network. The term “host device” refers generally to a terminal device that has access to digital television content via a satellite, cable, or terrestrial network. The host device functionality may be integrated into a digital television (DTV) set. The term “customer premises equipment” (CPE) includes such electronic equipment such as set-top boxes (e.g., DSTBs), televisions, cable modems (CMs), embedded multimedia terminal adapters (eMTAs), whether stand-alone or integrated with other devices, Digital Video Recorders (DVR), gateway storage devices (Furnace), and ITV Personal Computers.
As used herein, the term “database” refers generally to one or more tangible or virtual data storage locations, which may or may not be physically co-located with each other or other system components.
As used herein, the term “display” means any type of device adapted to display information, including without limitation CRTs, LCDs, TFTs, plasma displays, LEDs, incandescent and fluorescent devices. Display devices may also include less dynamic devices such as, for example, printers, e-ink devices, and the like.
As used herein, the term “DVI” (digital video interface) refers generally to any type of interface (e.g., hardware and/or software) adapted to provide interface and/or conversion between different formats or domains, including without limitation interfaces compliant with the Digital Display Working Group (DDWG) DVI specification (e.g., DVI-A, DVI-D, and DVI-I). For example, using a DVI connector and port, a digital signal sent to an analog monitor is converted into an analog signal; if the monitor is digital, such as a flat panel display, no conversion is necessary. A DVI output is an option in OpenCable compliant hardware that provides a high-definition TV (HDTV) output which includes copy protection.
As used herein, the term “DVR” (digital video recorder) refers generally to any type or recording mechanism and/or software environment whereby content sent over a network can be recorded and selectively recalled. Such DVR may be dedicated in nature, or part of a non-dedicated or multi-function system.
As used herein, the term “DOCSIS” refers to any of the existing or planned variants of the Data Over Cable Services Interface Specification, including for example DOCSIS versions 1.0, 1.1, 2.0 and 3.0. DOCSIS (version 1.0) is a standard and protocol for internet access using a “digital” cable network. DOCSIS 1.1 is interoperable with DOCSIS 1.0, and has data rate and latency guarantees (VoIP), as well as improved security compared to DOCSIS 1.0. DOCSIS 2.0 is interoperable with 1.0 and 1.1, yet provides a wider upstream band (6.4 MHz), as well as new modulation formats including TDMA and CDMA. It also provides symmetric services (30 Mbps upstream).
As used herein, the term “head-end” refers generally to a networked system controlled by an operator (e.g., an MSO) that distributes programming to MSO clientele using client devices. Such programming may include literally any information source/receiver including, inter alia, free-to-air TV channels, pay TV channels, interactive TV, and the Internet. DSTBs may literally take on any configuration, and can be retail devices meaning that consumers may or may not obtain their DSTBs from the MSO exclusively. Accordingly, it is anticipated that MSO networks may have client devices from multiple vendors, and these client devices will have widely varying hardware capabilities. Multiple regional head-ends may be in the same or different cities.
As used herein, the term “integrated circuit (IC)” refers to any type of device having any level of integration (including without limitation VLSI, VLSI, and LSI) and irrespective of process or base materials (including, without limitation Si, SiGe, CMOS and GaAs). ICs may include, for example, memory devices (e.g., DRAM, SRAM, DDRAM, EEPROM/Flash, ROM), digital processors, SoC devices, FPGAs, ASICs, ADCs, DACs, transceivers, memory controllers, and other devices, as well as any combinations thereof.
As used herein, the terms “Internet” and “internet” are used interchangeably to refer to inter-networks including, without limitation, the Internet.
As used herein, the term “memory” includes any type of integrated circuit or other storage device adapted for storing digital data including, without limitation, ROM. PROM, EEPROM, DRAM, SDRAM, DDR/2 SDRAM, EDO/FPMS, RLDRAM, SRAM, “flash” memory (e.g., NAND/NOR), and PSRAM.
As used herein, the terms “microprocessor” and “digital processor” are meant generally to include all types of digital processing devices including, without limitation, digital signal processors (DSPs), reduced instruction set computers (RISC), general-purpose (CISC) processors, microprocessors, gate arrays (e.g., FPGAs), PLDs, reconfigurable compute fabrics (RCFs), array processors, secure microprocessors, and application-specific integrated circuits (ASICs). Such digital processors may be contained on a single unitary IC die, or distributed across multiple components.
As used herein, the terms “MSO” or “multiple systems operator” refer to a cable, satellite, or terrestrial network provider having infrastructure required to deliver services including programming and data over those mediums.
As used herein, the terms “network” and “bearer network” refer generally to any type of telecommunications or data network including, without limitation, hybrid fiber coax (HFC) networks, satellite networks, telco networks, and data networks (including MANs, WANs, LANs, WLANs, internets, and intranets). Such networks or portions thereof may utilize any one or more different topologies (e.g., ring, bus, star, loop, etc.), transmission media (e.g., wired/RF cable, RF wireless, millimeter wave, optical, etc.) and/or communications or networking protocols (e.g., SONET, DOCSIS, IEEE Std. 802.3, ATM, X.25, Frame Relay, 3GPP, 3GPP2, WAP, SIP, UDP, FTP, RTP/RTCP, H.323, etc.)
As used herein, the terms “network agent” and “network entity” refers to any network entity (whether software, firmware, and/or hardware based) adapted to perform one or more specific purposes. For example, a network agent or entity may comprise a computer program running in server belonging to a network operator, which is in communication with one or more processes on a CPE or other device.
As used herein, the term “node” refers without limitation to any location, functional entity, or component within a network.
As used herein, the term “QAM” refers to modulation schemes used for sending signals over cable networks. Such modulation scheme might use any constellation level (e.g. QPSK, QAM-16, QAM-64, QAM-256 etc.) depending on details of a cable network. A QAM may also refer to a physical channel modulated according to the schemes.
As used herein, the term “network interface” refers to any signal, data, or software interface with a component, network or process including, without limitation, those of the Firewire (e.g., FW400, FW800, etc.), USB (e.g., USB2), Ethernet (e.g., 10/100, 10/100/1000 (Gigabit Ethernet), 10-Gig-E, etc.), MoCA, Serial ATA (e.g., SATA, e-SATA, SATAII), Ultra-ATA/DMA, Coaxsys (e.g., TVnet™), radio frequency tuner (e.g., in-band or OOB, cable modem, etc.), WiFi (802.11a,b,g,n), WiMAX (802.16), PAN (802.15), or IrDA families.
As used herein, the term “personalization” refers generally and without limitation to data, cryptographic elements, and/or code downloaded or otherwise provided to a target device or domain (e.g., host) to create a desired security environment or policies for operation on or with a particular network system.
As used herein, the term “provisioning” refers to without limitation any process which enables, establishes, terminates, or modifies the configuration of a device, process, or entity or services related thereto.
As used herein, the term “server” refers to any computerized component, system or entity regardless of form which is adapted to provide data, files, applications, content, or other services to one or more other devices or entities on a computer network.
As used herein, the term “user interface” refers to, without limitation, any visual, graphical, tactile, audible, sensory, or other means of providing information to and/or receiving information from a user or other entity.
As used herein, the term “WiFi” refers to, without limitation, any of the variants of IEEE-Std. 802.11 or related standards including 802.11 a/b/g/n.
As used herein, the term “wireless” means any wireless signal, data, communication, or other interface including without limitation WiFi, Bluetooth, 3G, HSDPA/HSUPA, TDMA, CDMA (e.g., IS-95A, WCDMA, etc.), FHSS, DSSS, GSM, PAN/802.15, WiMAX (802.16), 802.20, narrowband/FDMA, OFDM, PCS/DCS, analog cellular, CDPD, satellite systems, millimeter wave or microwave systems, acoustic, and infrared (i.e., IrDA).
Overview
In one salient aspect, the present invention comprises apparatus and methods for enhanced media provisioning capabilities. Media provisioning describes the process necessary to, inter alia, activate, configure, modify, and/or deactivate a CPE (e.g., downloadable conditional access (CA) system or “DCAS” host device) for operation within a content-based network. In one embodiment, this configuration of the host device (including one or more entities associated therewith, such as the secure microprocessor (SM) is remotely managed by a Media Provisioning System (MPS) component of the network operator's larger provisioning system.
A primary goal of the MPS and the downloadable CA infrastructure described herein is to provide a secure, distributed system for the management of SM firmware configuration within download-capable host devices (“DCAS hosts”). The exemplary MPS handles DCAS provisioning, and executes work flows to manage provisioning and configuration policy within the operator's network. The MPS signals these policies to an authentication agent or proxy (AP). The AP has responsibility for interacting with the CA System's personalization server (PS), an entity useful for the personalization of software/firmware images on individual host devices, and is also responsible for enforcing the aforementioned provisioning and configuration policies.
In the exemplary embodiment, the process for DCAS host provisioning requires the MPS to distribute information pertaining to the SM of each DCAS host device, activated within the network, to a corresponding authentication proxy (AP) within the network's conditional access infrastructure. This requires the MPS to maintain the topological context of each SM, the SM's identifying information, and the SM's operationally desired software configuration.
The provisioning apparatus and methods disclosed herein are useful at, inter alia, the head-end or distribution hub of a cable network, for implementing host device provisioning in the context of e.g., a download paradigm for legacy or newly developed CA, TD, and DRM software and cryptographic protection schemes. This allows the network operator, and even the third party content provider by proxy, to exert additional control on subscriptions and service provision, viewing, reproduction, and migration of content distributed over the network.
Benefits of the “download” approach associated with the provisioning techniques described herein include: (i) operation with both new and legacy CAS systems including DVB-CSA CAS proprietary systems; (ii) ability to be readily integrated with retail and OEM products; (iii) reduction of security costs associated with CAS implementation (i.e., by avoiding the capital expenditures and operating costs associated with purchasing, installing and maintaining CableCARDs or similar implementations); use of state-of-the-art security hardware and software, thereby enhancing protection of MSO and third party content provider investments; (v) centralized control of key generation and distribution by network operators (e.g., MSO's); and (vi) flexibility that allows for deployment of broadcast, VOD, TD, and DRM security solutions from multiple vendors.
Moreover, the secure download approach of the present invention allows for ready implementation of future security upgrades such as improved encryption algorithms and new CAS, TD, or DRM technologies.
Another primary feature of the secure provisioning and download architecture of the present invention is the creation of a system that is substantially consistent or symmetric with respect to both leased and retail client devices or CPE. Devices that are connected to the operator's network utilize a prescribed process to ensure that the client device's download “host” is registered with the operator's billing system, has the correct software and cryptographic elements (e.g., keying) for operation on that network, regardless of whether the device comprises a lease or retail installation. The exemplary processes described herein advantageously cause client device hosts with inappropriate or no such software or cryptographic elements to acquire these components from the network securely, after appropriate additions and configuration of billing and provisioning system components has occurred. This approach allows for substantial ubiquity for both leased and retail devices on the network, and at a competitive cost.
In the exemplary embodiment, the network portion of the architecture (disposed, e.g., the cable network head-end or BSA hub) comprises an authentication proxy (AP), conditional access (CA) system, and media provisioning system (MPS) particularly adapted for the aforementioned download paradigm. A personalization server (PS) is used in conjunction with the system to provide “personalization” to the client device(s), including providing the aforementioned software and cryptographic element (e.g., key) management download functions previously described. The MPS is part of the larger network broadband provisioning system (BPS), which is also in communication with the network operator's billing system (BS), the foregoing coordinating to provision the target host device while tracking and maintaining appropriate records and data within the operator's management and billing systems.
The exemplary embodiments of the apparatus and methods described herein also provide simultaneous support for multiple CA system instances and personalization servers within the same network topology. That is, a given SM host may have access to one or more CA systems via the provisioning system, which helps direct the host to the appropriate PS (CA system) based on one or more factors such as compatibility, host capability, service profile, and/or administrative and operational considerations. Policy enforcement (e.g., device revocation and state control of individual hosts) within the network is also provided, as is extensibility (e.g., downloading of CA, DRM and ASD clients).
Exemplary embodiments of the apparatus and methods of the present invention are now described in detail. While these exemplary embodiments are described in the context of the aforementioned hybrid fiber coax (HFC) cable system architecture having an multiple systems operator (MSO), digital networking capability, and plurality of client devices/CPE, the general principles and advantages of the invention may be extended to other types of networks and architectures, whether broadband, narrowband, wired or wireless, or otherwise, the following therefore being merely exemplary in nature.
It will also be appreciated that while described generally in the context of a consumer (i.e., home) end user domain, the present invention may be readily adapted to other types of environments (e.g., commercial/enterprise, government/military, etc.) as well. Myriad other applications are possible.
It is further noted that while described primarily in the context of a cable system with 6 MHz RF channels, the present invention is applicable to literally any network topology or paradigm, and any frequency/bandwidth, such as for example 8 MHz channels. Furthermore, as referenced above, the invention is in no way limited to traditional cable system frequencies (i.e., below 1 GHz), and in fact may be used with systems that operate above 1 GHz band in center frequency or bandwidth, to include without limitation so-called ultra-wideband systems.
Also, while certain aspects are described primarily in the context of the well-known Internet Protocol (described in, inter alia, RFC 791 and 2460), it will be appreciated that the present invention may utilize other types of protocols (and in fact bearer networks to include other internets and intranets) to implement the described functionality.
Lastly, while several aspects are described in the context of the Scientific Atlanta BOSS (Business Operations Support System) and associated messaging protocols of the type well known in the cable industry, these embodiments are merely exemplary, and the invention is in no way limited to such embodiments.
