Securing media content using interchangeable encryption key

Description

TECHNICAL FIELD

The present disclosure generally relates to securing data, and more particularly, to securing data associated with a digital media device using an encryption key.

DESCRIPTION OF THE RELATED ART

A storage device, such as a hard drive of a digital media recording device, can be used to store media data associated with received audio and/or video content. For example, one such digital media recording device is a digital video recorder (DVR). A DVR application executed by the DVR provides user interface screens that can be used to manage the media data stored to the storage device. The DVR application can also be used to playback recorded media at a later time, while also having the ability to pause, rewind, and fast-forward through the recorded media.

The media data stored to the DVR can be encrypted in order to protect the media content from unauthorized playback. A secure microprocessor can be used to protect the encryption keys that are used by DVR encryption processors to encrypt the content. The secure microprocessor includes a private key stored therein, useful for decrypting data encrypted using an associated public key. The secure microprocessor can also be used to generate a content instance key of suitable strength to encrypt the media data on the storage device. The content instance key could be a random value (or passphrase, etc.) for example. The content instance key is then encrypted using the secure microprocessor's public key and stored on the storage device in association with the encrypted content and any other digital access rights elements.

Upon request for playback of the media content embodied in the media data, the encrypted content instance key associated with the media data is retrieved from the storage device and decrypted by the private key of the secure microprocessor. The media data can then be retrieved and the content key can then be used to decrypt the media data for playback.

However, because the encrypted content instance key is associated with the private key of a particular secure microprocessor, when a DVR fails it may not be possible to access the secure microprocessor to allow decryption of the stored content from the failed DVR's storage device. Thus, a cable subscriber's library of recorded and encrypted media content becomes inaccessible for playback. This may be so, even though the user may be legally entitled to play the media content, e.g., after paying for that right. Additionally, tying the media content to a particular DVR introduces problems with respect to the sharing of digital media between devices. For example, in some cases, a subscriber may be authorized to view content recorded by a first DVR within the subscriber household on another, second DVR within the subscriber household. However, because the encrypted media content is tied to the secure microprocessor in the first DVR used to record the media, such sharing becomes difficult.

Further, subscribers to media services, such as cable-television, among others, may be authorized and de-authorized for the viewing of media content based on a subscriber's subscription status. For example, this change in authorization may be carried out through the transmission of media access signals from a cable-operator's head-end system to an associated set-top box. However, these media-access signals may simply set a flag or other non-secure logical switch within the set-top that allows or disallows the specified service. However, those wishing to steal the service may be able to easily overcome such trivial barriers, allowing the media data already stored on the DVR associated with the set-top box to be accessible.

Therefore, what is needed are systems and methods that can potentially address one or more of the aforementioned deficiencies.

BRIEF DESCRIPTION OF THE DRAWINGS

The components in the drawings are not necessarily to scale relative to each other. Like reference numerals designate corresponding parts throughout the several views.

FIG. 1 depicts a block diagram of an arrangement of a secure data delivery system in which embodiments of the described systems and methods for securing media content using an interchangeable encryption key may be implemented.

FIG. 2 depicts a block diagram of selected system components of a cable head-end of the secure delivery system of FIG. 1.

FIG. 3 depicts a block diagram of selected system components of an exemplary embodiment of a remote device such as the digital-video recorder (DVR) of FIG. 1.

FIG. 4 depicts a flow diagram illustrating an embodiment of a process for creating a group record having a group key within the database of the cable head-end of FIG. 2.

FIG. 5 depicts a flow diagram of an embodiment of a process for associating a trusted remote device record with a group record and for downloading a group key to a remote device.

FIG. 6 depicts a data flow diagram applying the process embodiments of FIGS. 4 and 5 to embodiments of the secure data delivery system of FIG. 1.

FIG. 7 depicts a flow diagram of a process for encrypting media data using a group key stored within the DVR of FIG. 3.

FIG. 8 depicts a data flow diagram applying the method embodiments of FIG. 7 to embodiments of the secure data delivery system of FIG. 1.

FIG. 9 depicts a flow diagram of an exemplary process for decrypting media data using a group key.

FIG. 10 depicts an exemplary data flow diagram applying the process embodiments of FIG. 9 to embodiments of the secure data delivery system of FIG. 1.

DETAILED DESCRIPTION

FIG. 1 depicts a secure data delivery system 100 in which embodiments of the described systems and methods for securing media content using interchangeable encryption keys may be implemented. System 100 may be used, among other purposes, for coordinating the exchange of information capable of being used to secure media content stored on devices located remote from a media provider, such as a cable-television or digital satellite television provider, for example.

Media content could comprise audio, video, images, text, teletext, among others. According to some embodiments, media content, as referred to herein, may also be referred to as media programs or media programming. Some examples of media programming used herein include, but are not be intended to be limited to, television programs and radio programs. Such television programs and/or radio programs could be scheduled broadcasts or delivered to a user on-demand (e.g. such as provided with a video-on demand system). The media content could be unicast to a single user, or could be multi-cast or otherwise broadcast to multiple users.

An instance of media content (or media programming, etc.) could be, for example, a television show (e.g. an episode of Smallville). A series of media programming could be, for example, a number of episodes of a television show (e.g. the last five recordings of Smallville). The media content can be received and recorded by the remote devices. For example, the media content can be stored to a storage medium as media data. In some instances, such media data is encoded audio and/or video signals, among other potential representations of the media content that is in a form suitable for processing by the DVR 108.

Looking to FIG. 1, according to some embodiments, cable head-end 102 may deliver media content and/or the information capable of being used to secure media content stored on devices located remote from a media provider over a transmission medium 106, which may be one or more of twisted-pair telephone wire, coaxial cable, optical fiber, over-the-air waves, etc. The remote devices may be located at, for example, user premises 104.

Accordingly, the media content may be received by a remote device within the user premises 104 that is capable of receiving and, possibly, decoding the media content. The remote device may, for example, form part of, be associated with, or be integrated in one or more of a cable-television set-top box, a television, portable device, digital video recorder (DVR), personal video recorder (PVR), a personal digital recorder (PDR), and/or a personal computer, laptop computer, or personal digital assistant (PDA), among others.

According to some embodiments, the remote device comprises a set-top box having an integrated media recording capabilities. For the purposes of illustration, one such device configured to execute media recording capabilities is DVR 108. DVR 108 may be configured to record received media content and store associated media data on a storage medium. According to some embodiments, the media data may be later accessed for playback on a playback device, such as television 110, at a later time. The playback device could also be one or more of a computer monitor, an audio receiver, or other device capable of emitting sound or images pertaining to the media content.

According to some embodiments, a user premises 104 can have multiple DVRs. Depicted in the upper right portion of FIG. 1, for example, a second DVR 108a is associated with the respective user premises. DVR 108a, according to some embodiments, is associated with a respective display device 110a. In some instances, DVR 108a is in communication with DVR 108 over communication medium 112. For example, the communication medium 112 could be twisted pair, Ethernet, or any type of wired or wireless network. DVR108 and DVR 108a, and any other DVRs that may be present at user premises 104, may communicate directly or through one or more other devices in a local-area-network (LAN). In some cases, DVRs 108 and 108a can share media content and/or programming guide information, among other DVR related information, over the communication medium 112.

Although embodiments are described within the environment of a cable-television system, it should be understood that other media delivery and/or receiving devices are intended to fall within the scope of the invention. For example, the media source could be a satellite television provider or even a media server on the Internet. The remote device could be a satellite television decoder or a computer configured to receive the media content. The media recorder could be any device, such as a personal computer, that is configured with media recording and/or playback ability. Additionally, although the media content may be described as comprising video and audio content, some embodiments may include only audio or only video. The media content could even comprise text or other forms of media. Further, in some instances, non-media information (e.g. security keys, digital-rights management (DRM) information, etc.) may be transmitted along with the media content.

FIG. 2 depicts a block diagram of the cable-head end 102 of the secure data delivery system 100 of FIG. 1. Associated with the cable head-end 102 may be a transaction encryption device (TED) 202, a digital network control system (DNCS) 204, and a media delivery system 206. Cable-head end 102 may be in communication with the remote media recording device, which can be DVR 108. It should be understood that, in accordance with some embodiments, omitted from FIG. 3 are a number of conventional components, known to those skilled in the art, that are unnecessary to explain the operation of the disclosed systems and methods for securing media content using an interchangeable encryption key.

In general, TED 202 can be used by other components associated with the cable-head end to securely encrypt and decrypt data. To this end, TED 202 may include an encryption/decryption processing element 208 which can be in communication with a memory 210 used for holding keys, such as a conditional access authority (CAA) key 212 and a private entitlement agent (EA) key 220. CAA key 212 can be, for example, a passphrase of suitable strength, among other possible key types. Private entitlement agent key 220 can be used for, among other uses, signing transmissions from the cable head-end 102 to enable remote devices having a corresponding public entitlement agent (EA) key to verify the source of received transmissions.

Processing element 208 can also be configured to generate a random key, which may be referenced herein as a group key or interchangeable key. The group key could be, for example, among other encryption key types, a triple data encryption standard (3DES) key. Accordingly, it should be understood that the group key may actually comprise one or more keys. Additionally, although the group key may be described herein as a symmetric key, some embodiments may use asymmetric keys. More specifics of the operation of TED 202 will be discussed in detail below.

DNCS 204, among other functions, can be used for maintaining records pertaining to the remote devices (e.g. DVR's, set-top boxes, etc.). According to some embodiments, the remote devices may be grouped based on the type of services to which devices associated with the group are granted access. For example, the services could correspond to the types of media content that the remote devices are authorized to playback. However, it should be appreciated that other embodiments may group the remote devices based on other criteria.

