Selective and persistent application level encryption for video provided to a client
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
H04N-007/167
H04N-005/783
출원번호
US-0619337
(2007-01-03)
등록번호
US-8526612
(2013-09-03)
발명자
/ 주소
MacLean, Charles Duncan
Inskip, Thomas
출원인 / 주소
Google Inc.
대리인 / 주소
Frommer Lawrence & Haug LLP
인용정보
피인용 횟수 :
1인용 특허 :
88
초록▼
A system, apparatus, and method are directed towards allowing ingestion of encrypted content into such as a VOD server, or PVR, or the like by selectively encrypting portions of a content stream based on various selection rules. In one embodiment, the selection rules include leaving selected portion
A system, apparatus, and method are directed towards allowing ingestion of encrypted content into such as a VOD server, or PVR, or the like by selectively encrypting portions of a content stream based on various selection rules. In one embodiment, the selection rules include leaving selected portions of the content stream unencrypted, including packets that include a PES header; or video packets that include various trick play data such as picture start, GOP start, sequence start, sequence end data; PIDs associated with a PAT, PMT, or the like; while other portions of the content stream may be encrypted, including video and/or audio PIDs, or other video and/or audio portions. In still another embodiment, Entitlement Control Messages (ECMs) may be inserted that employ an encryption/decryption key rotation scheme, such as odd and/or even scrambling control bit structures, which may also be rotated based on a variety of conditions.
대표청구항▼
1. A server device for managing content encryption, comprising: a transceiver for receiving and sending information between another computing device;a processor in communication with the transceiver; anda memory in communication with the processor and for use in storing data and machine instructions
1. A server device for managing content encryption, comprising: a transceiver for receiving and sending information between another computing device;a processor in communication with the transceiver; anda memory in communication with the processor and for use in storing data and machine instructions that causes the processor to perform a plurality of operations, including:receiving an unencrypted content stream;buffering a plurality of packets of the unencrypted content stream;determining for selective encryption at least a portion of the unencrypted content stream based on the plurality of buffered packets;encrypting the plurality of buffered packets;encrypting at least the portion of the unencrypted content stream, while leaving at least another portion of the unencrypted content stream unencrypted based on a selection rule that leaves at least trick play data comprising a Program Association Table in the content stream unencrypted;if a Program Map Table header is determined to be present in a portion of the unencrypted content stream, modifying at least that portion of the unencrypted content stream by at least inserting further information into the Program Map Table; andinserting an Entitlement Control Message (ECM) within the encrypted content stream, and wherein the ECM includes at least two encryption keys, wherein at least one encryption key is associated with a first cryptoperiod and at least a second encryption key is associated with a second cryptoperiod. 2. The server device of claim 1, wherein the selection rule further comprises indicating that if a portion of the unencrypted content stream includes at least one of picture start data, group of pictures start data, a sequence start, or sequence end data, then leaving that portion of the unencrypted content stream as unencrypted within the encrypted content stream. 3. The server device of claim 1, wherein the selection rule further comprises at least one rule indicating that at least a portion of a video payload or an audio payload is encrypted within the encrypted content stream. 4. The server device of claim 1, wherein the plurality of operations, further including: employing the unencrypted trick play data within the encrypted content stream to generate at least one trick play index file indicating a location of a content frame for the trick play data in the encrypted content stream. 5. The server device of claim 1, wherein encrypting at least a portion of the unencrypted content stream further comprises employing a key rotation mechanism, wherein at least a first portion of the encrypted content stream is encrypted using a first encryption key, while, at least a second portion of the encrypted content stream is encrypted using a second encryption key. 6. The server device of claim 1, wherein the selection rule further comprises an indication that a content stream packet that includes at least a portion of an PES header remains unencrypted. 7. The server device of claim 1, wherein the further information inserted into the Program Map Table further comprises conditional access information that includes at least one of a system identifier associated with a Certification Authority, a system identifier associated with a content provider, a system identifier associated with a VOD selective encryption server, a PID associated with a ECM stream, or a stream descriptor. 8. A system for managing content encryption over a network, comprising: a content server that is configured to provide unencrypted content over the network;an encryption server that is configured to receive unencrypted content from the content server, and to perform actions, including: buffering a plurality of packets of the unencrypted content stream;determining for selective encryption at least a portion of the unencrypted content stream based on the plurality of buffered packets;encrypting the plurality of buffered packets;encrypting at least the portion of the unencrypted content, wherein at least another portion of the unencrypted content having trick play data comprising a Program Association Table remains unencrypted;if a Program Map Table header is determined to be present in a portion of the unencrypted content stream, modifying at least that portion of the unencrypted content stream by at least inserting further information into the Program Map Table; andinserting an Entitlement Control Message (ECM) within the encrypted content stream, wherein the ECM includes at least two encryption keys associated with the encrypted portion of the content, and wherein at least one encryption key is associated with a first cryptoperiod and at least a second encryption key is associated with a second cryptoperiod. 