Operators of wired and wireless broadband communication systems, such as cable networks, satellite networks, telecommunication networks, Internet networks, wide area networks, fiber-optic networks, copper wire networks and the like, deliver digital media such as video, audio and/or data via a variety of transmission media to consumers. Consumers purchase at retail and/or lease from system operators an assortment of information processing devices having digital decoders to receive and/or render the delivered digital media, such as all types of stand-alone and built-in set-top boxes, cable modems, media centers, hard disk drives, digital receiving, recording and playback devices, personal computers, telecommunication devices, digital televisions, gateways, routers, and wireless access points, among other things.
Consumer information processing devices (“consumer devices”) generally include software, firmware, middleware, and hardware platforms—such platforms comprise the underlying system(s) and components that determine the features and functionality of the consumer devices. Consumer devices with feature-rich platforms are generally the most expensive—for both consumers and system operators providing such devices to their customers. Although consumer devices having platforms with fewer features and functions may be initially less expensive than devices with feature-rich platforms, such lower-end devices often require repeated replacement or upgrades (at both the device- and system-level), resulting in additional cost and inconvenience associated with their use. For example, when a customer of a subscription television service offered by a cable or satellite company wishes to receive new communication options or services, it is often necessary to obtain an entirely new consumer device, such as a set-top box, and to endure the technical and service hassles associated with obtaining the new device. In addition, consumers often must pay for and receive unwanted content or services (television channels, for example) that are bundled with the content or services they wish to receive.
There are therefore needs for flexible, scalable, and secure methods and apparatuses for selectively enabling specific features or functions of feature-rich consumer devices, which would benefit manufacturers, system operators, and consumers alike. System operators would be allowed to pay manufacturers only for certain features or functions of consumer devices, thus enabling operators and customers to purchase such devices at lower price points initially, and, based on a determination of customer demand, subsequently selectively enable additional features or functions on the same consumer devices.
A method for authorizing use of an information processing feature (such as a service, a computer program, a tier, or an operational mode) with an information processing device (such as a decoder associated with a consumer network device like a cable set-top box or a terrestrial set-top box) operable to respond to a broadband communication system (such as a broadband network (e.g., a cable television network), a broadband network device, or an operator of a broadband network) via a communication medium (such as a channel signal, a data signal, or a computer-readable storage medium) is provided. An information processing feature is a particular data processing capability associated with a device. Authorization to use the information processing feature is the determination of the right or permission to use the feature; and the process of granting access to its use.
The method includes a first step of accessing a data structure. The data structure itself includes a first data portion having information identifying the information processing feature, identifying a hash algorithm, and identifying an access condition associated with the information processing feature.
The access condition, which defines a restriction regarding use of the information processing feature, is usable to provide a logical reference to one or more feature-enabling criteria. The access condition takes the form of a Boolean expression of logical references to feature-enabling criteria. Instead of using actual feature-enabling criteria in the access condition, it may be desirable to instead use variables that represent the feature-enabling criteria. Feature-enabling criteria are a subset of configuration information. Both feature-enabling criteria and configuration information are characteristics associated with the information processing device. The data structure also includes a second data portion having information identifying a hash value, which is derived by applying the hash algorithm to at least part of the information in the first data portion. The hash algorithm is also applied to at least some of the feature-enabling criteria.
Next, the feature-enabling criteria are accessed, and are used in applying the hash algorithm to at least part of the information in the first data portion to derive the hash value identified in the second information portion.
Once the hash value has been successfully derived, the hash value is used to obtain authorization to use the information processing feature with the information processing device. For example, at least part of the data structure may be transferred to a security element within the information processing device. The security element would use other information and methods specific to the broadband communication system to provide authorization to use the information processing feature.
Turning now to the drawings, wherein like numerals designate like components,
As shown, system 10 includes various elements, shown in simplified form. System operator center 16 delivers digital media content 11 to information processing device 14 via one or more transmission media 24 and distribution infrastructure 18. Digital media content 11 is any pre-recorded or live digital electronic signals representing an image and/or audio, software, or other data (including feature authorization key 20), in any format.