According to one embodiment, the group could be a subscriber account. Thus, the devices associated with a particular subscriber account can be granted access to the same media content (e.g. media content delivered on one or more particular channels, purchased movies, etc.). According to such an embodiment, a billing system may store pertinent details about a subscriber account within the DNCS upon subscribing to a cable-television service. The subscriber account could represent, for example, an account associated with a specific person, business entity, home, etc. that is authorized to receive media content from the cable television provider. Once the subscriber account is set up, one or more remote devices may then be associated with the account.

Accordingly, looking to FIG. 2, group records 216 can be used to maintain records about a particular group (e.g. a subscriber account, etc.) and the records related to one or more remote devices can be referenced as device records 218. Although depicted separately, group records 216 and device records 218 may be viewed as potentially being linked once a particular device record is associated with a group record. Additionally, although a single database 214 is depicted, it should be understood that the respective records may be spread across two or more physical or logical databases. More specific detail as to the operation of DNCS 204 will be discussed in later portions of this document.

Media delivery system 206 can provide media content signals from the head-end (or central office, server, etc.) to any of the plurality of remote devices, such as DVR 108. The content signals may comprise any of a number of programs (i.e. television shows, or other defined portion of a media signal), and each program provided can be referred to as an “instance” of media content. In some cases, media delivery system 206 may be configured to encrypt the instances of media content (i.e. using TED 202 or other encryption devices). In some cases, such encryption may encrypt every four seconds of media data, for example, to be delivered over transmission medium 106 (FIG. 1) to the remote device. If the subscriber associated with the device is entitled to watch the program of the encrypted instance, the remote device may then decrypt the encrypted instance. An overview of the encryption and decryption of the signals to and from a cable head-end can be found in U.S. Pat. No. 6,292,568, which is hereby incorporated by reference in its entirety.

FIG. 3 is a block diagram depicting selected system components of an exemplary embodiment of the DVR 108 of FIG. 1. Omitted from FIG. 3 are, in accordance with some embodiments, a number of conventional components known to those skilled in the art that are unnecessary to explain the operation of the disclosed systems and methods for securing media content using an interchangeable encryption key. FIG. 3 depicts several components commonly communicating through a local bus 300. For example, DVR 108 may include a communications interface 302 for receiving video, audio and other media signals from a media signal source, such as the cable head-end 102 (FIGS. 1 and 2). The communication interface 302 may include a tuner system (not depicted) which could include, for example, a tuner for receiving and selecting one or more selected channels of media signals. Such a tuner system can tune to a particular television station, and the media signals associated with this station can be recorded by the DVR 108.

DVR 108 can further include at least one processor 306 for controlling the operations of the DVR 108 and an output system 308 for driving a playback device (e.g., television 110). An input system 310 can receive user inputs provided via a wired or wireless input device such as, for example, a hand-held remote control, a transmitter with buttons or keys located on the exterior of the DVR, and/or a keyboard.

Network interface 312 can transmit and/or receive data over a network such as a LAN, WAN, or the Internet. For example, data may be transferred to/from another DVR, received from a media signal source, or from a centralized server through network interface 312. Such data could be media signals and or other data, such as programming information, or other data capable of being stored and or displayed to the user. Network interface 312 may comprise, for example, an Ethernet interface, an IEEE-1394 interface, a USB (Universal Serial Bus) interface, a serial interface, a parallel interface, a wireless radio frequency (RF) interface, a telephone line interface, a power line interface, a coaxial cable interface, and/or an infrared (IR) interface, among others.

Memory 314, which may include volatile and/or non-volatile memory, can store one or more programmed software applications, herein referred to as applications, which contain instructions that may be executed by processor 306 under the direction of operating system 324. Input data used by an application can be stored in memory 314 and read by processor 306 as needed during the course of the application's execution. This input data may be data stored in memory 314 by a secondary application or other source, either internal or external to DVR 108, or may be data that was created with the application at the time it was generated as a software application program.

Internal storage 318 may comprise a recordable medium and may be a number of devices available for non-volatile data storage, such as a hard disk drive (HDD), optical drive, or flash memory, for example. Internal storage 318 may be used for storing media data, such as encoded media signals generated from those signals received through communication interface 302 and/or network interface 312. According to some embodiments, it should be understood that media programming can be digitally encoded before being stored on recordable medium by the DVR itself or by means external from the DVR, such as the media signal source or a cable set-top box. Internal storage may also be used for storing non-media data, such as encryption keys and DRM information associated with stored media data.

Like internal storage 318, external storage 320 may also comprise a recordable medium and may be a number of devices available for non-volatile data storage, such as an HDD, optical drive, or flash memory, for example. However, unlike internal storage 218, which is located within the DVR enclosure (i.e. housing) 319, external storage 320 can be removably attached to DVR 102 through a communications interface 322, which could be any number of wireless or wired interfaces, for example.

Although only one external storage device may be used in some embodiments, it is contemplated that external storage 320 may comprise a plurality of storage devices 320a-320n. For example, devices 320a-320n could be a plurality of HDDs. It can be appreciated that the one or more HDDs could be daisy chained, or otherwise linked, to communicate with DVR 108 over the communications interface 322.

Although memory 314, internal storage 318, and/or external storage 320 have been described as potentially performing particular functions, according to some embodiments, these particular functions could be shared, or carried out completely, by any other of the memory and/or storage devices.

Communication interface 322 could be a bus operating under the Advanced Technology Attachment (ATA) standard, and more specifically, the Serial-ATA (i.e. SATA) standard version 2.5, which is available from the Serial ATA International Organization and is hereby incorporated by reference in its entirety. According to such an embodiment, DVR 108 may include a communications interface comprising an attachment port on the housing 319 of the DVR that cooperatively mates with the plug of external storage 320. A cable complying with the high-speed bus (i.e. a cable complying with the SATA standards) may provide the transmission medium between external storage 320 and the DVR 108. According to other embodiments, communications interface 322 could be a bus complying with the IEEE 1394 (Firewire), the Universal Serial Bus (USB), or IEEE 802.11 standards. It can be appreciated that a number of other communication interfaces 322 could be used.

One, or both of, internal storage 318 and/or external storage 320 could be used for recording media data to a transportable medium that is capable of being easily moved between a plurality of remote devices. For example, internal storage 318 and/or external storage 320 may be an optical drive configured to read and/or record to/from an optical medium. The transportable medium could also be flash memory such as used in USB thumb drives, smart digital (SD) memory or compact flash (CF) memory, among others. Accordingly, DVR 108 may be configured to record media data, which could comprise moving or copying media data from other storage devices, to the transportable medium. DVR 108 may also be configured to read media data from a transportable medium. Accordingly, the media data may be stored to a transportable medium, and the media data on the transportable medium may then be read by other devices, such as another DVR associated with a customer account. In that the media data is encrypted, embodiments disclosed herein describe systems and methods for sharing the media content between remote devices while maintaining the ability to decrypt the underlying media data by authorized devices.

User input received during the course of execution of any processes implemented by DVR 108 may be received from an input device (not shown) via input system 310, transmitted through the bus 300, temporarily stored within memory 314, and communicated to processor 306. Data generated by an application can be stored in memory 314 by processor 306 during the course of the application's execution. Availability, location, and amount of data generated by one application for consumption by another application can be communicated by messages through the services of operating system 324.

Under user instruction, DVR application 328 can perform the general tasks of recording and/or playback of received programs, among other tasks. DVR application 328 can also provide a navigation framework for services provided by DVR 108. For example DVR application 328 can register for, and in some case reserve, certain user inputs related to navigational keys such as channel increment/decrement, last channel, favorite channel, etc. DVR application 328 also provides users with television (or other programming) related menu options that correspond to DVR functions such as, for example, providing an interactive program guide, blocking a channel or a group of channels from being displayed in a channel menu, recording particular channels, playback of recorded shows, etc.

Portions of DVR application 328 and/or operating system 324 may also facilitate the encoding and decoding of media data and/or other information used in the described systems and methods for securing media content using an interchangeable encryption key. Specifically, operating system 324 or DVR application 328 may use a secure element, depicted as secure microprocessor 330, and/or DVR content decrypt/encrypt element 342 to perform such encryption and/or decryption.

For example, DVR content decrypt/encrypt element 342 includes a processor for performing encryption and/or decryption of media content. For example, decrypt/encrypt element 342 can decrypt the media content received from the head-end 102 or from other DVR components, such as internal storage 318 or external storage 320. DVR content decrypt/encrypt element 342 also encrypts and/or re-encrypts media content for storage to the internal or external storage mediums.

According to some embodiments, DVR content decrypt/encrypt element 342 can obtain keys for performing such encryption and decryption of media content from secure microprocessor 330. Secure microprocessor 330 may include a processor, such as encryptor/decryptor 332, for encrypting and decrypting keys used by DVR content decrypt/encrypt element 342 to perform encryption and decryption of media data.

Secure microprocessor 330 may include a memory 334 for storing a number of keys for encryption and/or decryption functions. For example, memory 334 can include a device key 336 stored therein, and one or more group key storage locations 338a-338n for the storage of respective group keys, and an entitlement agent (EA) key 340.

Device key 336 could be, for example, among others, a private key of the DVR 108. Device key 336 can be used to decrypt data encrypted with a public key associated with the private device key 336. According to such embodiments, device key 336 is typically kept from being exposed outside of the secure microprocessor 330 in clear form.

The one or more group key storage locations 338 can be used to hold group keys associated with a particular group of devices authorized to access (i.e., decrypt, decode, etc.) common media content. Although referred to as a “group” key, it should be understood that the group key could be associated with any number of devices, including zero. For example, a group could be a customer account. Although a “group key” may be assigned to this group, there may not be any devices yet associated with the customer account.