9. The system of claim 8, wherein at least a portion of trick play data remains unencrypted further comprises leaving at least one of picture start data, or sequence data unencrypted. 10. The system of claim 8, wherein encrypting further comprises leaving unencrypted a Packetized Elementary Stream (PES) header. 11. The system of claim 8, wherein encrypting further comprises randomly encrypting at least some video or audio payloads, while leaving other video or audio payloads unencrypted in the encrypted content. 12. The system of claim 8, the actions of the encryption server further comprising: generating a trick index file based on the unencrypted trick play data within the encrypted content; andemploying the trick index file to enable a client device to perform at least one of a fast forward, or a fast reverse of the content. 13. The system of claim 8, wherein the further information inserted into the Program Map Table further comprises conditional access information that includes at least one of a system identifier associated with a Certification Authority, a system identifier associated with a content provider, a system identifier associated with a VOD selective encryption server, a PID associated with a ECM stream, or a stream descriptor. 14. A method of protecting a media content stream over a network, comprising: receiving unencrypted media content stream;buffering a plurality of packets of the unencrypted content stream;determining for selective encryption at least a portion of the unencrypted content stream based on the plurality of buffered packets;encrypting the plurality of buffered packets;encrypting at least the portion of the unencrypted media content stream, while leaving unencrypted each portion of the media content stream having media trick play data comprising a Program Map Table in the media content stream;if a Program Map Table header is determined to be present in a portion of the unencrypted content stream, modifying at least that portion of the unencrypted content stream by at least inserting further information into the Program Map Table;inserting an Entitlement Control Message (ECM) within the encrypted content stream, and wherein the ECM includes at least two encryption keys, wherein at least one encryption key is associated with a first cryptoperiod and at least a second encryption key is associated with a second cryptoperiod; andsending the encrypted media content stream over the network to at least one client device. 15. The method of claim 14, wherein encrypting further comprising employing at least two encryption keys, and randomly switching between the at least two encryption keys for encrypting at least the portion of the unencrypted media content stream. 16. The method of claim 14, wherein encrypting further comprising modifying a transport packet header to indicate whether a type of encryption control bit. 17. A non-transient computer readable storage medium configured to include program instructions for performing the method of claim 14. 18. The method of claim 14, wherein the further information inserted into the Program Map Table further comprises conditional access information that includes at least one of a system identifier associated with a Certification Authority, a system identifier associated with a content provider, a system identifier associated with a VOD selective encryption server, a PID associated with a ECM stream, or a stream descriptor. 19. A non-transitory computer-readable storage medium having computer-executable instructions stored thereon for managing content securely, the computer-executable instructions when installed onto a computing device enable the computing device to perform actions, comprising: receiving unencrypted content stream;buffering a plurality of packets of the unencrypted content stream;determining for selective encryption at least a portion of the unencrypted content stream based on the plurality of buffered packets;encrypting the plurality of buffered packets;encrypting at least the portion of the unencrypted content stream, while leaving unencrypted each portion of the content stream having media trick play data comprising a Program Map Table in the media content stream;if a Program Map Table header is determined to be present in a portion of the unencrypted content stream, modifying at least that portion of the unencrypted content stream by at least inserting further information into the Program Map Table;inserting an Entitlement Control Message (ECM) within the encrypted content stream, and wherein the ECM includes at least two encryption keys, wherein at least one encryption key is associated with a first cryptoperiod and at least a second encryption key is associated with a second cryptoperiod; andstoring the encrypted content stream. 20. The non-transitory computer-readable storage medium of claim 19, wherein the non-transitory computer-readable storage medium resides within a client computing device. 21. The non-transitory computer-readable storage medium of claim 19, wherein leaving the media trick play data unencrypted further comprises leaving at least one of picture start data, group of pictures start data, a sequence start, or sequence end data unencrypted within the encrypted content stream. 22. The non-transitory computer-readable storage medium of claim 19, wherein the further information inserted into the Program Map Table further comprises conditional access information that includes at least one of a system identifier associated with a Certification Authority, a system identifier associated with a content provider, a system identifier associated with a VOD selective encryption server, a PID associated with a ECM stream, or a stream descriptor.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (88)
Horstmann Cay, Advertising-subsidized and advertising-enabled software.
Gopinath Bhaskarpillai (Watchung NJ) Kurshan David (Sea Bright NJ), Composition of systems of objects by interlocking coordination, projection, and distribution.
Wasilewski Anthony John ; Woodhead Douglas F. ; Logston Gary Lee, Method and apparatus for providing conditional access in connection-oriented, interactive networks with a multiplicity.
LaRocca Tobie ; Johnson Michael D., Method and apparatus for providing subscription-on-demand services, dependent services and contingent services for an interactive information distribution system.