Network—
The data/application origination point 102 comprises any medium that allows data and/or applications (such as a VOD-based or “Watch TV” application, or other application) to be transferred to a distribution server 104. This can include for example a third party data source, application vendor website, CD-ROM, external network interface, mass storage device (e.g., RAID system), etc. Such transference may be automatic, initiated upon the occurrence of one or more specified events (such as the receipt of a request packet or ACK), performed manually, or accomplished in any number of other modes readily recognized by those of ordinary skill.
The application distribution server 104 comprises a computer system where such applications can enter the network system. Distribution servers are well known in the networking arts, and accordingly not described further herein.
The VOD server 105 comprises a computer system where on-demand content can be received from one or more of the aforementioned data sources 102 and enter the network system. These servers may generate the content locally, or alternatively act as a gateway or intermediary from a distant source.
The CPE 106 includes any equipment in the “customers' premises” (or other locations, whether local or remote to the distribution server 104) that can be accessed by a distribution server 104 or other network entity.
Referring now to
The architecture 150 of
Content (e.g., audio, video, etc.) is provided in each downstream (in-band) channel associated with the relevant service group. To communicate with the head-end or intermediary node (e.g., hub server), the CPE 106 may use the out-of-band (OOB) or DOCSIS channels and associated protocols. The OCAP 1.0, 2.0, 3.0 (and subsequent) specifications provide for exemplary networking protocols both downstream and upstream, although the invention is in no way limited to these approaches.
It will also be recognized that the multiple servers (broadcast, VOD, or otherwise) can be used, and disposed at two or more different locations if desired, such as being part of different server “farms”. These multiple servers can be used to feed one service group, or alternatively different service groups. In a simple architecture, a single server is used to feed one or more service groups. In another variant, multiple servers located at the same location are used to feed one or more service groups. In yet another variant, multiple servers disposed at different location are used to feed one or more service groups.
As shown in
“Switched” Networks—
Switching architectures allow improved efficiency of bandwidth use for ordinary digital broadcast programs. Ideally, the subscriber will be unaware of any difference between programs delivered using a switched network and ordinary streaming broadcast delivery.
Co-owned U.S. patent application Ser. No. 09/956,688 filed on Sep. 20, 2001 and entitled “Technique For Effectively Providing Program Material In A Cable Television System” (issued as U.S. Pat. No. 8,713,623 on Apr. 29, 2014), incorporated herein by reference in its entirety, describes one exemplary broadcast switched digital architecture useful with the present invention, although it will be recognized by those of ordinary skill that other approaches and architectures may be substituted.
In addition to “broadcast” content (e.g., video programming), the systems of
Referring again to
The edge switch 194 forwards the packets receive from the CMTS 199 to the QAM modulator 189, which transmits the packets on one or more physical (QAM-modulated RF) channels to the CPEs. The IP packets are typically transmitted on RF channels that are different that the RF channels used for the broadcast video and audio programming, although this is not a requirement. The CPE 106 are each configured to monitor the particular assigned RF channel (such as via a port or socket ID/address, or other such mechanism) for IP packets intended for the subscriber premises/address that they serve.
Network Security Download Apparatus and Methods—
Referring now to
Moreover, while many of the exemplary embodiments describe obtaining information from a head-end server, TA, or other such entity, the present invention also contemplates the use of other sources of such information including, without limitation, peer devices within or outside of the network, or intermediary nodes in the content distribution network.
As shown in
Central to the security architecture is the concept of a “trusted domain” or TD. As previously described, such a “trusted domain” (TD) comprises an area (physically or virtually) within which programming or other content is protected from unauthorized access, distribution and copying. For example, in a cable network, a trusted domain may include not only the network portion where programming content traditionally is secured by, and within total control of, a cable operator (including, e.g., the head-end 150, HFC delivery network 101, etc.,) but also user devices or CPE 106 at subscribers' premises which are capable of receiving and securely storing programming content. Using the trusted domain approach, the network operator can guarantee certain subscriber access, distribution, and usage policy enforcement with respect to content held within the domain. For example, a digital representation of a movie held within an operator's TD (e.g., on a hard drive of a user device) cannot be distributed over the Internet, wireless network, etc. in viewable form, and cannot become a source for duplication of multiple viewable copies.
Exemplary apparatus and methods for implementing a “trusted domain” are described in co-owned U.S. patent application Ser. No. 11/006,404 previously incorporated herein, although it will be appreciated that other approaches may be used with equal success consistent with the present invention.
In another variant of the invention the TD comprises a so-called “authorized service domain” or ASD. One exemplary embodiment of an authorized service domain useful with this variant is described in the document “DCAS Authorized Service Domain”, Version 1.2, dated Nov. 30, 2005, which is incorporated herein by reference in its entirety. In this embodiment, the ASD comprises a domain where content is secured using the mechanisms available through the operator's conditional access system. For example, in a subscriber's home, the ASD physically translates into a collection of one or more trusted devices where content may be securely stored and moved within the domain. The distinction between the exemplary ASD and other forms of copy protection (e.g., DTCP) relates primarily to the fact that the content remains under operator control at all times. The control point within the ASD is the personalized secure microprocessor (SM). Hence, the ASD acts effectively as an extension of the operator's Conditional Access (CA) system.
It will be recognized that on the client side, the TD established within a target device (e.g., CPE 106) is not necessarily coextensive with the CPE 106 itself. For example, only certain portions of the CPE will be secure and suitable for maintaining the integrity of the protected content, and others (such as the analog output interface to a non-protected output domain or NSOD as described subsequently herein) not comprising part of the TD.
Referring again to
The network operator realm 204 generally comprises an authentication proxy (AP) or agent 208, which communicates with the TA 203 in order to authenticate itself, and obtain the aforementioned keys and information that is required to authenticate itself to the secure microprocessor (SM) described subsequently herein. The AP also communicates with the user realm 206 (e.g., with the secure download system (SDS) host 210 in the client device) in order to authenticate the client device (host) and download secure software images and cryptographic elements (e.g., keys) used in establishing the security domain and policies within the client device.
The user realm 206 comprises for example a user premises (e.g., residence or enterprise), including the user's host 210 and client device or CPE 106. Note that the SDS host 210 comprises a network security “entity” that may be coincident or separate from the physical implementation of the client device 106; the two may not be coextensive. For example, the host 210 may generically include the CPE 106 and any other devices that are compliant to the security download specifications and requirements.
The client device may take any number of forms, including for example a set-top box (e.g., DSTB), a converged device or “hive” such as that described in U.S. patent application Ser. No. 11/378,129 filed on Mar. 16, 2006 entitled “Methods And Apparatus For Centralized Content And Data Delivery” (issued as U.S. Pat. No. 8,347,341 on Jan. 1, 2013), incorporated herein by reference in its entirety, a wireless satellite receiver, or even a mobile wireless device in direct or indirect data communication with the operator network realm 204 and the AP 208. See, e.g., co-owned U.S. patent application Ser. No. 11/258,229 entitled “Method And Apparatus For On-Demand Content Transmission And Control Over Networks” filed on Oct. 24, 2005, incorporated herein by reference in its entirety, wherein media can be streamed between a mobile unit and user CPE 106, including optionally in an on-demand or session-based fashion. Accordingly, the present invention contemplates that the trusted domain and CA/DRM control can be exerted over several interconnected networks, including those outside of the MSO or user realm (e.g., a WSP or CSP network and radio area network (RAN) associated with the mobile device).
Similarly, so called “personal media devices” (PMDs) are contemplated to be used to form part of the trusted domain within the user realm. In one exemplary embodiment, the PMD comprises a video or other personal media device having multimedia capability, and which can include a secure microprocessor (SM) and other necessary components to authenticate to the CPE (acting as an AP proxy) or directly with the AP 208, and receive CA/DRM/TD client images as well as cryptographic elements such as secure microprocessor encryption or signing keys (SMEK and SMSK). For example, the PMD could act as either a) another DCAS device to which individual clients could be downloaded, or b) an acceptable trusted domain interface that allows TD content to be played on the player of the PMD.
In one variant, the user realm 206 of
It will be recognized that while the user realm 206 of
In another embodiment of the of the user realm, a personal video encoder (PVE) or comparable device is used as part of or is in communication with the DCAS host 210 (or an associated client device coupled thereto). For example, the “Slingbox” device manufactured by Sling Media of San Mateo, Calif. is one such exemplary device which is capable of enabling a user to watch TV programming from various locations via an Internet-connected PC or similar device. The device is generally connected between the subscriber's cable/satellite video drop and DSTB, and has a TV tuner inside. The user tunes to a given channel, and the device encodes the video streamed over the cable/satellite in Windows Media or similar format. The encoded content is streamed to a client application on a TD-enabled Windows XP-based or similar PC via an IP network such as the Internet, and hence the user can view the data locally (i.e., at the same premises) or remotely so long as they have access to the IP distribution network. This functionality can be made part of a separate physical component within the user realm 206, or alternatively have some or all of its functionality disposed within the client device or CPE 106 itself. It may also be integrated with other devices (such as connected client devices or PMDs) as previously noted.
As can be appreciated, literally an unlimited number of network topologies (whether mobile, fixed, or both) may be used consistent with the aim of extending or configuring the trusted portion of the user realm 206.
The user realm 206 also typically will include one or more output devices 214, e.g., television monitors, personal computers, and the like. These devices will typically carry no security or protection mechanisms to protect content, and hence are not typically part of the “trusted domain”, but rather a non-secure output domain (NSOD) as described in greater detail subsequently herein. These devices may, however, by physically integrated with a device that is part of the trusted domain, such as wherein a monitor is combined with a DVR, DSTB, or PC.
In the exemplary trusted domain architecture, content is secured using mechanisms specified and provided by the network operator. The TD can also be used to implement and manage selective control of output to one or more output domains (ODs). These ODs can be considered as being outside of the TD, yet which implement prescribed security policies or mechanisms. For example, one such OD may comprise a secure OD (SOD), wherein content delivered into the domain is protected using an authorized security mechanism that is outside of the network operator's direct control (in contrast to the TD, which is entirely with the operator's control). For example, the well known Digital Transmission Content Protection (DTCP) and
High-Bandwidth Digital Content Protection (HDCP) copy protection schemes proffered by 5C and Intel Corporation, respectively. Literally any number of different DRM and copy protection techniques may be used (alone or in combination) consistent with the SOD of the present invention, however, including without limitation steganographics such as watermarking and encryption.
In the exemplary configuration, the network operator or designated third party proxy has the ability to specify policies to be implemented within the domain (e.g., copy one generation), via e.g., copy control information (CCI) or other such downstream communications to the host 210. Hence, while the operator can specify security policies to be enforced within the SOD, access to content once it is within the SOD is not dependent on the operator's TD or CA system, but rather on the security mechanisms enforced within the SOD. This is in effect an “indirect” form of control by the operator on the SOD, without directly imposing CA or other such policies enforced within the TD.
Aside from the SOD, other forms of output domains (OD) may be utilized consistent with the invention. For example, in one variant, a non-secure OD (NSOD) is utilized. The NSOD literally may carry no protections or guarantees of the security for the content. For example, content output via an unprotected digital or analog interface (e.g., analog video output to a monitor or recording device) would be within the NSOD. Similarly, digital data transmitted “in the clear” would be entering an NSOD.
The DCAS host device 210 is communicatively coupled with the DCAS infrastructure 308 typically deployed by the network operator. The DCAS infrastructure includes, for example, a Personalization Server (PS) 310 that provides a particular Conditional Access (CA) System's interface to the DCAS Infrastructure and is responsible for the assignment of a personalized SM client image to each SM, an Authentication Proxy (AP) 208 that provides the communications path between the SMs deployed in the network, the personalization server(s) 310, and the DCAS Video Provisioning System (MPS) and a TA server 203 that maintains the set of root keys that provide a root of trust for the DCAS system. The TA authorizes the assignment of keys to other parties in the DCAS infrastructure. The SM 306 may communicate with the AP 208 using a protocol such as the DCAS NPM protocol, described in inter alia, “DCAS Protocol and Messaging Specification”, Time Warner Cable Spec-DCAS-NPM-W10.01, Oct. 31, 2005, which is incorporated herein by reference in its entirety.
The DCAS Host device 300 is also communicatively coupled with a Broadband Provisioning System (BPS) 316 through intermediate network functional elements such as e.g., a Cisco Network Registrar (CNR) 318 and servers performing functions such as the Lightweight Directory Access Protocol (LDAP) 320 and Media Access Control to Internet Protocol (MAC2IP) 322. The BPS functions include a DCAS media provisioning system (MPS) 324 and a DOCSIS provisioning system (DPS) 326. Additional elements of the exemplary DCAS network include a billing system (BS) 330 and a Digital Network Controller System (DNCS) 328. In the illustrated embodiment, the BS 330 is communicatively coupled with the DNCS, MPS and DPS, and the DNCS is communicatively coupled to the PS 310. The MPS is also able to at least monitor the messages between the BS and the DNCS.