A number of potential embodiments for using group keys are described below. Nonetheless, in such embodiments, the group keys can be downloaded and stored into the group key storage locations 338a-338n and can also be replaced and/or deleted from these storage locations. Accordingly, the group keys are interchangeable. It should be understood that even though the group keys are interchangeable, in some embodiments the interchangeable keys may never, or seldom, change once stored within group key storage 338. Storage locations 338a-338n may comprise non-volatile memory locations, but could be volatile if the security policy of the service provider requires that the group keys be re-supplied and stored to the group key storage locations upon a reset of the DVR 108, for example. For that matter, the group keys may be restored to group key locations 338 periodically, according to predefined policies (e.g., of the service provider).

Public EA Key 340 is a public key associated with private EA key 220. Accordingly, public EA Key 340 can be used to verify that transmissions received from the cable-head end (or other transmissions signed with private EA key 220) are from a trusted source.

Secure microprocessor 330 can also include a controller 342 for controlling the operations of encryptor/decryptor 332 and/or for storing and/or retrieving the keys to/from memory 314.

The applications executed by DVR 108 can comprise executable instructions for implementing logical functions. The applications can be embodied in any computer-readable medium for use by or in connection with an instruction execution system. The instruction execution system may be, for example, a computer-based system, a processor-containing system, or any other system capable of executing instructions. In the context of this document, a “computer-readable medium” can be any means that can contain, store, communicate, propagate, or transport the program for use by or in connection with the instruction execution system, apparatus, or device.

The computer-readable medium can be, for example, but is not limited to, an electronic, solid-state, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, device, or propagation medium, either internal to DVR 108 or externally connected to the DVR 108 via one or more communication ports or network interfaces. More specific examples (a non-exhaustive list) of the computer-readable medium would include the following: an electrical connection (electronic) having one or more wires, a portable computer diskette (magnetic), a hard drive storage device (magnetic), a random access memory (RAM) (solid-state device), a read-only memory (ROM) (solid-state device), an erasable programmable read-only memory (EPROM or Flash memory) (multiple devices), an optical fiber (optical), and a portable compact disc read-only memory (CDROM) (optical). Note that the computer-readable medium could even be paper or another suitable medium upon which the program is printed, as the program can be electronically captured, via for instance optical scanning of the paper or other medium, then compiled, interpreted or otherwise processed in a suitable manner if necessary, and then stored in a computer memory.

Now that a general overview of the various components of system 100 have been described, FIG. 4 depicts a flow diagram illustrating an embodiment of a method 400 for creating a group record 216 having a group key within database 214. For example, in some embodiments, the steps are executed by components within the environment of the secure data delivery system 100.

Any process descriptions, steps, or blocks in the flow diagrams described herein and/or depicted in the attached figures should be understood as potentially representing modules, segments, or portions of code which include one or more executable instructions for implementing specific logical functions or steps in the process. Alternate implementations are included within the scope of the preferred embodiments of the systems and methods described herein in which steps or functions may be deleted, executed out of order from that shown or discussed, including substantially concurrently or in reverse order, depending on the functionality involved, as would be understood by those reasonably skilled in the art.

At block 402, a group record is created. For example, as explained above, the group record may correspond to a subscriber account that is created in response to a request from a billing system among other possibilities. At block 404, a secure group key is requested that can be associated with the group record. For example, in one embodiment, DNCS 204 requests the secure group key from TED 202. At block 406, the requested secure group key K_GROUPis generated. At block 408 the group key K_GROUPis encrypted to ensure that it is not exposed. For example, the group key K_GROUPcan be encrypted with the CAA Storage key 212, which may be referred to as K_CAA, to produce the encrypted group key E(K_CAA(K_GROUP)).

At block 410 the requested, encrypted group key E(K_CAA(K_GROUP)) is returned to the requestor. For example, according to one embodiment, the encrypted group key E(K_CAA(K_GROUP)) is transmitted from TED 202 to DNCS 214. At block 412, the encrypted group key E(K_CAA(K_GROUP)) can be stored and associated with the group record. For example, one embodiment stores the encrypted group key in database 214 of DNCS 204.

Accordingly, method 400 generates and associates a group key, in encrypted form, with a particular group record. As described, the group could represent an account, a household, or other entity having common media access rights.

One or more remote devices can be associated with a group record. For example, a number of DVRs can be associated with a specific customer account. Accordingly, a device record can be created for each device and each device record can then be associated with a respective group record. These device records may contain a group key that has been encrypted with the respective device's public key. The encrypted group key can then be transmitted to the device, decrypted, and stored within the device's secure microprocessor. These operations are, again, completed without allowing exposure to the group key in an unencrypted form.

Thus, reference may now be directed to FIG. 5, which depicts a flow diagram illustrating an embodiment of a method 500 for associating a trusted remote device record with a group record, and for downloading the group key to the device. At block 502 a request to add a device record can be received. For example, the request can originate from a billing system and be received by DNCS 204. The request to add the trusted device can include the identification of a specified device and specified group record to be associated with one another. Accordingly, at block 504 an entry for the new device record can be made within, or otherwise associated with, the group record. The device record can include a public key, K_{DEVICE-PUBLIC}, that is associated with the private device key 336, K_{DEVICE-PRIVATE}, of the respective remote device. Accordingly, in some embodiments, a device record 218 having such information is stored within database 214.

Once the device record is generated, the group key to be associated with the device can be stored within the device record. However, in order to remain secure, the group key is stored in an encrypted form that can be decrypted by the remote device. Accordingly, at block 508 the group key stored in the respective group record can be retrieved and decrypted. For example, group key E(K_CAA(K_GROUP)), encrypted with the CAA storage key 212, is decrypted to obtain the group key K_GROUPin the clear. At block 510 the device's public key K_{DEVICE-PUBLIC}, is used to encrypt group key K_GROUPto generate E(K_{DEVICE-PUBLIC}(K_GROUP)). Such encryption and decryption can be performed by TED 202, for example.

At block 512, the encrypted group key can be signed to produce a group key Entitlement Management Message (EMM), which is a signed message holding the group key (encrypted by the device's public key). For example, a private entitlement agent key K_EA-PRIVATE, may be used by TED 202 to sign the EMM. In general, an EMM comprises an encrypted message containing private conditional access information about the authority for a device to receive services, such as those provided by a cable or satellite television operator. Accordingly, this group key EMM may serve the purpose of providing a receiving remote device with the information needed to conditionally decrypt media content received by and/or stored in the DVR 108. That is, the conditional access can be provided by the particular group key that is capable of being used to decrypt media data encrypted with the group key.

At block 514, the group key EMM for the new device can be stored with the device record, and at block 516 the home key EMM can be transmitted to the remote device. At block 518, the signature of the EMM can be authenticated. For example, the secure microprocessor of the receiving remote device may use a public entitlement agent key K_EA-PUBLICassociated with the private key used to sign the EMM (i.e. K_EA-PRIVATE) to authenticate the EMM. If the EMM is successfully authenticated, at block 520 the EMM can be decrypted to obtain the group key K_GROUPin clear (i.e. unencrypted) form. For example, the EMM can be decrypted using the secure element private key K_{DEVICE-PRIVATE}to recover the group key K_GROUP. At block 522 the group key can be stored into a free memory location associated with the device. For example, the device secure microprocessor can stores the group key K_GROUPinto memory location 338, which cannot be accessed from outside of the secure microprocessor. Accordingly, using the above process, the group key K_GROUPcan be transmitted from the head-end to the remote device without exposing the key in an unencrypted form.

Reference may also be made to FIG. 6, which depicts an exemplary data flow diagram 600 that applies the methods 400 and 500 to embodiments of the secure data delivery system 100. For example, a group record 216 can be created in database 214 (i.e. in response to a request from a billing system, etc.). At block 602, TED 202 can generate a group key K_GROUPfor association with the newly created group record 216. However, in order to avoid non-secure exposure of the group key, at block 604 TED 202 encrypts group key K_GROUPwith CAA Storage Key K_CAA, to produce encrypted group key 606 E(K_CAA(K_GROUP)), which can be stored into the group record 216 of database 214.

When a trusted remote device (i.e. PVR, DVR, set-top box, etc.) is to be associated with the group, an associated device record 218 is created (i.e. at the request of a billing system, etc.) and associated with a specified group record 216. The device record may include a public key 608, referred to as K_{DEVICE-PUBLIC}, that is associated with a private device key 336 of the remote device. The device key 336 of the remote device may also be referred to as K_{DEVICE-PRIVATE}.

TED 202 retrieves the group key, encrypted with the CAA key 212, from database 214, denoted in FIG. 6 as E(K_CAA(K_GROUP)), for decryption at block 610. TED 202 decrypts E(K_CAA(K_GROUP)), using the CAA key 212 (i.e. K_CAA) to obtain the group key K_GROUP. TED 202 can retrieve the device's public key K_{DEVICE-PUBLIC}from database 214 and, at block 612, the group key K_GROUPcan be encrypted using the remote device's public key K_{DEVICE-PUBLIC}to generate E(K_{DEVICE-PUBLIC}(K_GROUP)). At block 614, TED 202 signs the encrypted group key to produce a group key Entitlement Management Message (EMM), which is a signed message including the group key, as encrypted by the device's public key.

The group key EMM 616 for the new device can be stored into the associated device record 218. The DNCS 204 (FIG. 2) can then retrieve the group key EMM 616 from database 214 and transmit the group key EMM to the remote device where, at block 618, the device secure microprocessor 330 authenticates the EMM using the public key K_EA-PUBLIC340 associated with K_EA-PRIVATE220. If the EMM is successfully authenticated, at block 620 the device secure microprocessor decrypts E(K_{DEVICE-PUBLIC}(K_GROUP)) using the secure element private key K_{DEVICE-PRIVATE}336, thereby recovering the group key K_GROUP. The device secure microprocessor can then store the group key K_GROUPinto memory location 338. Memory location 338 cannot be accessed from outside of the secure microprocessor, allowing K_GROUPto remain completely secure. Accordingly, the group key K_GROUPcan be transmitted from a head-end to the remote device without exposing the group key in an unencrypted form.

