An arrangement is disclosed for providing an account identifier from a billing system to a controller that is disposed at the headend of a wide area network (“WAN”) that supports a media content distribution service. In illustrative examples, the WAN is a broadband network which is selected from a cable network, telecommunications network or direct satellite broadcast (“DBS”) network to which one or more terminal devices such as STBs are coupled. The billing system generates a unique household handle (“HHH”) to identify a particular set of STBs that are associated with an account of a subscriber to the service. The HHH is transmitted to the controller which uses it to prepare a terminal association identifier (“TAI”) that is distributed to the set of associated STBs which, in turn, store the received TAI in nonvolatile memory. The TAI is optionally prepared by inputting the HHH received from the billing system into a hashing algorithm. The controller uses the unique HHH to generate the TAI which is in a data format and provided over a transport protocol that is usable by the set of associated STBs to which the controller has direct access over the media content distribution system.
An application programming interface (“API”), instantiated on each STB in the set of associated STBs, is arranged to accept input parameters from one or more applications that run on the STB. The input parameter is typically concatenated with the stored TAI and input to a hashing algorithm. The resultant hashed value is returned to the application.
In an illustrative example, one such STB application is arranged to generate a PIN from the returned hash value that is commonly utilized by each associated STB to form a secure local area network (“LAN”). That is, each of the associated STBs recreates the commonly utilized PIN using the API and the stored TAI. STBs seeking to access the LAN are authenticated with the common PIN. STBs which are not authenticated are denied access to the home LAN thus ensuring, for example, that content stored on a DVR in one STB is not unintendedly consumed by STBs that are not authorized to receive it.
Such arrangement provides a number of advantages. Associating STBs using the HHH and TAI enables the distribution of the commonly utilized PIN to be highly automated while simultaneously increasing the security robustness of the distribution system since each of associated STBs generates the commonly utilized PIN locally. Thus, costs associated with a truck roll service call and the support and maintenance costs attendant to self-installation by the subscriber or warehouse PIN provisioning are reduced or eliminated.
Turning now to
Several network sources are coupled to deliver broadband multimedia content to home 110 and are typically configured as WANs. A satellite network source, such as one used in conjunction with a DBS service is indicated by reference numeral 122. A cable plant 124 and a telecommunications network 126, for example, for implementing a digital subscriber line (“DSL”) service, are also coupled to home 110.
In the illustrative arrangement of
Headend 202 is coupled to receive programming content from sources 204, typically a plurality of sources, including an antenna tower and satellite dish as in this example. In various alternative applications, programming content is also received using microwave or other feeds including direct fiber links to programming content sources.
Network 200 uses a hybrid fiber/coaxial (“HFC”) cable plant that comprises fiber running among the headend 202 and hubs 212 and coaxial cable arranged as feeders and drops from the nodes 216 to homes 110. Each node 216 typically supports several hundred homes 110 using common coaxial cable infrastructure in a tree and branch configuration. As a result, as noted above, the potential exists for content stored on a networked DVR in one home on a node to be unintendedly viewed by another home on the node unless steps are taken to isolate the portions of the cable plant in each home that are utilized to implement the home multimedia network.
Apartments 312 each use respective portions of infrastructure 315 to implement a LAN comprising a home multimedia network. Since apartments 312 share common infrastructure 315, measures must be taken to isolate each home multimedia network in the MDU so that content stored, for example, on a networkable DVR in STB 318 in apartment 1, is not unintendedly viewed in apartment 2 in MDU 310.
From the cable drop 409, WAN 401 is coupled to individual terminals 4121 to 412N using a plurality of splitters, including 3:1 splitters 415 and 418 and a 2:1 splitter 421 and coaxial cable (indicated by the heavy lines in
In typical applications WAN 401 operates with multiple channels using RF signals in the range of 50 to as high as 860 Mhz for downstream communications (i.e., from headend to terminal). Upstream communications (i.e., from terminal to headend) have a typical frequency range from 5 to 42 MHz.
LAN 426 commonly shares the portion of networking infrastructure installed at the building with WAN 401. More specifically, as shown in
In many applications, LAN 426 is arranged with the capability for operating multiple RF channels in the range of 800-1550 MHz, with a typical operating range of 1 to 1.5 GHz. LAN 426 is generally arranged as an IP (Internet protocol) network. Other networks operating at other RF frequencies may optionally use portions of the LAN 426 and WAN 401 infrastructure. For example, a broadband internet access network using a cable modem (not shown), voice over internet protocol (“VOIP”) network, and/or out of band (“OOB”) control signaling and messaging network functionalities are commonly operated on LAN 426 in many applications.