System operator center 16 controls access to information processing features 12 and 13 via feature management function 17. A vendor center 19, such as an equipment manufacturer, content/service provider, or other third party generates feature authorization key 20 for delivery to system operator center 16. Information processing device 14, is, among other things, operable to respond to system operator center 16 via one or more transmission media 24 to receive digital media content 11 and to access information processing features 12, 13 via feature management function 27. Feature authorization key 20 itself is a data structure usable to enable information processing device 14 to use or access one or more information processing features 12, 13.
For exemplary purposes, system operator center 16 is a regional headend associated with a hybrid fiber-optic/coaxial cable network operated by a multiple service operator (“MSO”). Transmission media 24 represents a hybrid fiber-optic/coax network providing one- or two-way communications services such as interactive television, Internet services, telephone services, video-on-demand services, and other services now known or later developed to information processing devices at consumer locations, such as information processing device 14. Information processing device 14 is a cable or terrestrial set-top box (for example, a set-top box from Motorola's DCT700 series of cable receivers) located in or around a customer location such as a home, vehicle, business, or other consumer space.
Computer programs 206 are generally software components implemented according to well-known software engineering practices for component-based software development and stored in computer-readable media, such as computer-readable storage media 204. Computer programs 206, however, may be any signal processing methods and/or stored instructions, in one or more parts, in software, hardware, or firmware or any combination thereof, that electronically control functions set forth herein.
Network interface function 208 represents aspects of the functional arrangement of various computer programs 206 that pertain to the receipt and processing of digital media content 11 (shown in
Referring again to
Distribution infrastructure 18 includes a collection of well-known reception and retransmission equipment (such as servers/controllers, multiplexers, modulators, routers, and network adapters and/or interfaces) that operate in well-known manners to manage and control the processing of digital media content 11, in either a secure or non-secure fashion, for delivery via one or more transmission media 24 to information processing device 14. In-band and out-of-band messages may be used to communicate with, and provision services to, information processing device 14. Distribution infrastructure and components thereof may include or access one or more instances of the functional components shown and described in connection with
In general, feature management function 17 manages feature authorization key(s) 20. Feature authorization key(s), which are discussed in more detail below, are used to turn particular information processing features 12, 13 on or off. More specifically, feature management function 17, which may be implemented by one or more Application Layer computer programs, represents functions relating to the handling and distribution of feature authorization key 20 to information processing device 14, and enabling use of specific information processing features 12, 13 with information processing device 14. Feature management function 17 may communicate with multiple applications at various layers. For example, feature management function 17 may be responsible for performing various functions such as receiving, storing and transmitting feature authorization key 20 to select information processing devices.
In one example, information processing device 14 receives a channel signal carrying products or services offered by operator of system operator center 16. In another example, information processing device 14 receives a feature authorization key 20 from system operator center 16, which enables the use of specific information processing features 12, 13 with information processing device 14.
Digital media content 11 may be received via tuner 302. Tuner 302 includes well-known arrangements of components, which operate by tuning to a particular in-band or out-of-band channel signal using well-known manners and techniques. Digital media content 11 may also be received at communication interface(s) 350, which facilitate one- or two-way communication with other internal or external devices or networks thereof. Other elements associated with information processing device 14 include one or more internal buses 320, which are well-known and widely available elements that carry data, addresses, control signals and other information within, to, or from information processing device 14. Display/output interfaces 305 receive and/or render information output from information processing device 14 using well-known methods and techniques.
A video decoder 344 is responsive to receive and decode video signals from tuner 302. Video decoder 344 includes well-known arrangements of components, such as demodulators, responsive to receive digital signals, such as digital data packets of digital data media 11, and to output video information. Video information that may require format translation or modification for compatibility with features and functions of information processing device 14 (such as information processing features 12) and peripherals thereof (not shown) may be passed to encoder 341 for formatting. Encoder 341 includes well-known arrangements of components, and operates in accordance with well-known methods and techniques.
Video information from video decoder 344 and/or encoder 341 may be passed to decoder/multimedia processor 349, which is operative to perform predetermined coding techniques to arrange video information into displayable/storable formats, in accordance with well-known methods and techniques. Internal arrangements of multimedia processor 349 are well known.
Block 360 illustrates certain aspects of the functional arrangements of computer programs 206 (shown in
Feature management function 27, which may be implemented by one or more Application Layer computer programs, represents functions relating to the handling and processing of feature authorization key 20 by information processing device 14. For example, feature management function 27 may be responsible for performing various functions such as receiving, storing, and decoding feature authorization key 20. Feature management function 27 may communicate with other applications, such as feature management function 17 (an application is a software program that provides certain functionality) at various layers. Security element 398 is operable to receive aspects of decoded feature authorization key 20 from feature management function 27, and to facilitate access to hardware, software and/or firmware configured to activate certain information processing features 12, 13.