The process for provisioning in the exemplary security architecture (e.g., DCAS) requires the MPS 324 to distribute information pertaining to the SM of each host 210 to be activated within the network to a corresponding AP 208 within the DCAS infrastructure. This requires the MPS to maintain the topological context of each SM 306, the SM's identifying information, and the SM's operationally desired software configuration. Therefore, MPS 324 should manage information elements such as those described below:
(2) SM Topology Information—The location and association of a Secure Micro Identifier to the correct Authentication Proxy IP Address and the identification of the correct Personalization Server Identifier (PSIdentifier) and Personalization Server IP Address corresponding to the PS which will serve the SM. In one implementation, this may be achieved via a lookup table which maps DNCS to PS (PSID & PS IP Address) to AP (APID & AP IP Address). Using this table, the MPS 324 can determine to which AP it needs to send a particular message. Other mechanisms for entity/process association well known to those of ordinary skill in the networking arts may also be substituted with equal success.
(3) SM Client Software Information—The SM Client IDs to be assigned to a given SM Class ID and a given Secure Micro Identifier. These enable the AP 208 to manage the process of SM Client downloads to the SM 306, further described in the present invention. The MPS 324 may for example implement the client IDs as a single, static set of SM Client IDs to be assigned to all deployed SMs. Another way to implement client IDs is to provide for an interface by which specific SM Client IDs are assigned to specific SM Class IDs (“coarse grain” grouping), or such as where specific SM Client IDs are assigned to specific Secure Micro Identifiers or Host Hardware Identifiers within a given SM Class (fine grain grouping). Table 5 shows exemplary parameters stored (on a per-SM 306) by the MPS 324 of the illustrated embodiment.
When a new host device 210 is about to be added to a network, the operator first prepares the device. The preparation phase includes adding identification information of the host device to various network components such as the BS. This may be done automatically (e.g., upon detection of the device being connected or otherwise placed in communication with the network, akin to well known “auto-configuration” functionality used in many data networks), semi-automatically (e.g., automatically after initiation or confirmation by an operator), or even manually as desired. Preparation of the host may also occur (at least in part) before the device is ever connected to the target network; e.g., during manufacturing, in a pre-delivery phase, and so forth.
In another variant of the invention, the billing system (or multiple systems as applicable) sends a copy of the messages it forwards to the DNC to the Media Provisioning System (MPS) 324. The billing system(s) is/are configured to filter and send messages for “DCAS only” type of devices, thereby allowing for inter alia, differentiation within the system between download-enabled and non-download enabled devices.
Provisioning Flow—
First, a DCAS host 210 with embedded STB function arrives at an MSO facility or other designated location in step 700. In the next step 702, an entity (e.g., a Customer Service Representative (CSR) or an automated process) enters information that uniquely identifies the STB function of the DCAS host 210 in the DNCS system of the network. Such information may include for example one or more of unique Media Access Control (MAC) address, Ethernet hardware address, TUNER ID, TUNER USE, serial number, alphanumeric identifier or any other identification techniques used to uniquely identify an STB. In addition to this, in step 704, the information that uniquely identifies the STB is also entered in the billing system (BS) 330 or other such MSO tracking entity.
In step 706, a CSR or automated entity enters the customer service order for deploying a DCAS host device in the BS. This information may include e.g., pairing-up the eCM and eSTB MAC addresses with a customer billing account and desired service levels, and/or features that may be specific to that device. The CSR then may assign the host device 210 to a technician for field installation. In the next step 708, the BS 330 sends a command to the BPS 318 to set a policy for the eCM function of the target host device 210. When the BPS receives the information from the BS (step 712), the BPS provides information about the eCM of the host device being installed to the DHCP server's LDAP directory. Per step 710, the BS sends a Scientific Atlanta BOSS ModiftDhctAdminStatus command to the DNCS 328 and MPS 324. This command indicates to the DNCS and MPS that host device is about to be put in service within the network.
After receiving the ModiftDhctAdminStatus command, the DNCS can begin transmitting EMMs to the host device per step 714. Moreover, in one variant, the Entitlement Management Messages (EMMs) are used to specify which host/CPE within the network (“targeted populations”) are subsequently given access to content. A targeted population may comprise as few as one specific CPE, or as large as all CPE within the network. EMMs may also be issued to a group of CPE based on one or more targeting criteria which may include, without limitation, specific TUNER ID, MAC or other CPE-specific variables, geographic profiles (e.g., all CPE within a given geographic region, zip code, etc.), demographic profiles, equipment type profiles, subscriber level profiles, CA and DRM capabilities, and so forth. Exemplary methods and apparatus for targeting selected subsets or populations with a network are described in, e.g., co-owned U.S. patent application Ser. No. 11/186,452 entitled “Method And Apparatus For Boundary-Based Network Operation” filed on Jul. 20, 2005, which is incorporated herein by reference in its entirety, although other approaches may be used with equal success.
After receiving the ModifyDhctAdminStatus command per step 710, the MPS queries in step 716 the Mac2IP server 322 for information about the STB of the Host device being deployed. In the next step 718, the MPS sends an AddSmRequest message to a selected AP. Table 1 shows exemplary parameters included in the AddSmRequest message, although it will be recognized that other message types and formats can be used with equal success. Table 5 provided below describes an exemplary format of implementation of these parameters.
In step 718, MPS identifies the SM within the host device 210 that is being installed to the AP. When steps 712, 718 and 720 are complete, the host device is ready for installation by e.g., a field technician. Next, in step 722, a field technician installs the host device in a customer premise and connects it to the network.
It will be appreciated that while described in the context of a pre-installation provisioning methodology with respect to
Alternatively, using an auto-configuration (e.g., “zero-config”) process of the type well known in the art, the device may search the network to determine used and unused addresses. The device then grabs an available MAC or other network address according to prescribed protocol (e.g., take address if available starting from XXXXYYYY, etc.). This address in one case is temporary and will be used by the device 210 for the remainder of the provisioning process only; a new permanent address is assigned by the head-end 150 during the provisioning process (or once completed). Alternatively, the “grabbed” address may be used permanently by the device 210 if desired.
Network address management techniques are well known in the art, and accordingly not described further herein. It will be appreciated by those of ordinary skill that the foregoing embodiment are merely exemplary; literally any method of assigning an address to a device (whether permanent or temporary) may be used consistent with the invention.
Once the address has been obtained by the host device 210, it can then implement a communication protocol per step 762 to initiate communication with a head-end or other network entity (e.g., MPS 324) adapted to provision the device remotely. This protocol can be implemented in stages; e.g., (i) first establishing communication with the head-end entity, irrespective of authentication; (ii)) second, authenticating the host device 210 and head-end entity to one another (thereby preventing man-in-the-middle and spoofing attacks); and (iii) negotiating and delivering necessary data and information to complete the provisioning process. This latter process (and in fact even the former ones) can also be conducted with assistance/input from the subscriber, such as e.g., a password, authentication code, order number, etc. given by the MSO via another communication channel, which the user may be prompted to enter into the host device 210 or provide via another mechanism (such as telephonic channel, Internet website, etc.).
Referring back to the provisioning methodology of
When the BS 330 receives a manual request to provision a DCAS host as part of the customer order entry process, it sends a ModifyDhctAdminStatus request 850 to the DNCS to initiate the video provisioning of the DCAS host. The DNCS generates a ModifyDhctAdminStatus response 852, addressed to the BS, after successfully changing the configuration of the host device 210 corresponding to the ModifyDhctAdminStatus request that was received. The BS also generates a ModifyDhctAdminStatus request 854 addressed to the MPS to initiate the DCAS provisioning of the DCAS host. After receiving this message, the MPS sends a ModifyDhctAdminStatus response message 856 to the BS. The MPS requests device information (e.g., IP address, SMID, & TPID) from the Mac2IP server by sending a message thereto 858. The Mac2IP server responds to MPS with the requested device information, if known by sending a DeviceInfoResponse message 860. The MPS transmits an AddSmRequest message 862 to the DCAS AP within the DCAS Infrastructure corresponding to the location of the set-top on the network. The AP 208 indicates the successful addition of the SM identifying information to its internal data store by responding to the MPS with an AddSmResponse message 864. At this point, the SM (within the DCAS host) is prepared to proceed with DCAS authentication and client image download, further described below.
The following messages are exchanged between a DHCP server 902 in the CNR, a TFTP server 904 in the CNR, and/or the eCM part 302 of the host device 300. With the eCM in communication with the network, the eCM first sends a DhcpDiscover request 910 to the DHCP server 902. The DHCP server is in a state to recognize the eCM and responds with a DHCP Offer message 912 containing an IP address appropriate for the DCAS host eCM 302. The DHCP server includes in the Offer message 910 the proper DOCSIS configuration file name. In reply to this, the eCM sends a DHCP Request message 914 to the DHCP server. The DHCP server responds with a DHCP Ack message 916 containing an IP address appropriate for the eCM. The DHCP server includes in the Ack the appropriate DOC SIS configuration file name for the eCM. Upon obtaining the IP address and location of the configuration file, the eCM requests from the TFTP server 904 by sending a GetRequest message 918 the configuration file named in the DHCP acknowledgement from the DHCP server. The TFTP server responds with a GetResponse message 920, and sends the requested CM configuration file.
In a subsequent step, the AP sends to the SM a DCAS SecurityAnnounce multicast message 1010. The SM recognizes the identification of the AP in the SecurityAnnounce message, and generates a DCAS ClientSignOn message 1012 for transmission to the AP. This message includes SM Class Identifier, a current list of SM (e.g., CA) Client Identifiers, and SMID. The AP 208 generates a DCAS ClientSignOnConfirm message 1014 for transmission to the SM. This message includes fields filled by the AP based on certain criteria. For example, in one embodiment, the AP compares the SM Class Identifier and list of SM Client Identifiers to the list of approved SM Client Identifiers for this SM. If the lists match, then the AP returns a DCAS ClientSignOnConfirm message indicating that the SM Clients are up-to-date, and do not require download. If the lists do not match, then the AP returns a DCAS ClientSignOnConfirm message that contains the list of approved SM Client Identifiers.
If the SM requires new client downloads because the SM client (e.g., CA client) list did not match, the SM generates a DCAS Status message 1016, indicating that ClientSignOnConfirm message was accepted, by including a status code of “STATUS OK”. When the AP receives this message, it generates a request 1018 to the PS for Client Images (both Common and Personalized). The PS will check if the host device 210 containing the SM is properly configured in the DNCS. If the device is properly configured, the PS responds in message 1020 to the AP request with both a Common Image (CI) download directive and a Personalized Image (PI) attachment. The AP then generates a DCAS DownloadInfo message 1022 to the SM. This message contains the CI download directive and the PI attachments. The SM downloads each CI based on the information in the DCAS DownloadInfo Message. As directed by the PS message 1020 forwarded by the AP, either a TFTP server or another alternative scheme such as Object Carousel can be used to deliver the Common Images. If TFTP mechanism is used, the SM requests by sending message 1024 the specified Common Images from the TFTP server 904. The TFTP server delivers the Common Images to the SM in a message 1026, although other approaches may be used with equal success.
The SM completes the entire Common Image download process, and generates a DownloadConfirm message 1028 to the AP. In this message, the SM indicates the current client status for each SM Client. The AP generates a PersonalizationConfirm message 1030 to the PS 310, informing the PS that a personalized SM client image has (or has not) been installed on the SM. The AP 208 sends a DCAS Status message 1032 to the SM, indicating the DownloadConfirm message was received, by including a status code of “STATUS_OK”.
Deactivate Host Provisioning Flow (on Network)—
A host device 210 may also be deactivated (or de-provisioned) while being connected to the network. A CSR or other entity initiates the deactivation by entering an order in the BS. The order is then further propagated in the network by e.g., message exchanges among the appropriate servers, leading to deactivation of the host, based in the exemplary embodiment on deactivation of the SM within the host. Further details of one exemplary implementation of this process are described below.
When the AP 208 receives the request from the MPS, it sends a unicast DCASDownload message to the SM within the host device. In the next step 1124, the SM sends a ClientSignOn message to the AP. In the next step 1126, the AP sends a unicast ClientSignOn confirmation message to the SM. When it gets this message, in the next step 1128, the SM deletes the common and personalized images corresponding to the personalized image programmed in the host device. Next, in step 1130, the SM sends a DCAST status message to the AP.
As shown in
Deactivate Host Provisioning Flow (Off Network)—
In some cases, the network operator may desire to deactivate a host device while the device is passive (i.e., not connected to the network or able to actively participate). For example, the host device 210 may be turned off or otherwise disconnected by the user. The present invention provides for performing such deactivation by exchanging messages among servers on the network side, advantageously without the need of any message response from the host device being deactivated.
As shown in
Replace Client Provisioning Flow—
An additional task which may be desired by the network operator is to change (add, delete, replace, or modify) the CA or other system residing on the SM within the host device 210. Such a need may arise due to availability of a new CA (or DRM or TD/ASD) system or version within a network, or physical relocation of a host device within the network, or other deployment or business requirements.
Upon reception of this message, in step 1304, the SM sends a ClientSignOn message to the AP 208. As a reply to this message (step 1306), the AP sends a ClientSignOnConfirm message to the SM. In the exemplary embodiment, this message is also unicast to the SM. When the SM receives this message per step 1308, it deletes both the common and personalized images (CI and PI) of the SM Client ID that is being deleted.
Next, in step 1310, the SM sends a DCAS Status message to the AP. AP then requests personalization information in step 1312 from the appropriate PS 310. After the AP receives the personalization information, it sends this information to the SM via a DownloadInfo message in step 1314. In the subsequent step 1316, the SM stores the personalized information in the form of a personalized image (PI) and downloads the common image (CI). Upon completion of this step, the SM signals the AP of the success in step 1318 by sending a DownloadConfirm message to the AP. The AP 208 conveys this confirmation to the PS in step 1320. Once the AP notifies the PS, the client change is complete.