Now that systems and methods have been described for provisioning the group key to a particular remote device, such as DVR 108, methods for encrypting and decrypting content using the group key are described. For example, FIG. 7 depicts a flow diagram of a process 700 for encrypting media data using the group key stored within the secure microprocessor of the DVR 108. At block 702 an instance of media content can be delivered to the remote device from a media source. For example, the media delivery system 206 of cable head-end 102 can deliver media content to DVR 108.

In some cases, the media content delivered to the device may be encrypted. Accordingly, if necessary, at block 704 the media content is decrypted into clear media content such as with DVR content decrypt/encrypt element 342. Additionally, according to some embodiments, the clear media content has been digitally encoded, either at the head-end or within the remote device. Thus, the clear media content may be embodied within media data, which is in the clear from encryption.

At block 706, a random number can be generated to use as a content key K_Cfor encrypting the particular instance of media data that is, or will be, stored on a storage device associated with the remote device. At block 708 the instance of media data can be encrypted with the generated content key K_C. Content key K_Ccan also be used later for decrypting the associated instance of media data. At block 710 the encrypted media data can be stored to a storage medium. For example, the media data could be stored to internal storage 318 or external storage 320, among other data storage locations. At block 712 the instance's respective content key K_Ccan be encrypted with a group key K_GROUPto produce an encrypted content key E(K_GROUP(K_C)). At block 714, the encrypted content key E(K_GROUP(K_C)) can be securely stored on a storage medium and associated with the media data instance.

Reference may also be made to FIG. 8, which depicts an exemplary data flow diagram 800 that applies the embodiments of method 700 to embodiments of the secure data delivery system 100. According to the embodiments of FIG. 8, the media source is depicted as cable head-end 102, which transmits an instance of encrypted media content 802 to the DVR 108. The instance of encrypted media content 802 is passed to DVR content encrypt/decrypt element 342 for decryption into clear media data 806 at block 804.

At block 808, the secure microprocessor 330 can generate a random number to use as a content key K_Cfor encrypting (or, rather, re-encrypting) the particular instance of media data.

According to some embodiments, in order to avoid the clear media data 806 being exposed in clear form, DVR content encrypt/decrypt element 342 encrypts clear media data 806 with the content key K_Cgenerated by secure microprocessor 330. Thus, a secure tunnel is formed in order to pass content key K_Cfrom secure microprocessor 330 to DVR content encrypt/decrypt element 342. Specifically, at block 812, the content key K_Cis encrypted and passed to DVR content encrypt/decrypt element 342. At key tunnel decrypt block 814, DVR content encrypt/decrypt element 342 can decrypt content key K_C, to provide the content key K_Cin clear form. The content key can then be used to encrypt the clear media data 806 at block 816.

Accordingly, at block 816 DVR content encrypt/decrypt element 342 encrypts the instance of media data with the content key K_C, and the encrypted media data 818 (i.e. E(K_C(MEDIA-DATA))) can be stored to a storage device, such as internal storage 318. At block 820 the secure microprocessor 330 encrypts the instance's content key K_Cwith a group key K_GROUPstored in the secure microprocessor 330 to produce an encrypted content key 822 (i.e. E(K_GROUP(K_C))) and stores the encrypted content key 822 securely to a storage device, such as internal storage 318.

Now that systems and methods for encrypting an instance of media content using a group key have been disclosed, system and method embodiments for decrypting media content using the group key are described. For example, FIG. 9 depicts a flow diagram of a process 900 for decrypting media data using the group key.

At block 902 a request to decrypt an instance of media data previously encrypted with an associated content key K_Cis received. For example, DVR application 328 may receive a request from a user to view a particular television show corresponding to the instance of encrypted media data 818 (FIG. 8). At block 904, the appropriate key for decrypting the media data is determined and the encrypted content key E(K_GROUP(K_C)) is retrieved from the storage medium. The DVR 108 may, for example, keep a table or other data structure that associates the encrypted content keys E(K_GROUP(K_C)) with the instances of encrypted media data. Accordingly, such a table can be accessed to find the encrypted content key E(K_GROUP(K_C)) associated with the instance of encrypted media data.

At block 906 the encrypted content key E(K_GROUP(K_C)) can be decrypted with the group key to retrieve the content key K_C. At block 908 an instance of media content encrypted with content key K_Cis retrieved. At block 910 the instance of media data can be decrypted with its associated content key K_Cto obtain the instance of media data in the clear. The decrypted media can, for example, be used for decoding and/or display on television 110 or for other purposes.

Reference may also be made to FIG. 10, which depicts an exemplary data flow diagram 1000 that applies method 900 to embodiments of the secure data delivery system 100. Upon receiving a request for a particular instance of media content, at block 1002 DVR 108 can receive and decrypt the encrypted content key E(K_GROUP(K_C)) associated with the encrypted media data E(K_C(MEDIA-DATA)) from the storage medium.

At block 1004 the DVR content encrypt/decrypt element 342 receives and decrypts the instance of media data E(K_C(MEDIA-DATA)) with the associated content key K_Cto produce clear media data 1006. The decrypted media data can then be used for decoding and display on a display device, such as television 110.

According to some embodiments, similar to the encryption tunnel described with respect to FIG. 8, secure microprocessor 330 encrypts content key K_Cat block 812 in order to securely deliver the content key to DVR content encrypt/decrypt element 342. DVR content encrypt/decrypt element 342 can then decrypt content key K_Cusing key tunnel decrypt 814 in order to decrypt the instance of media content at block 1004, as described above.

Accordingly, systems and methods have been described for securing media content using an interchangeable encryption key, which has been referred to from time to time as a group key. Such systems and methods can be used to allow multiple remote devices that share an identical group key to also share associated stored media data. That is, any media data encrypted using a specified group key can be decrypted by any device having access to that same group key.

According to one embodiment, the group can correspond to a customer account. For example, assuming that each DVR associated with a customer account is authorized to decrypt and view common content, a single group key could be shared among the DVRs associated with the customer account (i.e. using method embodiment 500).

Such an embodiment can be used to share media content between a number of digital media devices (i.e. DVRs 108 and 108a) at a user premises 104 (FIG. 1) or any other digital media devices which share the same group key. Such media content could be shared over the communications medium 112 or via a transportable storage medium (e.g. via external storage 320, among other transportable storage mediums). Using such an approach, a first DVR may record media content to external storage 320 and the associated encrypted content key can also be stored to external storage 320. The encrypted media content and associated encrypted content key can then be transferred to the second DVR (i.e. external storage 320 can be attached to the second DVR or the encrypted media content and encrypted content key can be transferred over communications medium 112). Because both the first and second DVR have matching group keys, the second DVR can then receive and decrypt the associated encrypted content key with the group key in order to recover the encrypted media content.

Although one embodiment may share common group keys among devices having a common customer account, other schemes are intended to be included within the scope of this disclosure. For example, based on rules determined by the media provider (e.g. cable operator, etc.), the keys could be shared between groups of customers having different subscriber accounts but having common subscription plans. Such a plan could, for example, allow the remote devices of friends sharing the same media access provisions to be capable of sharing media data between their respective remote devices. Such media data could be shared over a LAN, wide-area network (WAN), or via attachment of a portable storage medium, such as, a recordable optical disk, or an external HDD, among others.

Thus, one potential benefit is that media content encrypted by another device can be decrypted and used by any other device sharing the interchangeable group key. Such a benefit can be helpful in the case that an end user upgrades or replaces the remote device. In such a case, the media data encrypted a first remote device can be transferred to, or otherwise made available to, the new remote device. The new remote device can then be provided with the one or more group keys of the old remote device (i.e. according to an embodiment of process 500), thereby allowing the media data content to be decrypted by the new remote device (i.e. according to an embodiment of process 900).

Just as one or more group keys can be provided to a particular remote device, the one or more group keys can be removed and/or replaced. For example, an EMM may be transmitted to a remote device that clears any or all of the group keys, or otherwise replaces one or more group keys with keys that are unable to decrypt the content keys previously used to encrypt at least some of the media data stored on an associated storage device.

Thus, a media provider could remotely control whether a user can access any of the stored media content on the device by selective removal of any of the group keys. Thus, upon receiving an un-subscription request from a user, a cable television provider could remove the ability to view content already stored on the storage device instantaneously and securely. Because the group keys can be provisioned based on the access rights of the customer, such deactivation may merely cause only selected media content to become unavailable. For example, the cable operator may provision group keys for users that subscribe to premium television channels, and the instance keys used to record media content from these premium television channels can be selectively encrypted with the associated group key. If such a “premium content” group key is then removed from the remote device upon a customer's unsubscription from the premium television channel, content previously recorded is no longer accessible by the user. Such remote deactivation could also be used to remotely and securely de-authorize non-paying subscribers.

Conditional language, such as, among others, “can,” “could,” “might,” or “may,” unless specifically stated otherwise, or otherwise understood within the context as used, is generally intended to convey that certain embodiments could include, but others do not include, certain features, elements and/or steps. Thus, such conditional language is not generally intended to imply that features, elements and/or steps are in any way required for one or more embodiments or that one or more embodiments necessarily include logic for deciding, with or without user input or prompting, whether these features, elements and/or steps are included or are to be performed in any particular embodiment.

It should be emphasized that many variations and modifications may be made to the above-described embodiments, the elements of which are to be understood as being among other acceptable examples. All such modifications and variations are intended to be included herein within the scope of this disclosure and protected by the following claims.