Block 362 illustrates examples of data that may be stored in various computer readable media 204 (shown in
The information accessible by computer programs 360 is discussed in further detail below, and includes: (a) a hash algorithm 392; (b) representations of a set of feature identifiers 393 associated with information processing features 12, 13 (feature identifiers are codes, such as names or numbers, that represent specific information processing features 12, 13); (c) representations of a set of one or more feature-enabling criteria 394 associated with each feature identifier 393; and (d) representations of certain configuration information 364 associated with information processing device 14. As discussed above, configuration information 364 represents a characteristic of information processing device 14 that may be used to enable or disable any specific feature, and feature-enabling criteria 394 are a subset of configuration information. More specifically, feature-enabling criteria 394 associated with a particular feature identifier 393 are the select subset of configuration information 364 needed to implement the specific feature 12,13 represented by the feature identifier. Examples of configuration information 364 include, but are not limited to, platform identifiers, software, hardware and firmware versions, decoder states, tier information, and user- and system-defined configuration settings (such as communication settings, network settings, site identifiers, device characteristics, Internet Protocol (“IP”) addresses, and realm/domain names and the like).
With continued reference to
“ROM_ID” is a 16-bit field that represents the platform associated with information processing devices to which feature authorization key 20 is applicable. Likewise, “firmware_version_xx” is an 8-bit field that represents the first component of the platform firmware version, and “firmware_version_yy” is an 8-bit field that represents the last component of the platform firmware version. If xx and yy are both set to 0xFF, then feature authorization key 20 is applicable to all firmware versions for the platform specified in the “ROM_ID” field.
“Feature_count” is an 8-bit field that indicates the number of information processing features (referred to by feature identification values 393) in the “feature_id” field. “Feature_id” is an 8-bit field that includes feature identification values 393 referring to specific information processing features enabled/disabled via the current feature authorization key 20. Feature identification values 393 are generic by design so that they may represent functions associated with hardware, firmware, and software, applications, application features, or any part thereof.
The “Criteria_term” field may include logical references to up to 20 feature-enabling criteria 394, which, together with Boolean operands, define access condition 408 associated with a particular feature identifier 393. An access condition within the criteria_term field is processed by information processing device 14 to determine permitted uses/restrictions (for example, site restrictions, geographical restrictions, and device-type restrictions) of specific information processing features represented by specific feature identification values 393. The following C-language statement is a sample definition of the criteria_term variable type: crtieria_term {A,B,C,D,E,F,G,H,I,J, resvd1, and, or, not, eol, resvd2}.
Terms A through J are logical references (such as variables) to feature-enabling criteria 394 associated with a specific feature_id. As discussed above, feature-enabling criteria 394 are the select subset of configuration information 364 needed to implement the particular feature represented by a specific feature_id—each feature-enabling criteria 394 represents a characteristic associated with the information processing device, such as particular configuration information 364. The “AND” and “OR” terms are binary operators that may replace the top two Boolean variables on an evaluation stack with the logical AND or OR of the two, accordingly. The “NOT” term is a unary operator that may replace the Boolean variable on top of the stack with its logical opposite. The “EOL” term terminates the equation and indicates that the top of the stack is to be interpreted as the result. An expression of a number of terms may be defined (20 terms, for example, in which case the “EOL” term would not appear and is assumed to be the 21st term). An information processing device may consider the entire expression to be false if any criteria_term has predetermined reserved values in the enumeration (0xA or 0xF, for example). In this manner, for each feature/feature_id, an access condition expression may be created using variables corresponding to feature-enabling criteria, rather than using the feature-enabling criteria themselves. The criteria_term field may be read, and the logic associated therewith applied, via feature management function 27 and/or security element 398. Because actual feature-enabling criteria 394 need not be sent in feature authorization key 20 (they are accessible by information processing device 14), the security of key 20 is enhanced.