MPS Workflows Triggered by the Billing System—
Table 3 shows exemplary parameters included in the DeleteSmRequest message. Table 5 shows exemplary implementation details for these parameters.
The AP 208 ultimately sends a DeleteSmResponse message 1510 to the MPS confirming the deactivation.
MPS Workflow Triggered by Configuration Changes—
A MPS workflow may be triggered when a major configuration change is made in the MPS, such as a change in the assignment of SM Client IDs to a specific SM Class ID, or a change in the assignment of SM Client IDs to a specific Secure Micro Identifier or host Hardware Identifier.
The Mac2IP server responds with the requested information by sending back a DeviceInforResponse 1604. The MPS assembles the information received from the Mac2IP server response, from manual configuration and from previously stored information and sends a ModiftSmRequest message 1606 to the AP. The AP 208 updates its data store with the new configuration information and sends a ModifySmResponse message 1608 back to the MPS confirming successful change in the configuration.
MPS Workflow Triggered by the AP—
A MPS 324 workflow will be triggered when the MPS receives a certain message from the AP 208. The SmInfo workflow is used if the AP is communicating with an SM for which it does not have a complete set of identification and configuration information (e.g., as shown in Table 4). The AP sends a SmInfoRequest message to the MPS to request the current identification and configuration information for the DCAS host eSTB. The MPS 324, in turn, performs a Mac2IP lookup (e.g., by IP address) of the DCAS host eSTB, assembles the Mac2IP response with data it previously obtained from the Billing System (BS), updates the MPS data store, and reports the complete set of identification and configuration information to the AP 208.
Table 5 shows additional details of an exemplary implementation of various parameters used in the messages exchanged in accordance with the described embodiments of the present invention. For each parameter listed under the Parameter column, the Type column indicates the type of the parameter, the Length column indicates exemplary byte length of the parameter, and the Description column provides additional details of the parameter.
MPS to AP Communication Protocol—
The interface between a MPS 324 and an AP 208 optionally can be implemented as a Web Service (WS) interface, compatible with existing interface conventions applied elsewhere within a network operator's DCAS infrastructure. For example, the interface may be implemented using the Simple Object Access Protocol (SOAP) document style encoding. The MPS could also support hypertext transport protocol (HTTP) and secure HTTP (HTTPS) protocols to establish WS connections and secure data traffic. The MPS-to-AP interface can implement for example Transport Layer Security (TLS) which provides a standard method for the mutual authentication and the secure exchange of data between parties in the DCAS architecture. Since TLS relies on the exchange of X.509 certificates for authentication, and the agreed use of specific TLS Cipher suites for the exchange of data, such an implementation can advantageously provide an interoperable solution with multiple vendors' equipment.
Business/Operational Rules Engine and Methods—
In another aspect of the invention, a processing entity (e.g., rendered as one or more computer programs disposed within the head-end (e.g., MPS 324, AP 208, PS 310, etc.), BSA hub entity, CPE 106, or other location) includes a so-called “rules” engine. This engine comprises, in an exemplary embodiment, one or more software routines adapted to control the operation of the security management architecture, including the media provisioning system 324, in order to achieve one or more goals relating to operations or business (e.g., profit). Included within these areas are implementation of security management policies that can increase network optimization and reliability, increase maintenance intervals, increase subscriber or user satisfaction, increase subscription base, higher profit (e.g., from increased advertising revenues, more subscriber “views” of given content, higher data download speed, increased bandwidth and responsiveness to changing demands for bandwidth, reduction of undue QAM replication, and so forth.
These rules may comprise a separate entity or process, and may also be fully integrated within other processing entities (such as the aforementioned security management architecture of
For example, the MPS portion 324 of the network security management apparatus (or CPE) may invoke certain operational protocols or decision processes based on information or requests received from the CPE, conditions existing within the network, demographic data, geographic data, etc. However, these processes may not always be compatible with higher-level business or operational goals, such as maximizing profit, bandwidth management, or system reliability. Hence, when imposed, the business/operational rules can be used to dynamically (or manually) control the operation of the download, provisioning, and/or Client process on the CPE 106 or within other domains (e.g., SOD or NSODs in communication with the TD). The rules may be, e.g., operational or business-oriented in nature, and may also be applied selectively in terms of time of day, duration, specific local areas, or even at the individual user level (e.g., via specific identification of the CPE or client device via TUNER ID, MAC address, SM identifying information or the like).
For example, one rule implemented by the rules engine may comprise only providing certain types or program recording and/or distribution features to certain subscribers or classes of subscribers. The subscriber CPE 106 may possess a Firewire (IEEE-1394) interface or other such interface capable of transmitting content to a connected device for example, but the ability to transfer such protected content out of the TD not be made available to such subscribers unless they met certain criteria (e.g., “premium” subscription, etc.).
Another rule might impose a moratorium or restrictions on downloading secure images (e.g., SM Clients) or download keys to the host/CPE 106 during conditions of very heavy loading, e.g., until a certain minimum threshold of available bandwidth is present, thereby avoiding contention for bandwidth resources with “premium” services such as DOCSIS cable modem Internet access. Similarly, processing typically done upstream of the CPE could be dynamically shifted to the CPE under such circumstances so as distribute the processing load (and hence downstream messaging bandwidth consumed) to the CPE.
Similarly, another rule might comprise controlling and rate-limiting the region over which any bulk upgrade of SM Client images is performed in order to limit the amount of network traffic and host resource load added during SM Client image downloads.
Premium subscribers might also be given “head of the line” privileges where any contention exists for SM Client download or provisioning requests or keying (such as by way of a “bottleneck” at the TA 203).
Moreover, premium subscribers might be given a greater scope of options and choices; e.g., the ability to use a wider range of CPE (e.g., new DSTBs introduced in the retail market), while more basic subscribers are limited as to the type of device they may use as part of their subscription. Billing policies and procedures might also be modified as a function of subscription level or some other parameter.
The establishment of a trusted domain, conditional access perimeter, and/or digital rights policies may also be made in a substantially dynamic fashion using the methods and apparatus of the invention. For example, an MSO might know that a given subscriber or premises might only use recording or personal media devices (PMDs) during certain time periods (e.g., weekends) based on, e.g., historical data, subscription restrictions, or other operational factors or conditions. Hence, extension of the TD to include these capabilities, and necessary permissions, can be selectively enabled or disabled by the MSO if desired, such as to achieve other operational or business goals. This can also be useful for maintenance modes, wherein such maintenance is scheduled into periods when the subscriber is not expected to make use of these features during a particular period of time. These capabilities can also be rapidly re-established should the subscriber wish to utilize them (e.g., in an “on-demand” fashion).
The present invention also lends itself to various business models in terms of distribution, operation, and equipment/service provisioning. Specifically, by using the technology of the present invention, the CPE 106 can also be reconfigured as a trusted domain for protected content received over the cable or satellite receiver (tuner). New versions or upgrades of software/firmware can readily be downloaded and installed as well. In that the present invention advantageously provides MSO control over the access, distribution and reproduction of content within the network (and to a degree beyond the MSO network), numerous different permutations of these features can be offered by the MSO as part of a subscription or incentive program. For example, a “basic” subscriber might be given a certain limited package of TD capabilities (e.g., no transmission of protected content outside of the TD, no recording to fixed media such as a CD-ROM, no “multi-room” DVR, etc.), while a higher level subscription package might include these capabilities, and yet others. Individual or groups of features or capabilities may also given to subscribers or prospective subscribers for limited periods of time, or under certain limited circumstances, as an incentive or trial.
One variant of the business methodology of the invention contemplates delivery of substantially similar or “generic” hardware/firmware environments to all subscribers, with the MSO able to tailor the CA, TD and DRM capabilities of their individual CPE 106 for their particular subscription level, needs and premises. For example, some users may have local recording devices (e.g., DVR or the like) which may require configuration of the trusted domain to extend to these devices to permit subscriber purchase and in-home “burning” of content according to the methods previously discussed with respect to U.S. patent application Ser. No. 11/080,693.
As can be appreciated, literally an unlimited number of different premises/subscriber-specific configurations may be employed consistent with the security download capability of the invention, and hence it is typically more economical and efficient to allow MSO reconfiguration of a substantially generic device, as opposed to custom configured hardware or software for each sub scriber/premises.
In addition to the foregoing, the provisioning of the subscriber's CPE might be accomplished according to different approaches depending on factors such as the subscriber's subscription level, account status, etc. For example, premium subscribers might be sent their CPE 106 via a self-install kit, with the device being immediately provisioned upon installation (thereby giving the subscriber the fastest possible connection to the network without having to schedule a service appointment). Moreover, if the subscriber's account is delinquent, their service can be selectively shut of via the deactivation procedures of
In another aspect of the invention, the download and provisioning capability described herein is particularly useful in, inter alia, allowing for the migration of a client device (e.g., DVR or DSTB) from one location and/or parent network to another. For example, a subscriber of a given MSO might move across town, across the state, across the country, etc., and wish to keep their client device (which may, for example, have content saved thereon in a storage device). It may also be desirous for the MSO to avoid having to issue the subscriber a new device when they move. The download and provisioning paradigms described herein can be used to reconfigure the device after the move so as to operate at the new location; e.g., provide conditional access and a largely seamless transition for the subscriber. Hence, the present invention allows a device to be truly network- or conditional access-agnostic. The MSO may offer this migration service at a fee, as part of a subscription package feature, for free/incentive, and so forth (e.g., Time Warner “FastMove” service).
Conversely, the subscriber may not change location, but may want to change service providers. In this case, the new MSO can download and provision the device remotely, without having to issue a new device, set up a service call, etc. All access and privileges in the old MSO network can be revoked or erased, and the new privileges and access set up immediately.
The foregoing capability can also be extended to ASD/TD reconfiguration, and even feasibly other paradigms (e.g., DRM) with proper adaptation. This advantageously allows for, inter alia, portability of ASD-compliant devices between different networks and/or operators. It will be recognized that while certain aspects of the invention are described in terms of a specific sequence of steps of a method, these descriptions are only illustrative of the broader methods of the invention, and may be modified as required by the particular application. Certain steps may be rendered unnecessary or optional under certain circumstances. Additionally, certain steps or functionality may be added to the disclosed embodiments, or the order of performance of two or more steps permuted. All such variations are considered to be encompassed within the invention disclosed and claimed herein.
While the above detailed description has shown, described, and pointed out novel features of the invention as applied to various embodiments, it will be understood that various omissions, substitutions, and changes in the form and details of the device or process illustrated may be made by those skilled in the art without departing from the invention. The foregoing description is of the best mode presently contemplated of carrying out the invention. This description is in no way meant to be limiting, but rather should be taken as illustrative of the general principles of the invention. The scope of the invention should be determined with reference to the claims.
This application is a divisional of and claims priority to co-owned and co-pending U.S. patent application Ser. No. 15/614,383 filed on Jun. 5, 2017 of the same title, and issuing as U.S. Pat. No. 10,404,752 on Sep. 3, 2019, which is a divisional of and claims priority to co-owned U.S. patent application Ser. No. 14/144,420 filed on Dec. 30, 2013 of the same title and issued as U.S. Pat. No. 9,674,224 on Jun. 6, 2017, which is a divisional of and claims priority to co-owned U.S. patent application Ser. No. 11/657,828 filed on Jan. 24, 2007 of the same title and issued as U.S. Pat. No. 8,621,540 on Dec. 31, 2013, each of the foregoing incorporated herein by reference in its entirety. This application is related to U.S. patent application Ser. No. 11/006,404 filed on Dec. 7, 2004 and entitled “Technique For Securely Communicating Programming Content”, which issued as U.S. Pat. No. 8,312,267 on Nov. 13, 2012, as well as U.S. patent application Ser. No. 11/584,208 filed on Oct. 20, 2006 and entitled “Downloadable Security And Protection Methods And Apparatus, which issued as U.S. Pat. No. 8,520,850 on Aug. 27, 2013, each of the foregoing incorporated herein by reference in its entirety.