Claims

1. A method comprising: sending, by a first secure microprocessor of a first digital media device to a server, a request to add the first digital media device to a group record associated with an user account;sending, by the first secure microprocessor to the server, an identification of the first digital media device and an identification of the group record;receiving, by the first secure microprocessor from the server, an Entitlement Management Message (EMM) comprising a first group key, wherein a record of the first digital media device is created in the group record associated with the user account and the first group key associated with the group record is encrypted with a first public key associated with the first digital media device;decrypting, by the first secure microprocessor, the EMM with a first private key associated with the first secure microprocessor to acquire the first group key;storing, by the first secure microprocessor, the first group key in at a first memory location on the first digital media device;receiving, by the first digital media device, a request to view media content from a user associated with the user account, wherein the media content is encrypted with a content key;retrieving, by the first secure microprocessor from the first memory location on the first digital media device in response to the first digital media device receiving the request to view the media content from the user, an encrypted content key corresponding to the media content;decrypting, by the first secure microprocessor, the encrypted content key with the first group key;sending, by the first secure microprocessor, the decrypted content key to a first content encrypt/decrypt element of the first digital media device;receiving, by the first content encrypt/decrypt element, the decrypted content key;decrypting, by the first content encrypt/decrypt element of the first digital media device, the media content with the content key; anddisplaying, by the first digital media device, the decrypted media content at a display device associated with the first digital media device.
2. The method of claim 1, further comprising removing, by the first secure microprocessor, the first group key from the first memory location.
3. The method of claim 1, further comprising: encrypting, by the first secure microprocessor, an instance of media content with the content key; andencrypting, by the first secure microprocessor, the content key with the first group key.
4. The method of claim 1, further comprising replacing, by the first secure microprocessor, the first group key in the first memory location with a second group key.
5. The method of claim 1, further comprising: receiving, at a second digital media device, a second message transmitted from the server, the second message encrypted by a second public key and including the first group key; anddecrypting, by a second secure microprocessor of the second digital media device, the second message with a second private key stored within a second memory location on the second digital media device to obtain the first group key.
6. The method of claim 5, further comprising storing, by the second secure microprocessor, the first group key in the second memory location of the second digital media device.
7. The method of claim 6, further comprising: encrypting, by the second secure microprocessor, an instance of media content using the second digital media device, the instance of media content encrypted by the content key provided by the second digital media device; andencrypting, by the second secure microprocessor, the content key with the first group key stored in the second memory location of the second digital media device.
8. The method of claim 7, further comprising decrypting, by a second content encrypt/decrypt element of the second digital media device, the instance of media content using the first digital media device.
9. The method of claim 8, wherein decrypting the instance of media content using the first digital media device further comprises: receiving, by the second content encrypt/decrypt element, the content key from the second secure microprocessor; anddecrypting, the by second content encrypt/decrypt element of the second digital media device, the instance media of content with the content key.
10. A system comprising: a first digital media device comprising a non-transitory computer readable medium having instructions which when executed causes the first digital media device to perform steps of: sending, by a first secure microprocessor of the first digital media device to a server, a request to add the first digital media device to a group record associated with an user account,sending, by the first secure microprocessor to the server, an identification of the first digital media device and an identification of the group record,receiving, by the first secure microprocessor from the server, an Entitlement Management Message (EMM) comprising a first group key, wherein a record of the first digital media device is created in the group record associated with the user account and the first group key associated with the group record is encrypted with a first public key associated with the first digital media device,decrypting, by the first secure microprocessor, the EMM with a first private key stored to acquire the first group key,storing, by the secure microprocessor, the first group key at a first memory location on the first digital media device,receiving, by the first digital media device, a request to view media content from a user, wherein the media content is encrypted with a content key,retrieving, by the first secure microprocessor from the first memory location on the first digital media device in response to the first digital media device receiving the request to view the media content from the user, an encrypted content key corresponding to the media content,decrypting, by first the secure microprocessor, the encrypted content key with the first group key,sending, by the first secure microprocessor, the decrypted content key to a first content encrypt/decrypt element of the first digital media device,decrypting, by the first content encrypt/decrypt element of the first digital media device, the media content with the content key, anddisplaying, by the first digital media device, the decrypted media content at a display device associated with the first digital media device.
11. The system of claim 10, wherein the instructions when executed further causes the first digital media device to perform steps of: removing the first group key from the first memory location of the first digital media device.
12. The system of claim 10, wherein the instructions when executed further causes the first digital media device to perform the steps of: encrypting, by the first secure microprocessor, an instance of media content with the content key; andencrypting, by the first secure microprocessor, the content key with the first group key.
13. The system of claim 10, wherein the instructions when executed further causes the first digital media device to perform the steps of: replacing, by the first secure microprocessor, the first group key in the first memory location of the first digital media device with a second group key.
14. The system of claim 10, wherein the instructions when executed further causes the first digital media device to perform steps of: receiving, by the first digital media device, a first message transmitted from the server, the first message encrypted by the first public.
15. The system of claim 14, wherein the first message comprises the first group key and the EMM.
16. The system of claim 10, wherein the EMM comprises private conditional access information about authority of the first digital recording media device to receive service.
17. The method of claim 1, further comprising: receiving, by the first digital media device, a first message transmitted from the server, the first message encrypted by the first public.
18. The method of claim 17, wherein the first message comprises the first group key and the EMM.
19. The method of claim 18, wherein the EMM comprises private conditional access information about authority of the first digital recording media device to receive service.

RELATED APPLICATION

This application is a Division of co-pending U.S. application Ser. No. 11/454,421 filed Jun. 16, 2006 entitled “Securing Media Content Using Interchangeable Encryption Key”, which is incorporated herein by reference.

US Referenced Citations (263)