Referring again to
An example of a data structure that may be used to create feature-enabling criteria 394 from which hash value 406 is derived is set forth in Table 2. Any type of information may be defined for specific feature-enabling criteria 394—configuration information 364 (shown in
“Criteria_count” is an 8-bit field that represents the number of feature-enabling criteria 394 that following the data structure. “Criteria_type” is an 8-bit field that indicates the type of data contained in the “criteria_data” field that follows. The “criteria size” field is an 8-bit field that indicates the size of the “criteria_data” field that follows. “Criteria_data” is a variable length field of up to 256 bytes that defines the data of the type specified by the criteria_type field.
Referring again to
With continued reference to
The method begins at block 500, and continues at block 502, where a user/operator selects a particular feature 12, 13 for use with a certain information processing device, such as information processing device 14. At block 504, a feature authorization key, such as feature authorization key 20, is obtained.
In implementation within system 10, feature authorization key 20 is created by vendor center 19 and forwarded to an entity (such as system operator center 16) that authorizes use the features with information processing device 14.
Feature authorization key 20 is a data structure having the format shown in
Feature identifiers 393 (codes, such as names or numbers, that represent specific information processing features 12, 13) are used to identify the particular feature(s) that is/are being turned on or off. For each feature identifier, feature-enabling criteria 394 are assembled—feature-enabling criteria are the select subset of configuration information 364 needed to implement the feature represented by the feature identifier.
An access condition 408 is created from the feature-enabling criteria 394. To enhance security of key 20, instead of using the feature-enabling criteria themselves to form access condition 408, logical references (variables, for example) to the feature-enabling criteria may be used. The access condition indicates permitted uses/restrictions (for example, site restrictions, geographical restrictions, and device-type restrictions) of particular features represented by feature identifiers 393. The access condition is generally a Boolean expression of a number of feature-enabling criteria, although the access condition may contain one or no feature-enabling criteria, and simply serve as an indicator of universal applicability.
A hash algorithm 392 is identified in the key_algorithm field. Hash algorithm 392 is applied to at least some of the information in first portion 402 of feature authorization key 20, along with at least some of the relevant feature-enabling criteria 394, to derive hash value 406. Hash value 406 is appended to first portion 402 of feature authorization key 20 to form second portion 404 of feature authorization key 20.
At block 506, the feature authorization key is transmitted to the information processing device.
Use and distribution of feature authorization key 20 by system operator center 16 is handled by feature management function 17. Feature authorization key 20 may be delivered to information processing device 14 in a variety of ways. In one example, a digital message, such as a new DCT MSP configuration subcommand, from a digital addressable controller (“DAC”) may be used to deliver feature authorization key 20 to information processing device 14 via a channel signal. A “site config” subcommand and/or a “feature key config” subcommand may specify the site with which information processing device 14 is associated with, for example.
In another example, a channel map overloading mechanism allows an operator of system operator center 16 to enter feature authorization key 20 as the source name of a background service—information processing device 14 would search new channel maps, which arrive at predetermined locations/intervals in channel signals, for source names that start with a particular ASCII string, such as “KEY:”. An exemplary channel map overload message is shown in Table 3. The “cmo_tag” field, or channel map overload tag field, is a 32-bit field that may be set to a particular ASCII text string, such as “KEY:” (0x4B4559). The field labeled “hex_cmo_type” is a 16-bit field storing the ASCII representation of the enumerated hex value of the type of data that follows in the “hex_cmo_data( )” field. The hex_cmo_type field is one of the following: feature_key (an ASCII field that is twice the length of the corresponding feature authorization key 20 by converting the data bytes of feature authorization key 20 into a hexadecimal ASCII string—that is, length=2*(K+S)); site_id (an ASCII field that represents in hex format a unique identifier for each controller/system operator center 16 site for which features are to be enabled); and reserved_x02..xFF.