Number | Name | Date | Kind |
---|---|---|---|
5369707 | Follendore, III | Nov 1994 | A |
5410344 | Graves et al. | Apr 1995 | A |
5528284 | Iwami et al. | Jun 1996 | A |
5534911 | Levitan | Jul 1996 | A |
5557319 | Gurusami et al. | Sep 1996 | A |
5577209 | Boyle et al. | Nov 1996 | A |
5628284 | Sheen et al. | May 1997 | A |
5708961 | Hylton et al. | Jan 1998 | A |
5715403 | Stefik | Feb 1998 | A |
5745837 | Fuhrmann | Apr 1998 | A |
5758257 | Herz et al. | May 1998 | A |
5787172 | Arnold | Jul 1998 | A |
5818438 | Howe et al. | Oct 1998 | A |
5822530 | Brown | Oct 1998 | A |
5828832 | Holden et al. | Oct 1998 | A |
5838921 | Speeter | Nov 1998 | A |
5870474 | Wasilewski et al. | Feb 1999 | A |
5897635 | Torres et al. | Apr 1999 | A |
5940738 | Rao | Aug 1999 | A |
5982412 | Nulty | Nov 1999 | A |
5999535 | Wang et al. | Dec 1999 | A |
6009103 | Woundy | Dec 1999 | A |
6125397 | Yoshimura et al. | Sep 2000 | A |
6148400 | Arnold | Nov 2000 | A |
6154844 | Touboul et al. | Nov 2000 | A |
6157719 | Wasilewski et al. | Dec 2000 | A |
6167432 | Jiang | Dec 2000 | A |
6167521 | Smith et al. | Dec 2000 | A |
6181697 | Nurenberg et al. | Jan 2001 | B1 |
6212636 | Boyle et al. | Apr 2001 | B1 |
6219710 | Gray et al. | Apr 2001 | B1 |
6233341 | Riggins | May 2001 | B1 |
6233389 | Barton et al. | May 2001 | B1 |
6233687 | White | May 2001 | B1 |
6256393 | Safadi et al. | Jul 2001 | B1 |
6259701 | Shur et al. | Jul 2001 | B1 |
6266421 | Domyo et al. | Jul 2001 | B1 |
6317884 | Eames et al. | Nov 2001 | B1 |
6345038 | Selinger | Feb 2002 | B1 |
6389538 | Gruse et al. | May 2002 | B1 |
6396531 | Gerszberg et al. | May 2002 | B1 |
6456716 | Arnold | Sep 2002 | B1 |
6473793 | Dillon et al. | Oct 2002 | B1 |
6519062 | Yoo | Feb 2003 | B1 |
6523696 | Saito et al. | Feb 2003 | B1 |
6546016 | Gerszberg et al. | Apr 2003 | B1 |
6564381 | Hodge et al. | May 2003 | B1 |
6601171 | Carter et al. | Jul 2003 | B1 |
6640145 | Hoffberg et al. | Oct 2003 | B2 |
6642938 | Gilboy | Nov 2003 | B1 |
6642939 | Vallone et al. | Nov 2003 | B1 |
6643262 | Larsson et al. | Nov 2003 | B1 |
6657991 | Akgun et al. | Dec 2003 | B1 |
6672961 | Uzun | Jan 2004 | B1 |
6694145 | Riikonen et al. | Feb 2004 | B2 |
6711742 | Kishi et al. | Mar 2004 | B1 |
6718552 | Goode | Apr 2004 | B1 |
6742116 | Matsui et al. | May 2004 | B1 |
6748395 | Picker et al. | Jun 2004 | B1 |
6754904 | Cooper et al. | Jun 2004 | B1 |
6757906 | Look et al. | Jun 2004 | B1 |
6758746 | Hunter et al. | Jul 2004 | B1 |
6760768 | Holden et al. | Jul 2004 | B2 |
6774926 | Ellis et al. | Aug 2004 | B1 |
6782475 | Sumner | Aug 2004 | B1 |
6782550 | Cao | Aug 2004 | B1 |
6785810 | Lirov et al. | Aug 2004 | B1 |
6788676 | Partanen et al. | Sep 2004 | B2 |
6807573 | Saito et al. | Oct 2004 | B2 |
6813505 | Walley et al. | Nov 2004 | B2 |
6847778 | Vallone et al. | Jan 2005 | B1 |
6859535 | Tatebayashi et al. | Feb 2005 | B1 |
6898708 | Hori et al. | May 2005 | B2 |
6909726 | Sheeran | Jun 2005 | B1 |
6910064 | Astarabadi et al. | Jun 2005 | B1 |
6918131 | Rautila et al. | Jul 2005 | B1 |
6925257 | Yoo | Aug 2005 | B2 |
6931018 | Fisher | Aug 2005 | B1 |
6934964 | Schaffer et al. | Aug 2005 | B1 |
6944150 | McConnell et al. | Sep 2005 | B1 |
6948183 | Peterka | Sep 2005 | B1 |
6954632 | Kobayashi | Oct 2005 | B2 |
6957261 | Lortz | Oct 2005 | B2 |
6957328 | Goodman et al. | Oct 2005 | B2 |
6973576 | Giobbi | Dec 2005 | B2 |
6975730 | Kuroiwa et al. | Dec 2005 | B1 |
6978474 | Sheppard et al. | Dec 2005 | B1 |
6985355 | Allirot | Jan 2006 | B2 |
6996544 | Sellars et al. | Feb 2006 | B2 |
7003670 | Heaven et al. | Feb 2006 | B2 |
7006881 | Hoffberg et al. | Feb 2006 | B1 |
7007170 | Morten | Feb 2006 | B2 |
7009972 | Maher et al. | Mar 2006 | B2 |
7013290 | Ananian | Mar 2006 | B2 |
7016963 | Judd et al. | Mar 2006 | B1 |
7017189 | Demello et al. | Mar 2006 | B1 |
7020652 | Matz et al. | Mar 2006 | B2 |
7027460 | Iyer et al. | Apr 2006 | B2 |
7039048 | Monta et al. | May 2006 | B1 |
7051352 | Schaffer | May 2006 | B1 |
7054443 | Jakubowski et al. | May 2006 | B1 |
7054902 | Toporek et al. | May 2006 | B2 |
7055031 | Platt | May 2006 | B2 |
7055040 | Klemba et al. | May 2006 | B2 |
7055165 | Connelly | May 2006 | B2 |
7065216 | Benaloh et al. | Jun 2006 | B1 |
7068639 | Varma et al. | Jun 2006 | B1 |
7069449 | Weaver et al. | Jun 2006 | B2 |
7069578 | Prus et al. | Jun 2006 | B1 |
7072950 | Toft | Jul 2006 | B2 |
7073199 | Raley | Jul 2006 | B1 |
7080039 | Marsh | Jul 2006 | B1 |
7092397 | Chandran et al. | Aug 2006 | B1 |
7096483 | Johnson | Aug 2006 | B2 |
7099308 | Merrill et al. | Aug 2006 | B2 |
7100183 | Kunkel et al. | Aug 2006 | B2 |
7103181 | Ananth | Sep 2006 | B2 |
7103905 | Novak | Sep 2006 | B2 |
7106382 | Shiotsu | Sep 2006 | B2 |
7107326 | Fijolek et al. | Sep 2006 | B1 |
7146627 | Ismail et al. | Dec 2006 | B1 |
7149772 | Kalavade | Dec 2006 | B1 |
7154912 | Chong et al. | Dec 2006 | B2 |
7165268 | Moore et al. | Jan 2007 | B1 |
7167895 | Connelly | Jan 2007 | B1 |
7174126 | McElhatten et al. | Feb 2007 | B2 |
7174127 | Otten et al. | Feb 2007 | B2 |
7174371 | Elo et al. | Feb 2007 | B2 |
7174385 | Li | Feb 2007 | B2 |
7185355 | Ellis et al. | Feb 2007 | B1 |
7194756 | Addington et al. | Mar 2007 | B2 |
7206775 | Kaiser et al. | Apr 2007 | B2 |
7207055 | Hendricks et al. | Apr 2007 | B1 |
7209458 | Ahvonen et al. | Apr 2007 | B2 |
7213036 | Apparao et al. | May 2007 | B2 |
7225333 | Peinado et al. | May 2007 | B2 |
7228427 | Fransdonk | Jun 2007 | B2 |
7228556 | Beach et al. | Jun 2007 | B2 |
7237112 | Ishiguro et al. | Jun 2007 | B1 |
7242960 | Van et al. | Jul 2007 | B2 |
7242988 | Hoffberg et al. | Jul 2007 | B1 |
7248694 | Husemann et al. | Jul 2007 | B2 |
7254608 | Yeager et al. | Aug 2007 | B2 |
7257106 | Chen et al. | Aug 2007 | B2 |
7257227 | Chen et al. | Aug 2007 | B2 |
7260823 | Schlack et al. | Aug 2007 | B2 |
7266726 | Ladd et al. | Sep 2007 | B1 |
7289534 | Bailey et al. | Oct 2007 | B1 |
7293276 | Phillips et al. | Nov 2007 | B2 |
7299502 | Schmeling et al. | Nov 2007 | B2 |
7305460 | Park | Dec 2007 | B2 |
7312391 | Kaiser et al. | Dec 2007 | B2 |
7313611 | Jacobs et al. | Dec 2007 | B1 |
7324531 | Cho | Jan 2008 | B2 |
7325043 | Rosenberg et al. | Jan 2008 | B1 |
7325073 | Shao et al. | Jan 2008 | B2 |
7330483 | Peters, Jr. et al. | Feb 2008 | B1 |
7330967 | Pujare et al. | Feb 2008 | B1 |
7333483 | Zhao et al. | Feb 2008 | B2 |
7336787 | Unger et al. | Feb 2008 | B2 |
7337458 | Michelitsch et al. | Feb 2008 | B2 |
7340762 | Kim | Mar 2008 | B2 |
7353543 | Ohmori et al. | Apr 2008 | B2 |
7359375 | Lipsanen et al. | Apr 2008 | B2 |
7363643 | Drake et al. | Apr 2008 | B2 |
7373506 | Asano et al. | May 2008 | B2 |
7376386 | Phillips et al. | May 2008 | B2 |
7376976 | Fierstein et al. | May 2008 | B2 |
7382786 | Chen et al. | Jun 2008 | B2 |
7397825 | Woodward, Jr. et al. | Jul 2008 | B2 |
7409546 | Platt | Aug 2008 | B2 |
7444655 | Sardera | Oct 2008 | B2 |
7457520 | Rosetti et al. | Nov 2008 | B2 |
7472280 | Giobbi | Dec 2008 | B2 |
7486869 | Alexander et al. | Feb 2009 | B2 |
7487363 | Alve et al. | Feb 2009 | B2 |
7487523 | Hendricks | Feb 2009 | B1 |
7506367 | Ishibashi | Mar 2009 | B1 |
7532712 | Gonder et al. | May 2009 | B2 |
7548562 | Ward et al. | Jun 2009 | B2 |
7567983 | Pickelsimer et al. | Jul 2009 | B2 |
7571452 | Gutta | Aug 2009 | B2 |
7592912 | Hasek et al. | Sep 2009 | B2 |
7602820 | Helms et al. | Oct 2009 | B2 |
7609637 | Doshi et al. | Oct 2009 | B2 |
7624337 | Sull et al. | Nov 2009 | B2 |
7650319 | Hoffberg et al. | Jan 2010 | B2 |
7673004 | Sherstinsky et al. | Mar 2010 | B1 |
7690020 | Lebar | Mar 2010 | B2 |
7693171 | Gould | Apr 2010 | B2 |
7707644 | Choi et al. | Apr 2010 | B2 |
7721314 | Sincaglia et al. | May 2010 | B2 |
7725553 | Rang et al. | May 2010 | B2 |
7730321 | Gasparini et al. | Jun 2010 | B2 |
7742074 | Minatogawa | Jun 2010 | B2 |
7752617 | Blinick et al. | Jul 2010 | B2 |
7757101 | Nonaka et al. | Jul 2010 | B2 |
7770200 | Brooks et al. | Aug 2010 | B2 |
7783891 | Perlin et al. | Aug 2010 | B2 |
7809942 | Baran et al. | Oct 2010 | B2 |
7865440 | Jaquette | Jan 2011 | B2 |
7870599 | Pemmaraju | Jan 2011 | B2 |
7893171 | Le et al. | Feb 2011 | B2 |
7900052 | Jonas et al. | Mar 2011 | B2 |
7908626 | Williamson et al. | Mar 2011 | B2 |
7916755 | Hasek et al. | Mar 2011 | B2 |
7925592 | Issa et al. | Apr 2011 | B1 |
7930558 | Hori | Apr 2011 | B2 |
7936775 | Iwamura | May 2011 | B2 |
7954131 | Cholas et al. | May 2011 | B2 |
7983418 | Oyama et al. | Jul 2011 | B2 |
8042054 | White et al. | Oct 2011 | B2 |
8095610 | Gould et al. | Jan 2012 | B2 |
8166126 | Bristow et al. | Apr 2012 | B2 |
8166508 | Mitsuji et al. | Apr 2012 | B2 |
8170065 | Hasek et al. | May 2012 | B2 |
8181262 | Cooper et al. | May 2012 | B2 |
8219134 | Maharajh et al. | Jul 2012 | B2 |
8234387 | Bradley et al. | Jul 2012 | B2 |
8249497 | Ingrassia et al. | Aug 2012 | B2 |
8266429 | Helms et al. | Sep 2012 | B2 |
8280982 | La et al. | Oct 2012 | B2 |
8281352 | Brooks et al. | Oct 2012 | B2 |
8312267 | Helms et al. | Nov 2012 | B2 |
8332370 | Gattegno et al. | Dec 2012 | B2 |
8332657 | Eskicioglu et al. | Dec 2012 | B1 |
8341242 | Dillon et al. | Dec 2012 | B2 |
8347341 | Markley et al. | Jan 2013 | B2 |
8429702 | Yasrebi et al. | Apr 2013 | B2 |
8472627 | Denning et al. | Jun 2013 | B2 |
8484511 | Engel et al. | Jul 2013 | B2 |
8516529 | Lajoie et al. | Aug 2013 | B2 |
8520850 | Helms et al. | Aug 2013 | B2 |
8621540 | Apsangi et al. | Dec 2013 | B2 |
8732854 | Cholas et al. | May 2014 | B2 |
8738607 | Dettinger et al. | May 2014 | B2 |
8750490 | Murtagh et al. | Jun 2014 | B2 |