Number	Name	Date	Kind
4633391	Rundell	Dec 1986	A
5224161	Daniel et al.	Jun 1993	A
5299263	Beller et al.	Mar 1994	A
5349641	Coutrot et al.	Sep 1994	A
5422953	Fischer	Jun 1995	A
5457746	Dolphin	Oct 1995	A
5721777	Blaze	Feb 1998	A
5742677	Pinder	Apr 1998	A
5742686	Finley	Apr 1998	A
5796829	Newby et al.	Aug 1998	A
5856975	Rostoker et al.	Jan 1999	A
5870474	Wasilewski	Feb 1999	A
5872846	Ichikawa	Feb 1999	A
5905522	Lawler	May 1999	A
5915068	Levine	Jun 1999	A
5917822	Lyles et al.	Jun 1999	A
5933503	Schell et al.	Aug 1999	A
5940391	Malkin et al.	Aug 1999	A
5943047	Suzuki	Aug 1999	A
5961603	Kunkel et al.	Oct 1999	A
5987572	Weidner et al.	Nov 1999	A
5990881	Inoue et al.	Nov 1999	A
5990927	Hendricks et al.	Nov 1999	A
5999970	Krisbergh et al.	Dec 1999	A
6005938	Banker	Dec 1999	A
6006257	Slezak	Dec 1999	A
6012068	Boezeman et al.	Jan 2000	A
6020982	Yamauchi et al.	Feb 2000	A
6035281	Crosskey et al.	Mar 2000	A
6057872	Candelore	May 2000	A
6058383	Narasimhalu et al.	May 2000	A
6088455	Logan et al.	Jul 2000	A
6098056	Rusnak et al.	Aug 2000	A
6105134	Pinder	Aug 2000	A
6108002	Ishizaki	Aug 2000	A
6118976	Arias et al.	Sep 2000	A
6148082	Slattery et al.	Nov 2000	A
6154817	Mohan et al.	Nov 2000	A
6157377	Shah-Nazaroff et al.	Dec 2000	A
6157719	Wasilewski et al.	Dec 2000	A
6173400	Perlman et al.	Jan 2001	B1
6185625	Tso et al.	Feb 2001	B1
6209090	Aisenberg et al.	Mar 2001	B1
6216231	Stubblebine	Apr 2001	B1
6229895	Son et al.	May 2001	B1
6230269	Spies et al.	May 2001	B1
6237786	Ginter et al.	May 2001	B1
6246767	Akins	Jun 2001	B1
6252964	Wasilewski	Jun 2001	B1
6253375	Gordon et al.	Jun 2001	B1
6272538	Holden et al.	Aug 2001	B1
6292568	Akins, III et al.	Sep 2001	B1
6305020	Hoarty et al.	Oct 2001	B1
6324548	Sorenson	Nov 2001	B1
6345307	Booth	Feb 2002	B1
6356971	Katz et al.	Mar 2002	B1
6366987	Tzelnic et al.	Apr 2002	B1
6378130	Adams	Apr 2002	B1
6401243	Suzuki	Jun 2002	B1
6424714	Wasilewski	Jul 2002	B1
6424717	Pinder	Jul 2002	B1
6459427	Mao et al.	Oct 2002	B1
6484182	Dunphy et al.	Nov 2002	B1
6484318	Shioda et al.	Nov 2002	B1
6510519	Wasilewski	Jan 2003	B2
6516412	Wasilewski	Feb 2003	B2
6526508	Akins	Feb 2003	B2
6532593	Moroney	Mar 2003	B1
6543053	Li et al.	Apr 2003	B1
6549577	Florencio et al.	Apr 2003	B2
6550008	Zhang et al.	Apr 2003	B1
6560340	Akins	May 2003	B1
6574609	Downs et al.	Jun 2003	B1
6636953	Yuasa et al.	Oct 2003	B2
6636968	Rosner	Oct 2003	B1
6684331	Srivastava	Jan 2004	B1
6694025	Epstein et al.	Feb 2004	B1
6727944	Adachi	Apr 2004	B1
6744892	Akins	Jun 2004	B2
6748080	Russ et al.	Jun 2004	B2
6802077	Schlarb	Oct 2004	B1
6804357	Ikonen et al.	Oct 2004	B1
6937729	Akins	Aug 2005	B2
6961858	Fransdonk	Nov 2005	B2
6963972	Chang et al.	Nov 2005	B1
6970564	Kubota et al.	Nov 2005	B1
6971008	Wasilewski	Nov 2005	B2
7020635	Hamilton et al.	Mar 2006	B2
7062658	Cheriton et al.	Jun 2006	B1
7065216	Benaloh et al.	Jun 2006	B1
7080049	Truitt et al.	Jul 2006	B2
7089579	Mao et al.	Aug 2006	B1
7090128	Farley et al.	Aug 2006	B2
7107416	Stuart et al.	Sep 2006	B2
7107462	Fransdonk	Sep 2006	B2
7124303	Candelore et al.	Oct 2006	B2
7127619	Unger et al.	Oct 2006	B2
7146388	Stakutis et al.	Dec 2006	B2
7150045	Koelle et al.	Dec 2006	B2
7151831	Candelore et al.	Dec 2006	B2
7155609	Chan et al.	Dec 2006	B2
7181010	Russ et al.	Feb 2007	B2
7197638	Grawrock et al.	Mar 2007	B1
7200868	Mattox et al.	Apr 2007	B2
7212725	Gunji et al.	May 2007	B2
7233959	Kanellos et al.	Jun 2007	B2
7287168	Candelore et al.	Oct 2007	B2
7363326	Margolus	Apr 2008	B2
7505592	Russ et al.	Mar 2009	B2
7515712	Wasilewski et al.	Apr 2009	B2
7519999	Sedacca	Apr 2009	B2
7587502	Crawford et al.	Sep 2009	B2
7602913	Wasilewski	Oct 2009	B2
7602914	Wasilewski	Oct 2009	B2
7630499	Wasilewski	Dec 2009	B2
7636846	Eskicioglu	Dec 2009	B1
7650442	Ashley et al.	Jan 2010	B2
7711586	Aggarwal et al.	May 2010	B2
7860250	Russ et al.	Dec 2010	B2
7861082	Pinder et al.	Dec 2010	B2
7949133	Pinder	May 2011	B2
7953715	Nishida	May 2011	B2
7971261	Pestoni	Jun 2011	B2
7978720	Russ et al.	Jul 2011	B2
8055910	Kocher et al.	Nov 2011	B2
8108680	Murray	Jan 2012	B2
8208796	Prus et al.	Jun 2012	B2
8732849	Ohbitsu	May 2014	B2
8856951	Yuki	Oct 2014	B2
9137480	Schlarb et al.	Sep 2015	B2
9277295	Pinder et al.	Mar 2016	B2
20010006400	Kubo et al.	Jul 2001	A1
20010049824	Baker et al.	Dec 2001	A1
20020013772	Peinado	Jan 2002	A1
20020018130	Suemoto et al.	Feb 2002	A1
20020026582	Futamura et al.	Feb 2002	A1
20020044658	Wasilewski et al.	Apr 2002	A1
20020069172	Omshehe et al.	Jun 2002	A1
20020078153	Chung et al.	Jun 2002	A1
20020094084	Wasilewski et al.	Jul 2002	A1
20020099663	Yoshino et al.	Jul 2002	A1
20020101990	Morino et al.	Aug 2002	A1
20020104097	Jerding et al.	Aug 2002	A1
20020108122	Alao et al.	Aug 2002	A1
20020116708	Morris et al.	Aug 2002	A1
20020144067	Jeong	Oct 2002	A1
20020146237	Safadi	Oct 2002	A1
20020184457	Yuasa et al.	Dec 2002	A1
20020196939	Unger et al.	Dec 2002	A1
20020199190	Su	Dec 2002	A1
20030005446	Jaff et al.	Jan 2003	A1
20030005454	Rodriguez et al.	Jan 2003	A1
20030009668	Chan	Jan 2003	A1
20030021412	Candelore et al.	Jan 2003	A1
20030026423	Unger et al.	Feb 2003	A1
20030028890	Swart	Feb 2003	A1
20030035543	Gillon et al.	Feb 2003	A1
20030046686	Candelore et al.	Mar 2003	A1
20030081776	Candelore et al.	May 2003	A1
20030093680	Astley et al.	May 2003	A1
20030110234	Egli et al.	Jun 2003	A1
20030145329	Candelore et al.	Jul 2003	A1
20030159140	Candelore et al.	Aug 2003	A1
20030161473	Fransdonk	Aug 2003	A1
20030161617	Um et al.	Aug 2003	A1
20030174837	Candelore et al.	Sep 2003	A1
20030174844	Candelore	Sep 2003	A1
20030182579	Leporini et al.	Sep 2003	A1
20030188164	Okimoto et al.	Oct 2003	A1
20030200337	Jabri et al.	Oct 2003	A1
20030233558	Lieberman	Dec 2003	A1
20040022307	Dale et al.	Feb 2004	A1
20040039911	Oka et al.	Feb 2004	A1
20040052377	Mattox et al.	Mar 2004	A1
20040045030	Reynolds et al.	Apr 2004	A1
20040068739	Russ et al.	Apr 2004	A1
20040073917	Pedlow et al.	Apr 2004	A1
20040088328	Cook et al.	May 2004	A1
20040098591	Fahrny	May 2004	A1
20040098603	Corinne	May 2004	A1
20040117831	Ellis et al.	Jun 2004	A1
20040123094	Sprunk	Jun 2004	A1
20040123313	Koo et al.	Jun 2004	A1
20040128499	Peterka et al.	Jul 2004	A1
20040187014	Molaro	Sep 2004	A1
20040193921	Byrne	Sep 2004	A1
20040228175	Candelore et al.	Nov 2004	A1
20040236804	Bots et al.	Nov 2004	A1
20040237100	Pinder	Nov 2004	A1
20050076066	Stakutis et al.	Apr 2005	A1
20050080497	Rao	Apr 2005	A1
20050091173	Alve	Apr 2005	A1
20050100162	Alve et al.	May 2005	A1
20050102513	Alve	May 2005	A1
20050102702	Candelore et al.	May 2005	A1
20050105732	Hutchings et al.	May 2005	A1
20050111835	Friel et al.	May 2005	A1
20050125357	Saadat et al.	Jun 2005	A1
20050169467	Risan et al.	Aug 2005	A1
20050169473	Candelore et al.	Aug 2005	A1
20050180568	Krause	Aug 2005	A1
20050192904	Candelore et al.	Sep 2005	A1
20050201559	Van Der Heijden	Sep 2005	A1
20050213147	Mintogawa	Sep 2005	A1
20050223414	Kenrich et al.	Oct 2005	A1
20050232593	Kanai	Oct 2005	A1
20050237396	Hagiwara et al.	Oct 2005	A1
20050240708	Shaver et al.	Oct 2005	A1
20050240974	Hiramoto et al.	Oct 2005	A1
20060013566	Nakamura	Jan 2006	A1
20060020786	Helms et al.	Jan 2006	A1
20060039256	Nakamura et al.	Feb 2006	A1
20060039559	Wasilewski	Feb 2006	A1
20060039560	Wasilewski	Feb 2006	A1
20060041905	Wasilewski	Feb 2006	A1
20060072752	Nakano et al.	Apr 2006	A1
20060074807	Gauba et al.	Apr 2006	A1
20060093325	Imai et al.	May 2006	A1
20060109854	Cancel	May 2006	A1
20060115083	Candelore et al.	Jun 2006	A1
20060153379	Candelore et al.	Jul 2006	A1
20060156382	Motoyama	Jul 2006	A1
20060174351	Park	Aug 2006	A1
20060179478	Han et al.	Aug 2006	A1
20060184733	Yamamoto et al.	Aug 2006	A1
20060187951	Ginzburg et al.	Aug 2006	A1
20060190408	Cook et al.	Aug 2006	A1
20060191020	Miller	Aug 2006	A1
20060200865	Leake et al.	Sep 2006	A1
20060262926	Candelore et al.	Nov 2006	A1
20060269060	Candelore et al.	Nov 2006	A1
20060294017	Kim et al.	Dec 2006	A1
20070055390	Simon et al.	Mar 2007	A1
20070099694	McCarthy et al.	May 2007	A1
20070110012	Abu-Amara	May 2007	A1
20070130254	Russ et al.	Jun 2007	A1
20070150960	Dubroeucq et al.	Jun 2007	A1
20070189525	Wajs	Aug 2007	A1
20070192586	McNeely	Aug 2007	A1
20070204146	Pedlow et al.	Aug 2007	A1
20070219917	Liu et al.	Sep 2007	A1
20070239608	Elbring	Oct 2007	A1
20070245024	Prus et al.	Oct 2007	A1
20070245148	Buer	Oct 2007	A1
20070276760	Kanehara	Nov 2007	A1
20070277205	Grannan	Nov 2007	A1
20070291940	Candelore et al.	Dec 2007	A1
20070294170	Vantalon et al.	Dec 2007	A1
20070294178	Pinder et al.	Dec 2007	A1
20080002951	Russ et al.	Jan 2008	A1
20080005030	Schlarb et al.	Jan 2008	A1
20080005204	Prus et al.	Jan 2008	A1
20080005497	Prus et al.	Jan 2008	A1
20080022304	Prus et al.	Jan 2008	A1
20080137852	Mamidwar	Jun 2008	A1
20080137867	Wasiliewski	Jun 2008	A1
20080170687	Moors et al.	Jul 2008	A1
20080177998	Apsangi et al.	Jul 2008	A1
20090031409	Murray	Jan 2009	A1
20090048978	Ginter et al.	Feb 2009	A1
20090080648	Pinder	Mar 2009	A1
20090089369	Russ et al.	Apr 2009	A1
20130332976	Shenker et al.	Dec 2013	A1

Foreign Referenced Citations (31)