A variety of terminal devices 5501-8 are coupled to LAN 526 in this illustrative example. A multimedia server 5501 is coupled to LAN 526. Multimedia server 5501 is arranged using an STB with integrated networkable DVR 531. Alternatively, multimedia server 5501 is arranged from devices such as personal computers, media jukeboxes, audio/visual file servers, and other devices that can store and serve multimedia content over LAN 526. Multimedia server 5501 is further coupled to a television 551.
Client STB 5502 is another example of a terminal that is coupled to LAN 526 and WAN 505. Client STB 5502 is arranged to receive multimedia content over WAN 505 which is played on the coupled HDTV 553. Client STB 5502 is also arranged to communicate with other terminals on LAN 526, including for example multimedia server 550, in order to access content stored on the DVR 531. Thus, for example, a high definition PPV movie that is recorded on DVR 531 in multimedia server 5501, located in the living room of the home, can be watched on the HDTV 553 in the home's family room.
Wireless access point 5503 allows network services and content from WAN 505 and LAN 526 to be accessed and shared with wireless devices such as laptop computer 555 and webpad 558. Such devices with wireless communications capabilities (implemented, for example, using the Institute of Electrical and Electronics Engineers IEEE 802.11 wireless communications protocols) are commonly used in many home networking applications. Thus, for example, photographs stored on DVR 531 can be accessed on webpad 558 that is located in the kitchen of the home over LAN 526.
Digital media adapter 5504 allows network services and content from WAN 505 and LAN 526 to be accessed and shared with media players such as home entertainment centers or stereo 562. Digital media adapter 5504 is typically configured to take content stored and transmitted in a digital format and convert it into an analog signal. For example, a streaming internet radio broadcast received from WAN 505 and recorded on DVR 531 is accessible for play on stereo 562 in the home's master bedroom.
WMA/MP3 audio client 5505 is an example of a class of devices that can access digital data directly without the use of external digital to analog conversion. WMA/MP3 client 5505 is a music player that supports the common Windows Media Audio digital file format and/or the Moving Picture Expert Group (“MPEG”) Audio Layer 3 digital file format, for example. WMA/MP3 audio client 5505 might be located in a child's room in the home to listen to a music channel supplied over WAN 505 or to access an MP3 music library that is stored on DVR 531 using LAN 526.
A personal computer, PC 5506 (which is optionally arranged as a media center-type PC typically having one or more DVD drives, a large capacity hard disk drive, and high resolution graphics adapter) is coupled to WAN 505 and LAN 526 to access and play streamed or stored media content on coupled display device 565 such as a flat panel monitor. PC 5506, which for example is located in an office/den in the home, may thus access recorded content, such as a television show, on DVR 53 land watch it on the display device 565. In alternative arrangements, PC 5506 is used as a multimedia server having similar content sharing functionalities and features as multimedia server 5501 which is described above.
A game console 5507 and coupled television 569, as might be found in a child's room, is also coupled to WAN 505 and LAN 526 to receive streaming and stored media content, respectively. Many current game consoles play game content as well as media content such as video and music. Online internet access is also used in many settings to enable multi-player network game sessions.
Thin client STB 5508 couples a television 574 to WAN 505 and LAN 526. Thin client STB 5508 is an example of a class of STBs that feature basic functionality, usually enough to handle common EPG and VOD/PPV functions. Such devices tend to have lower powered central processing units and less random access memory than thick client STBs such as multimedia server 5501 above. Thin client STB 5508 is, however, configured with sufficient resources to host a user interface that enables a user to browse, select, and play content stored on DVR 531 in multimedia server 5501. Such user interface is configured, in this illustrative example, using an EPG-like interface that allows remotely stored content to be accessed and controlled just as if content was originated to thin client STB 5508 from its own integrated DVR. That is, the common DVR programming controls including picking a program from the recorded library, playing it, using fast forward or fast back, and pause are supported by the user interface hosted on thin client STB 5508 in a transparent manner for the user.
Thin client STB 5508 hosts GUI 620 with which the user interacts using remote control 629. As shown, GUI 620 displays the same content and controls as GUI 610. Content selected by the user for consumption on television 574 is shared over LAN 526.