8750909 | Fan et al. | Jun 2014 | B2 |
8761402 | McAvoy et al. | Jun 2014 | B2 |
8805270 | Maharajh et al. | Aug 2014 | B2 |
8949919 | Cholas et al. | Feb 2015 | B2 |
8995815 | Maharajh et al. | Mar 2015 | B2 |
9083513 | Helms et al. | Jul 2015 | B2 |
9124608 | Jin et al. | Sep 2015 | B2 |
9124650 | Maharajh et al. | Sep 2015 | B2 |
9215423 | Kimble et al. | Dec 2015 | B2 |
9258608 | Dillon et al. | Feb 2016 | B2 |
9300919 | Cholas et al. | Mar 2016 | B2 |
9313458 | Helms et al. | Apr 2016 | B2 |
9313530 | Helms et al. | Apr 2016 | B2 |
9565472 | Hybertson et al. | Feb 2017 | B2 |
9621940 | Sarosi et al. | Apr 2017 | B2 |
9674224 | Apsangi et al. | Jun 2017 | B2 |
9706160 | Marsh et al. | Jul 2017 | B2 |
9742768 | Cholas et al. | Aug 2017 | B2 |
9826273 | Barton et al. | Nov 2017 | B2 |
9906838 | Cronk et al. | Feb 2018 | B2 |
9923883 | Helms et al. | Mar 2018 | B2 |
9973798 | Helms et al. | May 2018 | B2 |
10050945 | Hybertson et al. | Aug 2018 | B2 |
10069836 | Cholas et al. | Sep 2018 | B2 |
10148992 | Sarosi et al. | Dec 2018 | B2 |
10178072 | Helms et al. | Jan 2019 | B2 |
10362018 | Helms et al. | Jul 2019 | B2 |
10404752 | Apsangi et al. | Sep 2019 | B2 |
10848806 | Helms et al. | Nov 2020 | B2 |
20010004768 | Hodge et al. | Jun 2001 | A1 |
20010014946 | Ichinoi et al. | Aug 2001 | A1 |
20010019614 | Madoukh et al. | Sep 2001 | A1 |
20010029581 | Knauft | Oct 2001 | A1 |
20010050945 | Lindsey | Dec 2001 | A1 |
20010053223 | Ishibashi et al. | Dec 2001 | A1 |
20010053226 | Akins et al. | Dec 2001 | A1 |
20010056541 | Matsuzaki et al. | Dec 2001 | A1 |
20020002688 | Gregg et al. | Jan 2002 | A1 |
20020013772 | Peinado | Jan 2002 | A1 |
20020024943 | Karaul et al. | Feb 2002 | A1 |
20020026575 | Wheeler et al. | Feb 2002 | A1 |
20020027883 | Belaiche | Mar 2002 | A1 |
20020032754 | Logston et al. | Mar 2002 | A1 |
20020048367 | Maillard | Apr 2002 | A1 |
20020053076 | Landesmann | May 2002 | A1 |
20020056125 | Hodge et al. | May 2002 | A1 |
20020059218 | August et al. | May 2002 | A1 |
20020059619 | Lebar | May 2002 | A1 |
20020062440 | Akama | May 2002 | A1 |
20020066033 | Dobbins et al. | May 2002 | A1 |
20020077984 | Ireton | Jun 2002 | A1 |
20020083451 | Gill et al. | Jun 2002 | A1 |
20020087995 | Pedlow et al. | Jul 2002 | A1 |
20020123931 | Splaver et al. | Sep 2002 | A1 |
20020126654 | Preston et al. | Sep 2002 | A1 |
20020129358 | Buehl et al. | Sep 2002 | A1 |
20020138442 | Hori et al. | Sep 2002 | A1 |
20020144067 | Jeong | Oct 2002 | A1 |
20020144267 | Gutta et al. | Oct 2002 | A1 |
20020147771 | Traversat et al. | Oct 2002 | A1 |
20020152091 | Nagaoka et al. | Oct 2002 | A1 |
20020152299 | Traversat et al. | Oct 2002 | A1 |
20020152393 | Thoma et al. | Oct 2002 | A1 |
20020178444 | Trajkovic et al. | Nov 2002 | A1 |
20020183985 | Hori et al. | Dec 2002 | A1 |
20020184154 | Hori et al. | Dec 2002 | A1 |
20020188744 | Mani | Dec 2002 | A1 |
20020188869 | Patrick | Dec 2002 | A1 |
20020194595 | Miller et al. | Dec 2002 | A1 |
20020199105 | Ishiguro et al. | Dec 2002 | A1 |
20030005453 | Rodriguez et al. | Jan 2003 | A1 |
20030009681 | Harada et al. | Jan 2003 | A1 |
20030021421 | Yokota et al. | Jan 2003 | A1 |
20030028451 | Ananian | Feb 2003 | A1 |
20030041336 | Del et al. | Feb 2003 | A1 |
20030046560 | Inomata et al. | Mar 2003 | A1 |
20030048380 | Tamura | Mar 2003 | A1 |
20030056217 | Brooks | Mar 2003 | A1 |
20030069965 | Ma et al. | Apr 2003 | A1 |
20030074571 | Fujiwara et al. | Apr 2003 | A1 |
20030076955 | Alve | Apr 2003 | A1 |
20030084003 | Pinkas et al. | May 2003 | A1 |
20030093794 | Thomas et al. | May 2003 | A1 |
20030097340 | Okamoto et al. | May 2003 | A1 |
20030097574 | Upton | May 2003 | A1 |
20030115267 | Hinton et al. | Jun 2003 | A1 |
20030135628 | Fletcher et al. | Jul 2003 | A1 |
20030140227 | Asano et al. | Jul 2003 | A1 |
20030163443 | Wang | Aug 2003 | A1 |
20030163697 | Pabla et al. | Aug 2003 | A1 |
20030163739 | Armington et al. | Aug 2003 | A1 |
20030165241 | Fransdonk | Sep 2003 | A1 |
20030166401 | Combes et al. | Sep 2003 | A1 |
20030174838 | Bremer | Sep 2003 | A1 |
20030177388 | Botz | Sep 2003 | A1 |
20030187799 | Sellars et al. | Oct 2003 | A1 |
20030200548 | Baran et al. | Oct 2003 | A1 |
20030205763 | Park et al. | Nov 2003 | A1 |
20030208763 | McElhatten et al. | Nov 2003 | A1 |
20030208767 | Williamson et al. | Nov 2003 | A1 |
20030217137 | Roese et al. | Nov 2003 | A1 |
20030217365 | Caputo | Nov 2003 | A1 |
20030219127 | Russ et al. | Nov 2003 | A1 |
20030220100 | McElhatten et al. | Nov 2003 | A1 |
20040024688 | Bi et al. | Feb 2004 | A1 |
20040034877 | Nogues | Feb 2004 | A1 |
20040045032 | Cummings et al. | Mar 2004 | A1 |
20040045035 | Cummings et al. | Mar 2004 | A1 |
20040045037 | Cummings et al. | Mar 2004 | A1 |
20040052377 | Mattox et al. | Mar 2004 | A1 |
20040078602 | Rothbarth et al. | Apr 2004 | A1 |
20040088558 | Candelore | May 2004 | A1 |
20040107356 | Shamoon et al. | Jun 2004 | A1 |
20040109569 | Ellison et al. | Jun 2004 | A1 |
20040117254 | Nemirofsky et al. | Jun 2004 | A1 |
20040117836 | Karaoguz et al. | Jun 2004 | A1 |
20040123129 | Ginter et al. | Jun 2004 | A1 |
20040128499 | Peterka et al. | Jul 2004 | A1 |
20040133923 | Watson et al. | Jul 2004 | A1 |
20040137918 | Varonen et al. | Jul 2004 | A1 |
20040166832 | Portman et al. | Aug 2004 | A1 |
20040177369 | Akins | Sep 2004 | A1 |
20040181800 | Rakib et al. | Sep 2004 | A1 |
20040184616 | Morten | Sep 2004 | A1 |
20040190714 | Masui et al. | Sep 2004 | A1 |
20040190721 | Barrett et al. | Sep 2004 | A1 |
20040193609 | Phan et al. | Sep 2004 | A1 |
20040193680 | Gibbs et al. | Sep 2004 | A1 |
20040224425 | Gjerde et al. | Nov 2004 | A1 |
20040230994 | Urdang et al. | Nov 2004 | A1 |
20040237100 | Pinder et al. | Nov 2004 | A1 |
20040250273 | Swix et al. | Dec 2004 | A1 |
20040260798 | Addington et al. | Dec 2004 | A1 |
20040261093 | Rebaud et al. | Dec 2004 | A1 |
20040268386 | Logan et al. | Dec 2004 | A1 |
20050005287 | Claussen | Jan 2005 | A1 |
20050010788 | Craft | Jan 2005 | A1 |
20050015810 | Gould et al. | Jan 2005 | A1 |
20050021985 | Ono et al. | Jan 2005 | A1 |
20050022227 | Shen et al. | Jan 2005 | A1 |
20050034171 | Benya | Feb 2005 | A1 |
20050039212 | Baran et al. | Feb 2005 | A1 |
20050044197 | Lai | Feb 2005 | A1 |
20050049886 | Grannan et al. | Mar 2005 | A1 |
20050049933 | Upendran et al. | Mar 2005 | A1 |
20050055220 | Lee et al. | Mar 2005 | A1 |
20050055729 | Atad et al. | Mar 2005 | A1 |
20050065888 | Benaloh | Mar 2005 | A1 |
20050076210 | Thomas et al. | Apr 2005 | A1 |
20050086334 | Aaltonen et al. | Apr 2005 | A1 |
20050086683 | Meyerson | Apr 2005 | A1 |
20050091173 | Alve | Apr 2005 | A1 |
20050097006 | Nyako | May 2005 | A1 |
20050108763 | Baran et al. | May 2005 | A1 |
20050114686 | Ball et al. | May 2005 | A1 |
20050114701 | Atkins et al. | May 2005 | A1 |
20050114900 | Ladd et al. | May 2005 | A1 |
20050130585 | Gnuschke et al. | Jun 2005 | A1 |
20050138193 | Encarnacion et al. | Jun 2005 | A1 |
20050138357 | Swenson et al. | Jun 2005 | A1 |
20050157731 | Peters | Jul 2005 | A1 |
20050165899 | Mazzola | Jul 2005 | A1 |
20050169468 | Fahrny et al. | Aug 2005 | A1 |
20050172127 | Hartung et al. | Aug 2005 | A1 |
20050177740 | Athaide et al. | Aug 2005 | A1 |
20050177741 | Chen et al. | Aug 2005 | A1 |
20050177855 | Maynard et al. | Aug 2005 | A1 |
20050182931 | Robert et al. | Aug 2005 | A1 |
20050185626 | Meier et al. | Aug 2005 | A1 |
20050188210 | Perlin et al. | Aug 2005 | A1 |
20050188415 | Riley | Aug 2005 | A1 |
20050190912 | Hopkins et al. | Sep 2005 | A1 |
20050195975 | Kawakita | Sep 2005 | A1 |
20050198693 | Choi et al. | Sep 2005 | A1 |
20050210249 | Lee | Sep 2005 | A1 |
20050210498 | Scott, III | Sep 2005 | A1 |
20050210500 | Stone | Sep 2005 | A1 |
20050223097 | Ramsayer et al. | Oct 2005 | A1 |
20050228725 | Rao et al. | Oct 2005 | A1 |
20050268107 | Harris et al. | Dec 2005 | A1 |
20050273629 | Abrams et al. | Dec 2005 | A1 |
20050278259 | Gunaseelan et al. | Dec 2005 | A1 |
20050289616 | Horiuchi et al. | Dec 2005 | A1 |
20050289618 | Hardin | Dec 2005 | A1 |
20060002551 | Brown et al. | Jan 2006 | A1 |
20060004662 | Nadalin et al. | Jan 2006 | A1 |
20060008256 | Khedouri et al. | Jan 2006 | A1 |
20060015352 | Wynn et al. | Jan 2006 | A1 |
20060020786 | Helms et al. | Jan 2006 | A1 |
20060020826 | Felton et al. | Jan 2006 | A1 |
20060020950 | Ladd et al. | Jan 2006 | A1 |
20060021004 | Moran et al. | Jan 2006 | A1 |
20060021019 | Hinton et al. | Jan 2006 | A1 |
20060036750 | Ladd et al. | Feb 2006 | A1 |
20060041903 | Kahn et al. | Feb 2006 | A1 |
20060041905 | Wasilewski | Feb 2006 | A1 |
20060041915 | Dimitrova et al. | Feb 2006 | A1 |
20060047801 | Haag et al. | Mar 2006 | A1 |
20060047957 | Helms et al. | Mar 2006 | A1 |
20060064583 | Birnbaum et al. | Mar 2006 | A1 |
20060095940 | Yearwood | May 2006 | A1 |
20060101521 | Rabinovitch | May 2006 | A1 |
20060117379 | Bennett et al. | Jun 2006 | A1 |
20060130099 | Rooyen | Jun 2006 | A1 |
20060130101 | Wessel | Jun 2006 | A1 |
20060130107 | Gonder et al. | Jun 2006 | A1 |
20060130113 | Carlucci et al. | Jun 2006 | A1 |
20060136964 | Diez et al. | Jun 2006 | A1 |
20060136968 | Han et al. | Jun 2006 | A1 |
20060137005 | Park | Jun 2006 | A1 |
20060137015 | Fahrny | Jun 2006 | A1 |
20060143701 | Dos Santos | Jun 2006 | A1 |
20060148362 | Bridges | Jul 2006 | A1 |
20060149850 | Bowman | Jul 2006 | A1 |
20060156392 | Baugher et al. | Jul 2006 | A1 |
20060161635 | Lamkin et al. | Jul 2006 | A1 |
20060168219 | Ahluwalia et al. | Jul 2006 | A1 |
20060171423 | Helms et al. | Aug 2006 | A1 |