Number	Date	Country
0782296	Jul 1997	EP
1014715	Jun 2000	EP
1161087	Dec 2001	EP
1213919	Dec 2002	EP
1447983	Aug 2004	EP
1760619	Mar 2007	EP
2174254	Jul 2014	EP
2779599	Dec 1999	FR
2403586	Jan 2005	GB
1020030037098	May 2003	KR
1020040062662	Jul 2004	KR
2000011840	Mar 2000	WO
0050978	Aug 2000	WO
0051041	Aug 2000	WO
0118807	Mar 2001	WO
2001018807	Mar 2001	WO
2001075876	Oct 2001	WO
0182588	Nov 2001	WO
2002097997	Dec 2002	WO
2004023262	Mar 2004	WO
2004098190	Nov 2004	WO
2005029843	Mar 2005	WO
2005029852	Mar 2005	WO
2005091626	Sep 2005	WO
2005101411	Oct 2005	WO
2006038204	Apr 2006	WO
2006066052	Jun 2006	WO
2008005699	Jan 2008	WO
2008005700	Jan 2008	WO
09015116	Jan 2009	WO
09042532	Apr 2009	WO

Non-Patent Literature Citations (153)

Entry
See Dialog Search.
Canadian Office Action dated Oct. 12, 2016 cited in Application No. 2,655,677, 4 pgs.
European Office Action dated Jun. 8, 2015 cited in Application No. 07 781 952.2, 4 pgs.
European Office Action dated Jul. 12, 2016 cited in Application No. 07 784 510.5, 5 pgs.
“Explorer 8300 Series Digital Recorder” ScientificAtlanta.com [online] Oct. 2005, XP002459851, Retrieved from Internet: URL:http://www.cisco.com/application/pdf/en/us/guest/products/ps8613/c1650/cdc_cont_0900aecd806c6913.pdf [retrieved Nov. 22, 2007].
GILO: “Do It Yourself Making an External Hard Drive Guide” Notebookreview.com [online], Jun. 2, 2006, XP002459852, Retrieved from Internet: URL:http://www.notebookreview.com/default.asp?newsID=2972 [retrieved on Nov. 22, 2007].
U.S. Appl. No. 10/873,805, filed Jun. 22, 2004 entitled “Validating Client Receivers,” Inventors: Pinder et al.
U.S. Appl. No. 10/920,926, filed Aug. 18, 2004 entitled “Retrieval and Transfer of Encrypted Hard Drive Content from Digital Video Receiver Set Top Box,” Inventor: Wasilewski, Anthony.
U.S. Appl. No. 10/920,841, filed Aug. 18, 2004 entitled “Retrieval and Transfer of Encrypted Hard Drive Content from Digital Video Receiver Set Top Box Utilizing Second Digital Video Receiver Set Top Box,” Inventor: Wasilewski, Anthony.
U.S. Appl. No. 10/920,842, filed Aug. 18, 2004 entitled “Utilization of Encryption Hard Drive Content by One Digital Video Receiver Set Top Box when Recorded by Another,” Inventor: Wasilewski, Anthony.
U.S. Appl. No. 11/405,205, filed Apr. 17, 2006 entitled “System and Method for Prioritizing the Storage Location of Media Data,” Inventors: Prus et al.
U.S. Appl. No. 11/428,367, filed Jun. 30, 2006 entitled “Secure Escrow and Recovery of Media Device Content Keys,” Inventors: Schlarb et al.
U.S. Appl. No. 11/428,362, filed Jun. 30, 2006 entitled “System and Method for Managing Media Data,” Inventors: Prus et al.
U.S. Appl. No. 11/428,356, filed Jun. 30, 2006 entitled “System and Method for Applying Retention Rules,” Inventors: Prus et al.
U.S. Appl. No. 11/428,357, filed Jun. 30, 2006 entitled “Digital Media Device Having Selectable Media Content Storage Location,” Inventors: Prus et al.
U.S. Appl. No. 11/428,365, filed Jun. 30, 2006 entitled “Digital Media Device Having Media Content Transfer Capability”, Inventors: Russ et al.
U.S. Appl. No. 11/671,506, filed Feb. 6, 2007 entitled “Apparatus for Entitling and Transmitting Service Instances to Remote Client Devices”, Inventors: Russ et al.
U.S. Appl. No. 11/942,778, filed Nov. 20, 2007 entitled “Retrieval and Transfer of Encrypted Hard Drive Content from Digital Video Receiver Set Top Box to a Content Transcription Device”, Inventor: Wasilewski, Anthony.
Allway Sync (Allway Sync 3.2.2), Dec. 6, 2005, pp. 1-14.
Barton “TiVO—Lution: The Challenges of delivery a reliable, easy-to-use DVR service to the masses” ACM Queue Apr. 2006 35 more queue: www.acmqueue.com.
Blackcurrant, (“Delete Files Across a Network”), May 11, 2005; accessed Jul. 2, 2010 at http://techrepublic.com.com/5208-6230-0.html?forumID=3&threadID=173478&start=0; 3 pgs.
Boston College, “Copying Files to a USB Drive or External Hard Drive,” Nov. 8, 2005, pp. 1-5 http://web.archive.org/web/20060227003853/http://www.bc.edu/offices/help/met-elements/doc/articles/html/HW-usb-drive-copy.shtml.
Chorianopoulous et al. “Affective Usability Evaluation for an Interactive Music Television Channel” ACM Computers in Entertainment, vol. 2, No. 3, Jul. 2004, Article 7b.
Dybwad, B.; (“TiVo 7.2 OS Adds Red Flag Content Protection Feature”), Sep. 14, 2005, pp. 1-5, http://www.engadget.com/2005/09/14/tivo-7-2-os-adds-red-flag-content-protection-feature/.
Ellison, “TiVo Series 2”, Jan. 13, 2004, pp. 1-6, http://www.pcmag.com/article2/8,2817,1649659,00.asp.
Eskicioglu et al. “An overview of multimedia content protection in consumer electronics devices,” Signal Processing. Image Communication, Elsevier Science Publishers, Ambsterdam, NL, vol. 16, No. 7, Apr. 2001 (Apr. 2001), pp. 681-699, XP004232133 ISSN: 0923-5965.
Haughey, M.; (“PC to TiVo Playback Released”), Oct. 24, 2005, pp. 1-13 http://web.archive.org/web/20051024002825/http://www.pvrblog.com/pvr/2005/08/pc_to_tivo_play.html.
Haughey, M.; (“TiVo 7.2 OS Adds Content Protection, Blocks Transfers, and Auto-Deletes Some Shows”), Sep. 13, 2005, pp. 1-14, http://www.pvrblog.com/pvr/2005/09/tivo_72_os_adds.html.
Menezes, et al.; “Handbook of Applied Cryptography” Handbook of applied Cryptography, CRC Press Series on Discrete Mathematics and Its Applications, Boca Raton, FL CRC Press, 1997, pp. 546, 567-570, XP002356116 ISBN: 0-8493-8523-7.
Old Apps, (“Old Version of WinSCP”), Jan. 13, 2003, pp. 1-3; accessed Jul. 2, 2010 at http://www.oldapps.com/WinSCP.php?old_winscp=2; 3 pgs.
Picker, “The Digital Video Recorder: Unbundling Advertising and Content” Professor of Commercial Law, The University of Chicago Law School, Senior Fellow, The Computation Institute of the University of Chicago and Argonne National Laboratory; Sep. 10, 2003.
Smith, J.; “Files and Folders: Removable Media,” Oct. 13, 2004, pp. 1-12 http://web.archive.org/web/20041027194919/http://www.jegsworks.com/Lessons/win/filesandfolders/step-removabledisk.htm.
TiVo.com “What is TiVo?”, Jan. 14, 2005, pp. 1-12; http://web.archive.org/web/20050114053806/http://www.tivo.com/1.0.asp.
WinFtp, Sep. 8, 2005, pp. 1-7 http://download.cnet.com/WinFtp-Client/3000-2160_4-10429297.html.
Wurmlin et al. “3D Video Record” Proceedings of the 10th Pacific Conference on Computer Graphics and Applications (PG'02) IEEE Computer Society.
International Search Report dated Oct. 22, 2003 in PCT/US2003/016585.
International Search Report and Written Opinion dated Jun. 7, 2006, cited in PCT/US2005/022069.
International Search Report and Written Opinion dated Dec. 21, 2007, cited in PCT/US2007/071842.
International Search Report cited in PCT/US2007/071843 dated Dec. 27, 2007.
Supplemental European Search Report dated Jan. 24, 2008, in Application No. 03 755 496.01.
International Search Report dated Jan. 31, 2008, in PCT/US2007/070680.
International Search Report and Written Opinion dated Mar. 10, 2008, cited in PCT/US2007/071841.
European Office Action dated Jul. 24, 2008 in Application No. 03 755 496.1.
International Preliminary Report dated Jan. 6, 2009, in PCT/US2007/072328.
European Office Action dated Feb. 10, 2009, in Application No. 07798909.3.
European Office Action dated Feb. 11, 2009, in Application No. 07798908.5.
European Office Action dated Feb. 18, 2009, in Application No. 07 798 909.3.
European Office Action dated Mar. 16, 2009, in Application No. 07 781 952.2.
European Office Action dated Apr. 29, 2009 in Application No. 07 784 510.5.
European Office Action dated Apr. 29, 2009 in Application No. 07 798 908.5.
European Office Action dated May 7, 2009 in Application No. 07 840 308.6.
European Office Action dated May 11, 2009 in Application No. 05 766 482.3.
European Office Action dated Jun. 9, 2009 in Application No. 07 815 092.7.
Australian Office Action dated Aug. 4, 2009 in Application 2005258137.
Canadian Office Action dated Sep. 25, 2015 cited in Appl. No. 2,655,526, 3 pgs.
Canadian Office Action dated Sep. 22, 2015 cited in Appl. No. 2,694,201, 3 pgs.
U.S. Official Action dated Apr. 21, 2011 in U.S. Appl. No. 11/781,412.