The feature authorization key 20 is processed at block 508. At information processing device 14, receipt and handling of feature authorization key 20 is managed by feature management function 27. Once feature authorization feature authorization key 20 has been received, information processing device 14 may filter (using firmware, for example) on the ROM_ID and firmware_version fields to determine whether the key is targeted for information processing device 14. If the information in the ROM_ID and firmware_version fields indicates that the key is destined for information processing device 14, then, at diamond 510, information processing device 14 could proceed to derive hash value 406 using hash algorithm 392 and information regarding actual feature-enabling criteria 394 accessible by information processing device 14. If the derived hash value and hash value 406 do not match, the feature(s) referred to in key 20 may not be used by information processing device 14, as indicated at block 512. Once hash value 406 has been derived successfully, then as indicated at block 514, the information within feature authorization key 20 may be used to provide access to (via security element 398, for example) information processing features 12, 13 to the extent authorized by access condition(s) 408. For example, information processing device 14 may read the criteria_term field, and apply the logic specified by the access condition within the field to the feature-enabling criteria that are present. In this manner, the access condition is used to determine permitted uses/restrictions (for example, site restrictions, geographical restrictions, and device-type restrictions) of specific information processing features represented by specific feature identification values 393 within key 20. Security element 398 may use other information and methods specific to system operator 16 to turn the information processing features on or off in information processing device 14.
Thus, a cost-effective, scalable, and secure solution is provided for selectively enabling use of specific features or functions of information processing devices that are operable to respond to broadband communication systems via various transmission media. A number of different criteria, such as tiers, platform identifiers, firmware versions, any decoder state, or any other configuration information associated with the information processing device, may be used to enable or disable any specific feature or function. Such methods and apparatuses are operable in both one-way and two-way communication systems, and the data structures described herein do not require network security for delivery, enhancing their flexibility.
The methods and apparatuses described herein have many benefits. Manufacturers may realize revenue from system operators such as cable operators, satellite operators, telecommunication companies, and the like—and system operators can reduce costs to their customers—when system operators pay manufacturers for specific features and functions of consumer devices. For example, operators may pay manufacturers only for certain features or functions of consumer devices, thus enabling operators to purchase such devices at lower price points initially, and, based on a determination of customer demand, subsequently selectively enable additional features or functions.
Manufacturers may also realize cost savings by reducing the number of consumer devices they produce. A single feature-rich device having features or functions activated using the methods and apparatuses described may replace multiple devices that were each equipped to perform specific features and functions. A manufacturer may sell one type of set-top box with a number of different features and functions, and depending on the needs of system operators or end-users, obtain revenue when certain features are turned on (or off) using feature authorization keys.
Customers may also benefit directly. For example, when customers have a device provided by a cable, satellite, or phone company with features or functions that can be activated using feature authorization keys, customers can more often retain the same consumer devices in their homes—instead of enduring the technical and service hassles of switching devices—when they desire to receive new communication options or services. Customers may also more easily select and pay for relevant content. Certain content such as channels or services may be quickly and easily activated individually, without the need to obtain additional, unwanted channels or services that are often bundled together in more expensive packages.
System 10 (shown in
Information processing device 14 may be any device or combination of consumer devices responsive to system operator center 16, including but not limited to a personal or office-based computer system, a hard disk drive, a media center, any type of digital receiving, recording or playback device, a gateway, a digital television/monitor, a cable modem, a telecommunication device, a radiofrequency communication device, a router, a wireless access point, and the like, either standing alone, or included in other devices. Within information processing device 14, communication interface(s) 350 may be or include elements such as cable modems, personal computers, data terminal equipment, telephones, media players, data storage devices, personal digital assistants, or any other network, device or component/combination thereof, along with associated network support devices and/or software. Multimedia processor 349 and elements thereof may take many forms, including analog-to-digital converters, general or special-purpose processors or application-specific integrated circuits such as encoder/decoder pairs (“CODECs”; MPEG CODECs, for example), storage media and/or buffers, along with demultiplexors for demultiplexing and/or synchronizing at least two streams (for example, video and audio).
It will also be appreciated that the methods described herein are not limited to any specific embodiments of computer software or signal processing methods—functions described herein are processes that convey or transform data in a predictable way, and may generally be implemented in hardware, software, firmware, or any combination thereof. Moreover, while certain elements described herein may function as “agents” or “clients”, such elements need not be implemented using traditional client-server architectures in which computer application programs are configured to cause clients, such as consumer devices, to request services from server-based service providers in a network, but may be implemented in any suitable manner.
When one element is indicated as being responsive to another element, the elements may be directly or indirectly coupled. Connections depicted herein may be logical or physical in practice to achieve a coupling or communicative interface between elements. Connections may be implemented as inter-process communications among software processes.
It will furthermore be apparent that embodiments other than the specific embodiments described above may be devised without departing from the spirit and scope of the appended claims, and it is therefore intended that the scope of this invention will be governed by the following claims.