20060179138 | Van et al. | Aug 2006 | A1 |
20060184972 | Rafey et al. | Aug 2006 | A1 |
20060187900 | Akbar | Aug 2006 | A1 |
20060200856 | Salowey et al. | Sep 2006 | A1 |
20060206712 | Dillaway et al. | Sep 2006 | A1 |
20060209799 | Gallagher et al. | Sep 2006 | A1 |
20060212400 | Kamperman et al. | Sep 2006 | A1 |
20060218604 | Riedl et al. | Sep 2006 | A1 |
20060218647 | Hars et al. | Sep 2006 | A1 |
20060221246 | Yoo | Oct 2006 | A1 |
20060236131 | Vauclair | Oct 2006 | A1 |
20060238656 | Chen et al. | Oct 2006 | A1 |
20060248553 | Mikkelson et al. | Nov 2006 | A1 |
20060259927 | Acharya et al. | Nov 2006 | A1 |
20060271699 | Lee | Nov 2006 | A1 |
20060291506 | Cain | Dec 2006 | A1 |
20070011335 | Burns et al. | Jan 2007 | A1 |
20070019645 | Menon | Jan 2007 | A1 |
20070022459 | Gaebel, Jr. et al. | Jan 2007 | A1 |
20070022469 | Cooper et al. | Jan 2007 | A1 |
20070025372 | Brenes et al. | Feb 2007 | A1 |
20070033531 | Marsh | Feb 2007 | A1 |
20070046791 | Wang et al. | Mar 2007 | A1 |
20070049245 | Lipman | Mar 2007 | A1 |
20070053513 | Hoffberg et al. | Mar 2007 | A1 |
20070061023 | Hoffberg et al. | Mar 2007 | A1 |
20070067851 | Fernando et al. | Mar 2007 | A1 |
20070073704 | Bowden et al. | Mar 2007 | A1 |
20070076728 | Rieger et al. | Apr 2007 | A1 |
20070079381 | Hartung et al. | Apr 2007 | A1 |
20070081537 | Wheelock | Apr 2007 | A1 |
20070094691 | Gazdzinski | Apr 2007 | A1 |
20070098178 | Raikar | May 2007 | A1 |
20070104456 | Craner | May 2007 | A1 |
20070118848 | Schwesinger et al. | May 2007 | A1 |
20070121578 | Annadata et al. | May 2007 | A1 |
20070121678 | Brooks et al. | May 2007 | A1 |
20070124488 | Baum et al. | May 2007 | A1 |
20070124602 | Wald et al. | May 2007 | A1 |
20070153820 | Gould | Jul 2007 | A1 |
20070154041 | Beauchamp | Jul 2007 | A1 |
20070157262 | Ramaswamy et al. | Jul 2007 | A1 |
20070157295 | Mangalore et al. | Jul 2007 | A1 |
20070174888 | Rubinstein | Jul 2007 | A1 |
20070180230 | Cortez | Aug 2007 | A1 |
20070192615 | Varghese et al. | Aug 2007 | A1 |
20070204300 | Markley et al. | Aug 2007 | A1 |
20070204314 | Hasek et al. | Aug 2007 | A1 |
20070206799 | Wingert et al. | Sep 2007 | A1 |
20070209054 | Cassanova | Sep 2007 | A1 |
20070209059 | Moore et al. | Sep 2007 | A1 |
20070217436 | Markley et al. | Sep 2007 | A1 |
20070219910 | Martinez | Sep 2007 | A1 |
20070220024 | Putterman et al. | Sep 2007 | A1 |
20070226365 | Hildreth et al. | Sep 2007 | A1 |
20070245376 | Svendsen | Oct 2007 | A1 |
20070250872 | Dua | Oct 2007 | A1 |
20070250880 | Hainline | Oct 2007 | A1 |
20070261116 | Prafullchandra et al. | Nov 2007 | A1 |
20070274341 | Rodriguez | Nov 2007 | A1 |
20070276925 | La et al. | Nov 2007 | A1 |
20070276926 | Lajoie et al. | Nov 2007 | A1 |
20070280298 | Hearn et al. | Dec 2007 | A1 |
20070288637 | Layton et al. | Dec 2007 | A1 |
20070288715 | Boswell et al. | Dec 2007 | A1 |
20070294178 | Pinder et al. | Dec 2007 | A1 |
20070294717 | Hill et al. | Dec 2007 | A1 |
20070294738 | Kuo et al. | Dec 2007 | A1 |
20070299728 | Nemirofsky et al. | Dec 2007 | A1 |
20080008321 | Gagnon et al. | Jan 2008 | A1 |
20080008371 | Woods et al. | Jan 2008 | A1 |
20080009345 | Bailey et al. | Jan 2008 | A1 |
20080021836 | Lao | Jan 2008 | A1 |
20080022012 | Wang | Jan 2008 | A1 |
20080040714 | Wheeler | Feb 2008 | A1 |
20080059804 | Shah et al. | Mar 2008 | A1 |
20080066112 | Bailey et al. | Mar 2008 | A1 |
20080086750 | Yasrebi et al. | Apr 2008 | A1 |
20080091805 | Malaby et al. | Apr 2008 | A1 |
20080091807 | Strub et al. | Apr 2008 | A1 |
20080092181 | Britt | Apr 2008 | A1 |
20080098212 | Helms et al. | Apr 2008 | A1 |
20080098450 | Wu et al. | Apr 2008 | A1 |
20080982412 | Helms et al. | Apr 2008 | |
20080103976 | Read et al. | May 2008 | A1 |
20080103977 | Khosravy et al. | May 2008 | A1 |
20080112405 | Cholas et al. | May 2008 | A1 |
20080117920 | Tucker | May 2008 | A1 |
20080123862 | Rowley | May 2008 | A1 |
20080133551 | Wensley et al. | Jun 2008 | A1 |
20080137541 | Agarwal et al. | Jun 2008 | A1 |
20080139193 | Hao et al. | Jun 2008 | A1 |
20080141336 | Haller | Jun 2008 | A1 |
20080141353 | Brown | Jun 2008 | A1 |
20080148362 | Gilder et al. | Jun 2008 | A1 |
20080154626 | Gounares et al. | Jun 2008 | A1 |
20080155059 | Hardin et al. | Jun 2008 | A1 |
20080162353 | Tom et al. | Jul 2008 | A1 |
20080165460 | Whitby-Strevens | Jul 2008 | A1 |
20080170551 | Zaks | Jul 2008 | A1 |
20080177998 | Apsangi et al. | Jul 2008 | A1 |
20080192820 | Brooks et al. | Aug 2008 | A1 |
20080201386 | Maharajh et al. | Aug 2008 | A1 |
20080201748 | Hasek et al. | Aug 2008 | A1 |
20080212945 | Khedouri et al. | Sep 2008 | A1 |
20080222684 | Mukraj et al. | Sep 2008 | A1 |
20080229387 | Baks | Sep 2008 | A1 |
20080235746 | Peters et al. | Sep 2008 | A1 |
20080256510 | Auerbach | Oct 2008 | A1 |
20080270307 | Olson et al. | Oct 2008 | A1 |
20080273591 | Brooks et al. | Nov 2008 | A1 |
20080279534 | Buttars | Nov 2008 | A1 |
20080281971 | Leppanen et al. | Nov 2008 | A1 |
20080282299 | Koat et al. | Nov 2008 | A1 |
20080288618 | Vardi et al. | Nov 2008 | A1 |
20080297669 | Zalewski et al. | Dec 2008 | A1 |
20080306903 | Larson et al. | Dec 2008 | A1 |
20080306962 | Grannan et al. | Dec 2008 | A1 |
20080320523 | Morris et al. | Dec 2008 | A1 |
20090007234 | Birger et al. | Jan 2009 | A1 |
20090025075 | Chow et al. | Jan 2009 | A1 |
20090030802 | Plotnick et al. | Jan 2009 | A1 |
20090031335 | Hendricks et al. | Jan 2009 | A1 |
20090031371 | Munsell et al. | Jan 2009 | A1 |
20090083279 | Hasek | Mar 2009 | A1 |
20090083813 | Dolce et al. | Mar 2009 | A1 |
20090086643 | Kotrla et al. | Apr 2009 | A1 |
20090098861 | Kalliola et al. | Apr 2009 | A1 |
20090100147 | Igarashi | Apr 2009 | A1 |
20090100459 | Riedl et al. | Apr 2009 | A1 |
20090100493 | Jones et al. | Apr 2009 | A1 |
20090102983 | Malone et al. | Apr 2009 | A1 |
20090113472 | Sheth et al. | Apr 2009 | A1 |
20090133048 | Gibbs et al. | May 2009 | A1 |
20090141696 | Chou et al. | Jun 2009 | A1 |
20090150400 | Abu-Hakima et al. | Jun 2009 | A1 |
20090150917 | Huffman et al. | Jun 2009 | A1 |
20090151006 | Saeki et al. | Jun 2009 | A1 |
20090158311 | Hon et al. | Jun 2009 | A1 |
20090172776 | Makagon et al. | Jul 2009 | A1 |
20090177794 | Alexander et al. | Jul 2009 | A1 |
20090182815 | Czechowski, III et al. | Jul 2009 | A1 |
20090185576 | Kisel et al. | Jul 2009 | A1 |
20090187939 | Lajoie | Jul 2009 | A1 |
20090193486 | Patel et al. | Jul 2009 | A1 |
20090201917 | Maes et al. | Aug 2009 | A1 |
20090210899 | Lawrence-Apfelbaum et al. | Aug 2009 | A1 |
20090210912 | Cholas et al. | Aug 2009 | A1 |
20090220216 | Marsh et al. | Sep 2009 | A1 |
20090225760 | Foti | Sep 2009 | A1 |
20090228929 | Cass | Sep 2009 | A1 |
20090235308 | Ehlers et al. | Sep 2009 | A1 |
20090265750 | Jones et al. | Oct 2009 | A1 |
20090282241 | Prafullchandra et al. | Nov 2009 | A1 |
20090282449 | Lee | Nov 2009 | A1 |
20090290711 | Bloom et al. | Nov 2009 | A1 |
20090292922 | Park | Nov 2009 | A1 |
20090293101 | Carter et al. | Nov 2009 | A1 |
20090296621 | Park et al. | Dec 2009 | A1 |
20100012568 | Fujisawa et al. | Jan 2010 | A1 |
20100017627 | Princen et al. | Jan 2010 | A1 |
20100027560 | Yang et al. | Feb 2010 | A1 |
20100030578 | Siddique et al. | Feb 2010 | A1 |
20100031296 | Elias et al. | Feb 2010 | A1 |
20100031299 | Harrang et al. | Feb 2010 | A1 |
20100042478 | Reisman | Feb 2010 | A1 |
20100043030 | White | Feb 2010 | A1 |
20100043060 | Reuzel | Feb 2010 | A1 |
20100082561 | Rauber et al. | Apr 2010 | A1 |
20100082983 | Shah et al. | Apr 2010 | A1 |
20100083329 | Joyce et al. | Apr 2010 | A1 |
20100083362 | Francisco et al. | Apr 2010 | A1 |
20100088236 | Karabulut et al. | Apr 2010 | A1 |
20100088292 | Tirpak et al. | Apr 2010 | A1 |
20100106846 | Noldus et al. | Apr 2010 | A1 |
20100115091 | Park et al. | May 2010 | A1 |
20100115113 | Short et al. | May 2010 | A1 |
20100121936 | Liu et al. | May 2010 | A1 |
20100122274 | Gillies et al. | May 2010 | A1 |
20100122276 | Chen | May 2010 | A1 |
20100125658 | Strasters | May 2010 | A1 |
20100131973 | Dillon et al. | May 2010 | A1 |
20100138900 | Peterka et al. | Jun 2010 | A1 |
20100146567 | Mehta et al. | Jun 2010 | A1 |
20100169977 | Dasher et al. | Jul 2010 | A1 |
20100185855 | Margolus et al. | Jul 2010 | A1 |
20100198888 | Blomstedt et al. | Aug 2010 | A1 |
20100199312 | Chang et al. | Aug 2010 | A1 |
20100211636 | Starkenburg et al. | Aug 2010 | A1 |
20100217613 | Kelly | Aug 2010 | A1 |
20100217837 | Ansari et al. | Aug 2010 | A1 |
20100218231 | Frink et al. | Aug 2010 | A1 |
20100219613 | Zaloom et al. | Sep 2010 | A1 |
20100251304 | Donoghue et al. | Sep 2010 | A1 |
20100269144 | Forsman et al. | Oct 2010 | A1 |
20100280641 | Harkness et al. | Nov 2010 | A1 |
20100287609 | Gonzalez et al. | Nov 2010 | A1 |
20100310076 | Barzilai et al. | Dec 2010 | A1 |
20100313225 | Cholas et al. | Dec 2010 | A1 |
20100313226 | Cholas et al. | Dec 2010 | A1 |
20100313235 | Starub | Dec 2010 | A1 |
20100325547 | Keng et al. | Dec 2010 | A1 |
20110015989 | Tidwell et al. | Jan 2011 | A1 |
20110016479 | Tidwell et al. | Jan 2011 | A1 |
20110016482 | Tidwell et al. | Jan 2011 | A1 |
20110071841 | Fomenko et al. | Mar 2011 | A1 |
20110078721 | Wang et al. | Mar 2011 | A1 |
20110090898 | Patel et al. | Apr 2011 | A1 |
20110093900 | Patel et al. | Apr 2011 | A1 |
20110099017 | Ure | Apr 2011 | A1 |
20110103374 | Lajoie et al. | May 2011 | A1 |
20110107379 | Lajoie et al. | May 2011 | A1 |
20110110515 | Tidwell et al. | May 2011 | A1 |
20110119637 | Tuli et al. | May 2011 | A1 |
20110126018 | Narsinh et al. | May 2011 | A1 |