Controller 719 also includes an output interface 728 that is operatively coupled to a switch 729 (that typically includes multiplexer and/or modulator functionality) that modulates programming content 730 from sources 204 (
A plurality of terminals including a server terminal 732 and client terminals 7351 to 735N are disposed in subscriber household 730. Server terminal 732 is alternatively arranged with similar features and functions as multimedia server 529 (
Billing system interface 722 is arranged to receive data from a billing system 743 that is disposed in the network headend 705. Billing system 743 is generally implemented as a computerized, automated billing system that is connected to the outgoing TAI server, among other elements, at the network headend 705. Billing system 743 readily facilitates the various programming and service options and configurations available to subscribers which typically results, for example, in the generation of different monthly billing for each subscriber. Data describing each subscriber, and the programming and service options associated therewith, are stored in a subscriber database 745 that is operatively coupled to the billing system 743.
Service orders from the subscribers are indicated by block 747 in
An API 820 is resident in architecture 805 in a layer between the applications 812 and the STB firmware 825 which functions as an intermediary between these components. Thus, API 820 is used to pass input parameters, requests and/or other information and data between applications 812 and firmware 825. Below the firmware 825 in architecture 805 is a layer of STB hardware 828. Hardware 828 includes a NIM 832 along with other hardware 840 including, for example, interfaces, peripherals, ports, a CPU (central processing unit), MPEG decoder, memory, and various other components that are commonly utilized to provide conventional STB features and functions.
The second step 902 includes delivering the unique HHH from the billing system 743 to the controller 719 using, for example, the Wirelink Protocol. The third step 903 includes preparing the TAI for delivery. Step 903 optionally includes translating the HHH received from the billing system 743 into a different value or format, for example, using a CRC32 (cyclic redundancy check), MD5 (Message Digest 5), or SHA-1 (Secure Hash Algorithm) hashing algorithm.
The fourth step 904 includes delivering the TAI to the STB 805 (although a single STB 805 is shown in
The DCT MSP configuration message is embodied with a subcommand ID which supports a terminal association identifier field which is used to carry the TAI. The terminal_association_config subcommand specifies a terminal's association configuration to thereby associate the terminal with other terminals within a service The terminal_assoc_control is a 32-bit value bit-mask type used to control how the terminal association identifier included in the DCT MSP configuration message can be utilized by the receiving terminal. This field is initially a reserved value that is set to a default of 0.The terminal_assoc_identifier is a 160-bit value used to associate a particular terminal with other terminals on the same service subscriber's account.
The fifth step 905 in
At block 1040, application 812 uses the returned hash value to create a PIN value. The PIN value is passed to STB firmware 825 to thereby set the PIN (as indicated by reference numeral 1045) which is used by STB hardware 828 to enable network privacy (as indicated by reference numeral 1050). In alternative examples, applications running on STB 805 may use the returned hash value for other purposes beyond creating a PIN to enable network security, for example, where unique and secure identification or association is required to be recreated at each terminal among a set of terminals in a subscriber household.
If, at decision block 1025, the STB has not been received and stored a TAI, then the application 812 is optionally arranged to display a user interface, as indicated by reference numeral 1065 which prompts a user 1060 to manually enter a PIN value. The User PIN is returned to the application in lieu of the unique application identifier as indicated by reference numeral 1070.
In this illustrative example, the messages are conveyed as MAC (media access control) sublayer messages which are transported in the data link layer of the OSI (Open Systems Interconnection) model on the IP network which operates on LAN 926. Client terminal 550N sends an authentication request message 1110 to server terminal 5501. Client terminal 550N sends the authentication request when looking to join (i.e., gain access to) LAN 526 to thereby consume stored content (such as programming recorded on the DVR disposed in the server terminal). In response to the authentication request, server terminal 5501 generates a random number as indicated by reference numeral 1115. The random number is used to create a challenge message 1120 which is sent back to client terminal 550N.
As indicated by reference numeral 1122 in
As indicated by reference numeral 1131 in
Each of the processes shown in the figures and described in the accompanying text may be implemented in a general, multi-purpose or single purpose processor. Such a processor will execute instructions, either at the assembly, compiled, or machine-level to perform that process. Those instructions can be written by one of ordinary skill in the art following the description herein and stored or transmitted on a computer readable medium. The instructions may also be created using source code or any other known computer-aided design tool. A computer readable medium may be any medium capable of carrying those instructions and includes a CD-ROM, DVD, magnetic or other optical disc, tape, silicon memory (e.g., removable, non-removable, volatile or non-volatile), packetized or non-packetized wireline or wireless transmission signals.
This application claims the benefit of provisional application number 60/819,529 filed Jul. 7, 2006, the disclosure of which is incorporated by reference herein.
Number | Date | Country | |
---|---|---|---|
60819529 | Jul 2006 | US |