Canadian Office Action dated Jun. 13, 2011 cited in Application No. 2,655,536.
Canadian Office Action dated Jun. 13, 2011 cited in Application No. 2,655,526.
European Decision to Refuse dated Jul. 26, 2011 cited in Application No. 07 815 092.7-1245.
Korean Notice of Final Rejection dated Jul. 28, 2011 cited in Application No. 10-2008-7030549.
Canadian Office Action dated Aug. 24, 2011 cited in Application No. 2,655,114.
Canadian Office Action dated Aug. 29, 2011 cited in Application No. 2,655,530.
Canadian Office Action dated Sep. 2, 2011 cited in Application No. 2,652,745.
Canadian Office Action dated Sep. 21, 2011 cited in Application No. 2,655,677.
Canadian Office Action dated Sep. 21, 2011 cited in Application No. 2,655,531.
U.S. Office Action dated Oct. 19, 2011 cited in U.S. Appl. No. 11/405,205.
Extended European Search Report dated Dec. 22, 2011 cited in Application No. 11169374.3, 9 pgs.
European Office Action dated Jan. 18, 2012 cited in Appl. No. 07 781 952.2, 5 pgs.
Chinese First Office Action dated Feb. 29, 2012 cited in Application No. 200880108773.4, 10 pgs.
Canadian Office Action dated Apr. 16, 2012 cited in Application No. 2,655,530, 3 pgs.
Canadian Office Action dated May 3, 2012 cited in Application No. 2,655,531, 3 pgs.
Canadian Office Action dated May 10, 2012 cited in Application No. 2,655,536, 3 pgs.
Canadian Office Action dated May 10, 2012 cited in Application No. 2,655,526, 3 pgs.
Canadian Office Action dated Jul. 4, 2012 cited in Application No. 2,655,114, 3 pgs.
European Summons to Attend Oral Proceedings dated Aug. 1, 2012 cited in Appl. No. 07840308.6, 7 pgs.
Canadian Office Action dated Aug. 3, 2012 cited in Appl. No. 2,655,677, 3 pgs.
European Office Communication dated Oct. 2012 cited in Appl. No. 07 798 910.1, 7 pgs.
European Office Communication dated Oct. 16, 2012 cited in Appl. No. 11 169 374.3, 7 pgs.
Canadian Office Action dated Nov. 1, 2012 cited in Application No. 2,694,201, 3 pgs.
European Office Action dated Nov. 14, 2012 cited in Application No. 08 782 173.2, 6 pgs.
Canadian Office Action dated Jan. 22, 2013 cited in Appl. No. 2,655,530, 5 pgs.
Canadian Office Action dated Feb. 1, 2013 cited in Appl. No. 2,655,114, 9 pgs.
European Summons to Attend Oral Proceedings dated May 14, 2013 cited in Application No. 11169374.3, 8 pgs.
Canadian Office Action dated Jun. 10, 2013 cited in Application No. 2,655,531, 5 pgs.
Canadian Office Action dated Jun. 14, 2013 cited in Appl. No. 2,655,526, 5 pgs.
European Office Action dated Oct. 11, 2013 cited in Appl. No. 07 781 952.2, 4 pgs.
European Decision to Refuse dated Oct. 7, 2013 cited in Appl. No. 11 169 374.3, 13 pgs.
Canadian Office Action dated Oct. 24, 2013 cited in Appl. No. 2,655,530, 6 pgs.
Canadian Office Action dated Jun. 14, 2013 cited in Application No. 2,655,536, 3 pgs.
Canadian Office Action dated Dec. 9, 2013 cited in Application No. 2,694,201, 2 pgs.
U.S. Office Action dated Jun. 12, 2014 cited in U.S. Appl. No. 11/428,367, 54 pgs.
European Summons to Attend Oral Proceedings dated Jun. 26, 2014 cited in Application No. 07798910.1, 6 pgs.
Canadian Office Action dated Jun. 27, 2014 cited in Application No. 2,655,530, 2 pgs.
Canadian Office Action dated Nov. 26, 2014 cited in Appl. No. 2,655,526, 6 pgs.
IPod shuffle User's Guide (Apple Computer, Inc.) 2005 (http://manuals.info.apple.com/en_US/iPodshuffleUserGuide.pdf), 32 pgs.
U.S. Final Office Action dated Dec. 15, 2014 cited in U.S. Appl. No. 11/428,367, 21 pgs.
Canadian Final Action dated Jan. 16, 2015 cited in Appl. No. 2,655,531, 7 pgs.
The Norton Commander running under the DOS and Windows operating systems officially produced between 1986 and 1998, 4 pgs. (http://en.wikipedia.org/wiki/Norton_Commander).
The Windows File Manager released between 1990 and 1999, 3 pgs. (http://en.wikipedia.org/wiki/File_Manager_(Windows)).
The iTunes application, 18 pgs. (http://en.wikipedia.org/wiki/iTunes_Store) introduced to the public on Apr. 28, 2003
Canadian Office Action dated Nov. 27, 2014 cited in Appl. No. 2,694,201, 3 pgs.
Canadian Office Action dated Dec. 9, 2014 cited in Appl. No. 2,655,677, 5 pgs.
Canadian Office Action dated Aug. 19, 2009 in Application 2,571,533.
Notice of Preliminary Rejection dated May 28, 2010, cited in KR Appl No. 10-2008-7031848, 7 pgs.
European Office Action dated Sep. 9, 2010 in Application No. 07 840 308.6.
Notice of Preliminary Rejection dated Sep. 18, 2010 cited in Korean Application No. 10-2008-7032127.
Notice of Preliminary Rejection dated Oct. 25, 2010 cited in Korean Application No. 10-2008-7030549.
Notice of Final Rejection dated Nov. 26, 2010 cited in Korean Application No. 10-2008-7031848.
Office Action dated Aug. 20, 2007, in U.S. Appl. No. 10/873,805.
Office Action dated Jan. 9, 2008, in U.S. Appl. No. 10/873,805.
Office Action dated Apr. 30, 2008, in U.S. Appl. No. 11/482,356.
Office Action dated Jul. 9, 2008, in U.S. Appl. No. 10/873,805.
Office Action dated Aug. 5, 2008, in U.S. Appl. No. 11/428,357.
Office Action dated Sep. 30, 2008, in U.S. Appl. No. 11/428,362.
Office Action dated Nov. 28, 2008, in U.S. Appl. No. 11/482,356.
Office Action dated Dec. 12, 2008, in U.S. Appl. No. 11/428,365.
Office Action dated Dec. 17, 2008, in U.S. Appl. No. 10/873,805.
Office Action dated Mar. 18, 2009, in U.S. Appl. No. 11/428,362.
Office Action dated Apr. 2, 2009, in U.S. Appl. No. 11/428,357.
Office Action dated May 28, 2009, in U.S. Appl. No. 11/428,365.
Office Action dated Jul. 22, 2009, in U.S. Appl. No. 11/428,357.
Office Action dated Aug. 4, 2009, in U.S. Appl. No. 11/428,356.
Office Action dated Aug. 7, 2009, in U.S. Appl. No. 11/428,362.
Office Action dated Sep. 22, 2009, in U.S. Appl. No. 11/454,421.
Office Action dated Oct. 7, 2009, in U.S. Appl. No. 11/428,367.
Office Action dated Oct. 26, 2009, in U.S. Appl. No. 11/428,365.
Office Action dated Oct. 28, 2009, in U.S. Appl. No. 11/942,778.
Office Action dated Dec. 9, 2009, in U.S. Appl. No. 11/428,357.
Office Action dated Jan. 14, 2010, in U.S. Appl. No. 11/428,362.
Office Action dated Feb. 1, 2010, in U.S. Appl. No. 11/428,356.
Office Action dated Feb. 24, 2010, in U.S. Appl. No. 12/327,157.
Office Action dated Apr. 1, 2010, in U.S. Appl. No. 11/405,205.
Office Action dated Apr. 14, 2010, in U.S. Appl. No. 11/428,367.
Office Action dated May 5, 2010, in U.S. Appl. No. 11/428,365.
Office Action dated May 11, 2010, in U.S. Appl. No. 11/428,357.
Office Action dated May 26, 2010, in U.S. Appl. No. 11/428,362.
Office Action dated Aug. 31, 2010 in U.S. Appl. No. 11/405,205.
Office Action dated Oct. 14, 2010 in U.S. Appl. No. 11/428,365.
Office Action dated Oct. 26, 2010 in U.S. Appl. No. 11/428,357.
Office Action dated Nov. 2, 2010 in U.S. Appl. No. 11/428,362.
International Search Report and Written Opinion dated Sep. 16, 2008 in PCT/US2008/070707.
International Search Report dated Apr. 28, 2009 in PCT/US2008/077157.
International Preliminary Report on Patentability dated Mar. 30, 2010 in PCT/US2008/077157.
EP Communication dated May 6, 2010 in Application No. 08 833 391.9-1244.
U.S. Official Action dated Jun. 17, 2010 in U.S. Appl. No. 11/781,412.
U.S. Official Action dated Aug. 31, 2010 in U.S. Appl. No. 11/861,328.
U.S. Official Action dated Dec. 2010 in U.S. Appl. No. 11/781,412.
U.S. Appl. No. 09/111,958, filed Jul. 8, 1998, entitled “Mechanism and Apparatus for Encapsulation of Entitlement Authorization in Conditional Access System,” Inventor: Defreese et al.
Canadian Office Action dated Jan. 12, 2011 in Application No. 2,571,533.
Canadian Office Action dated Feb. 2, 2011 in Application No. 2,652,745.
European Office Action dated Apr. 4, 2011 in Application No. 07 815 092.7.
European Office Action dated Apr. 21, 2011 in Application No. 07 798 909.3.

Related Publications (1)

	Number	Date	Country
	20160142772 A1	May 2016	US

Divisions (1)

	Number	Date	Country
Parent	11454421	Jun 2006	US
Child	15001398		US

Securing media content using interchangeable encryption key

Information

Patent Number

Date Filed

Date Issued

Inventors

Original Assignees

Examiners

Agents

CPC

Field of Search

CPC

International Classifications

Term Extension

Abstract