20110138064 | Rieger et al. | Jun 2011 | A1 |
20110145049 | Hertel et al. | Jun 2011 | A1 |
20110164753 | Dubhashi et al. | Jul 2011 | A1 |
20110169977 | Masuda | Jul 2011 | A1 |
20110173053 | Aaltonen et al. | Jul 2011 | A1 |
20110173095 | Kassaei et al. | Jul 2011 | A1 |
20110178943 | Motahari et al. | Jul 2011 | A1 |
20110179196 | Friedman | Jul 2011 | A1 |
20110191801 | Vytheeswaran | Aug 2011 | A1 |
20110197070 | Mizrah | Aug 2011 | A1 |
20110206200 | Sovio et al. | Aug 2011 | A1 |
20110213688 | Santos et al. | Sep 2011 | A1 |
20110219229 | Cholas et al. | Sep 2011 | A1 |
20110252236 | De et al. | Oct 2011 | A1 |
20110252243 | Brouwer et al. | Oct 2011 | A1 |
20110265116 | Stern et al. | Oct 2011 | A1 |
20110276881 | Keng et al. | Nov 2011 | A1 |
20120005527 | Engel et al. | Jan 2012 | A1 |
20120008786 | Cronk et al. | Jan 2012 | A1 |
20120011567 | Cronk et al. | Jan 2012 | A1 |
20120017271 | Smith et al. | Jan 2012 | A1 |
20120023535 | Brooks | Jan 2012 | A1 |
20120030363 | Conrad | Feb 2012 | A1 |
20120030714 | Sweatt, III et al. | Feb 2012 | A1 |
20120089699 | Cholas | Apr 2012 | A1 |
20120124606 | Tidwell et al. | May 2012 | A1 |
20120131629 | Shrum, Jr. et al. | May 2012 | A1 |
20120144416 | Wetzer et al. | Jun 2012 | A1 |
20120151525 | Demchenko et al. | Jun 2012 | A1 |
20120159603 | Queck | Jun 2012 | A1 |
20120167173 | Nadalin et al. | Jun 2012 | A1 |
20120185899 | Riedl et al. | Jul 2012 | A1 |
20120260346 | Carey et al. | Oct 2012 | A1 |
20120291062 | Pearson et al. | Nov 2012 | A1 |
20130046849 | Wolf et al. | Feb 2013 | A1 |
20130097647 | Brooks et al. | Apr 2013 | A1 |
20130117692 | Padmanabhan et al. | May 2013 | A1 |
20130191443 | Gan et al. | Jul 2013 | A1 |
20130309971 | Kiukkonen et al. | Nov 2013 | A1 |
20130318629 | Lajoie et al. | Nov 2013 | A1 |
20130347089 | Bailey et al. | Dec 2013 | A1 |
20140074855 | Zhao et al. | Mar 2014 | A1 |
20140215509 | Angiolillo et al. | Jul 2014 | A1 |
20140233923 | Bradley et al. | Aug 2014 | A1 |
20140281489 | Peterka et al. | Sep 2014 | A1 |
20140282750 | Civiletto | Sep 2014 | A1 |
20140283137 | Rebaud et al. | Sep 2014 | A1 |
20150040176 | Hybertson et al. | Feb 2015 | A1 |
20160050190 | Mooij et al. | Feb 2016 | A1 |
20160165650 | Kim et al. | Jun 2016 | A1 |
20160165651 | Pathuri et al. | Jun 2016 | A1 |
20160269688 | Gardner | Sep 2016 | A1 |
20160301525 | Canard et al. | Oct 2016 | A1 |
20170111694 | Marsh et al. | Apr 2017 | A1 |
20180351922 | Hybertson et al. | Dec 2018 | A1 |
20190182526 | Sarosi et al. | Jun 2019 | A1 |
20190215310 | Helms et al. | Jul 2019 | A1 |
20200014675 | Helms | Jan 2020 | A1 |
Number | Date | Country |
---|---|---|
2574272 | Feb 2006 | CA |
2804427 | Feb 2006 | CA |
2590044 | Jun 2006 | CA |
2826977 | Jun 2006 | CA |
1139198 | Oct 2001 | EP |
1774694 | Apr 2007 | EP |
2113860 | Nov 2009 | EP |
2458778 | May 2012 | EP |
1829271 | Oct 2014 | EP |
2381709 | May 2003 | GB |
H08263440 | Oct 1996 | JP |
2000156676 | Jun 2000 | JP |
2000332746 | Nov 2000 | JP |
2001243707 | Sep 2001 | JP |
2001274786 | Oct 2001 | JP |
2001274788 | Oct 2001 | JP |
2001275090 | Oct 2001 | JP |
2001285821 | Oct 2001 | JP |
2002163396 | Jun 2002 | JP |
2002352094 | Dec 2002 | JP |
2003058657 | Feb 2003 | JP |
2003162600 | Jun 2003 | JP |
2003233690 | Aug 2003 | JP |
2003248508 | Sep 2003 | JP |
2003296484 | Oct 2003 | JP |
2003348508 | Dec 2003 | JP |
2004030111 | Jan 2004 | JP |
2004072721 | Mar 2004 | JP |
2004120736 | Apr 2004 | JP |
2004120738 | Apr 2004 | JP |
2004303111 | Oct 2004 | JP |
2005506627 | Mar 2005 | JP |
2005519365 | Jun 2005 | JP |
2005519501 | Jun 2005 | JP |
2005339093 | Dec 2005 | JP |
2006185473 | Jul 2006 | JP |
2006311267 | Nov 2006 | JP |
2007020144 | Jan 2007 | JP |
2007534030 | Nov 2007 | JP |
2007336553 | Dec 2007 | JP |
2008005047 | Jan 2008 | JP |
2008015936 | Jan 2008 | JP |
2008021293 | Jan 2008 | JP |
2008507905 | Mar 2008 | JP |
2008167018 | Jul 2008 | JP |
2008186272 | Aug 2008 | JP |
2008206039 | Sep 2008 | JP |
2008539631 | Nov 2008 | JP |
2009071786 | Apr 2009 | JP |
2009515238 | Apr 2009 | JP |
2009176060 | Aug 2009 | JP |
2009211632 | Sep 2009 | JP |
2010502109 | Jan 2010 | JP |
2010079902 | Apr 2010 | JP |
4853930 | Jan 2012 | JP |
4884386 | Feb 2012 | JP |
2012505436 | Mar 2012 | JP |
2012523614 | Oct 2012 | JP |
5363545 | Dec 2013 | JP |
5441962 | Mar 2014 | JP |
20070070157 | Jul 2007 | KR |
20070095928 | Oct 2007 | KR |
WO-0103410 | Jan 2001 | WO |
WO-0110125 | Feb 2001 | WO |
WO-0137479 | May 2001 | WO |
WO-0169842 | Sep 2001 | WO |
WO-0177778 | Oct 2001 | WO |
WO-0213032 | Feb 2002 | WO |
WO-0221841 | Mar 2002 | WO |
WO-0242966 | May 2002 | WO |
WO-02080556 | Oct 2002 | WO |
WO-03038704 | May 2003 | WO |
WO-03087799 | Oct 2003 | WO |
WO-03093944 | Nov 2003 | WO |
WO-2004027622 | Apr 2004 | WO |
WO-2005015422 | Feb 2005 | WO |
WO-2005031524 | Apr 2005 | WO |
WO-2006020141 | Feb 2006 | WO |
WO-2006063194 | Jun 2006 | WO |
WO-2007060451 | May 2007 | WO |
WO-2008060388 | May 2008 | WO |
WO-2008070062 | Jun 2008 | WO |
WO-2008080556 | Jul 2008 | WO |
WO-2008121131 | Oct 2008 | WO |
WO-2009020476 | Feb 2009 | WO |
WO-2012021245 | Feb 2012 | WO |
WO-2012114140 | Aug 2012 | WO |
Entry |
---|
5C Digital Transmission Content Protection White Paper, Hitachi, Ltd., et al., dated Jul. 14, 1998, 15 pages. |
Cantor, et al., Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML) V2.0, OASIS Standard, Mar. 15, 2005. Document ID: saml-core-2.0-os (http://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf). |
Cantor, et al., Bindings for the OASIS Security Assertion Markup Language (SAML) V2.0, OASIS Standard, Mar. 2005, Document ID saml-bindings-2.0-os ,(http://docs.oasis-open.org/security/saml/v2.0/saml-bindings-2.0-os.pdf). |
DCAS Authorized< gwmw class=“ginger-module-highlighter-mistake-type-3” id=“gwmw-15487095474138963691403”>Service Domain</gwmw>, Version 1.2, dated Nov. 4, 2008, 58 pages. |
DCAS Authorized Service Domain, Version 1.2, Nov. 30, 2005, 56 pages. |
DCAS Licensed Specification Abstracts, CableLabs Confidential Information, Jan. 12, 2006, 4 pages. |
DLNA (Digital Living Network Alliance) protocols described in DLNA Networked Device Interoperability Guidelines Expanded, Mar. 2006 and subsequent expanded version dated Oct. 2006. |
DVB (Digital Video Broadcasting), DVB Document A045 Rev. 3, Jul. 2004, “Head-end Implementation of SimulCrypt,” 289 pages. |
DVB (Digital Video Broadcasting); DVB SimulCrypt; Part 1: “Head-end architecture and synchronization” Technical Specification—ETSI TS 101 197 V1.2.1 (Feb. 2002), 40 pages. |
Federal Information Processing Standards Publication, US FIPS PUB 197, Nov. 26, 2001, “Advanced Encryption Standards (AES),” 47 pages. |
High-bandwidth Digital Content Protection System, Revision 1.091, dated Apr. 22, 2003, Digital Content< gwmw class=“ginger-module-highlighter-mistake-type-3” id=“gwmw-15487095483507149357216”>Protection LLC</gwmw> Draft, 78 pages. |
Marusic, et al., “Share it!—Content Transfer in Home-to-Home Networks.” IEEE MELECON 2004, May 12-15, 2004, Dubrovnik, Croatia. |
Media Server; 1 Device Template Version 1.01 Jun. 25, 2002. |
OpenCable Application Platform Specification, OCAP 2.0 Profile, OC-SP-OCAP2.0-I01-020419, Apr. 19, 2002. |
OpenCable Application Platform Specifications, OCAP Extensions, OC-SP-OCAP-HNEXT-I03-080418, 2005-2008. |
OpenCable Host Device, Core Functional Requirements, OC-SP-HOST-CFR-I13-030707, Jul. 7, 2003. |
OpenCable Specification, Home Networking Protocol 2.0, OC-SP-HNP2.0-I01-08418, 2007. |
OpenCable Specifications, Home Networking Security Specification, OC-SP-HN-SEC-DO1-081027, draft (Oct. 27, 2008). |
OpenCable, Enhanced TV Binary Interchange, Format 1.0 OC-SP-ETV-BIF1.0-104-070921 Date: Sep. 21, 2007, 420 pages. |
OpenCable, HOST-POD Interface Specification, OC-SP-HOSTPOD-IF-113-030707, Jul. 7, 2003. |
Primergy BX300 Switch Blade user's manual, Fujitsu Corp., Sep. 30, 2002, first edition, pp. 1 to 20. |
Real System Media Commerce Suite Technical White Paper, Copyright 2011, Real Networks, Inc., 16 pages, (http://www.realnetworkis). |
RealSystem Media Commerce Suite Technical White Paper, Copyrgt, 2001 RealNetworks, Inc., http://www.realnetworks.com, 16 pages. |
Redux screenshot from http://www.redux.com, “Select a channel to start watching” © 2014 Redux, Inc.014 Redux, Inc. All rights reserved; http://www.redux.com/; 2 pages. |
Siebenlist F., et al., “Global Grid Forum Specification Roadmap towards a Secure OGSA,” Jul. 2002, pp. 1-22. |
UTF-32, IBM, retrieved from http://publib.boulder.ibm.com/infocenter/iseries/v5r3/index.jsp?topic=%2Fnls%2Frbagsutf32.htm on Aug. 28, 2013. |
Van Moffaert, A., et al.< gwmw class=“ginger-module-highlighter-mistake-type-3” id=“gwmw-15487095623201874158750”>(</gwmw>“Digital Rights Management: DRM is a key enabler for the future growth of the broadband access market and the telecom/networking market in general”, Alcatel Telecommunications Review, Alcatel, Paris Cedex FR, Apr. 1, 2003, XP007005930ISSN; 8 pages. |
Zhang, et al., “A Flexible Content Protection System For Media-On-Demand” Multimedia Software Engineering, 2002 Proceedings. Fourth International Symposium on Dec. 11-13, 2002, Piscataway, NJ, USAA, IEEE, Dec. 11, 2002, pp. 272-277, XP010632760ISBN: 978-0-7695-1857-2. |
Number | Date | Country | |
---|---|---|---|
20200076858 A1 | Mar 2020 | US |
Number | Date | Country | |
---|---|---|---|
Parent | 15614383 | Jun 2017 | US |
Child | 16557474 | US | |
Parent | 14144420 | Dec 2013 | US |
Child | 15614383 | US | |
Parent | 11657828 | Jan 2007 | US |
Child | 14144420 | US |