Arn Robert M. (Toronto CAX) Csanky Peter H. (Toronto CAX) Waszek Glen F. (Toronto CAX), Method and apparatus for scrambling and unscrambling data streams using encryption and decryption.
Vegt Arjen Van Der,NLX, Method for automatically searching a frequency range for signal channels in a receiver for digitally modulated signals, and receiver for applying such a method.
Graunke Gary L. ; Carbajal John ; Maliszewski Richard L. ; Rozas Carlos V., Method for securely distributing a conditional use private key to a trusted entity on a remote system.
Kudelski Andr (Crissier CHX) Laffely Laurent (Le Mont-sur-Lausanne CHX) Sasselli Marco (Chardonne CHX), Method of interactive communication between a subscriber and a decoder of a system of pay-television and decoder thereof.
Handelman Doron,ILX ; Kranc Moshe,ILX ; Fink David,ILX ; Zucker Arnold,ILX ; Smith Perry,ILX ; Bar-on Gerson,ILX, Secure access system utilizing an access card having more than one embedded integrated circuit and/or plurality of secu.
Handelman Doron (Givataim ILX) Kranc Moshe (Jerusalem ILX) Fink David (Jerusalem ILX) Zucker Arnold (Ramat Modiim ILX) Smith Perry (Jerusalem ILX) Bar-On Gerson (Kohav Hashahar ILX), Secure access systems and methods utilizing two access cards.
Handelman Doron,ILX ; Kranc Moshe,ILX ; Fink David,ILX ; Zucker Arnold,ILX ; Smith Perry,ILX ; Bar-On Gerson,ILX, Secure access systems utilizing more than one IC card.
Anderson ; Jr. Bruce J. ; Lamont Nadine ; Drasner Sharyn L. ; Greenberg Arthur L., Set top terminal for an interactive information distribution system.
Van Wie David M. ; Weber Robert P., Steganographic techniques for securely delivering electronic digital rights management control information over insecure.
David M. Van Wie ; Robert P. Weber, Steganographic techniques for securely delivering electronic digital rights management control information over insecure communication channels.
Van Wie David M. ; Weber Robert P., Steganographic techniques for securely delivering electronic digital rights management control information over insecure communication channels.
Van Wie, David M.; Weber, Robert P., Steganographic techniques for securely delivering electronic digital rights management control information over insecure communication channels.
Whelan, Robert; Van Wagenen, Lamar; Morris, Roy; Wellisch, Gilbert, System and method for providing WLAN security through synchronized update and rotation of WEP keys.
Herz Frederick ; Ungar Lyle ; Zhang Jian ; Wachob David ; Salganicoff Marcos, System and method for scheduling broadcast of and access to video programs and other data using customer profiles.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., System and methods for secure transaction management and electronic rights protection.
Shear Victor H. ; Van Wie David M. ; Weber Robert P., Systems and methods for matching, selecting, narrowcasting, and/or classifying based on rights management and/or other information.
Ginter Karl L. ; Shear Victor H. ; Sibert W. Olin ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter, Karl L.; Shear, Victor H.; Spahn, Francis J.; Van Wie, David M., Systems and methods for secure transaction management and electronic rights protection.
Karl L. Ginter ; Victor H. Shear ; Francis J. Spahn ; David M. Van Wie, Systems and methods for secure transaction management and electronic rights protection.
Karl L. Ginter ; Victor H. Shear ; Francis J. Spahn ; David M. Van Wie, Systems and methods for secure transaction management and electronic rights protection.
Karl L. Ginter ; Victor H. Shear ; Francis J. Spahn ; David M. Van Wie, Systems and methods for secure transaction management and electronic rights protection.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for the secure transaction management and electronic rights protection.
Hall Edwin J. ; Shear Victor H. ; Tomasello Luke S. ; Van Wie David M. ; Weber Robert P. ; Worsencroft Kim ; Xu Xuejun, Techniques for defining using and manipulating rights management data structures.
Hall Edwin J. ; Shear Victor H. ; Tomasello Luke S. ; Van Wie David M. ; Weber Robert P. ; Worsencroft Kim ; Xu Xuejun, Techniques for defining, using and manipulating rights management data structures.
Mori Toshiya,JPX ; Takao Naoya,JPX ; Shimoji Tatsuya,JPX ; Okamura Kazuo,JPX ; Hirai Junichi,JPX ; Oashi Masahiro,JPX ; Kakiuchi Takashi,JPX ; Kusumi Yuki,JPX ; Miyabe Yoshiyuki,JPX ; Minakata Ikuo,J, Terminal apparatus and method for achieving interactive operations by displaying a desired piece of image information at high speed using cache memories, out of a large amount of image information se.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M. ; Weber Robert P., Trusted and secure techniques, systems and methods for item delivery and execution.
Ginter, Karl L.; Shear, Victor H.; Spahn, Francis J.; Van Wie, David M.; Weber, Robert P., Trusted infrastructure support system, methods and techniques for secure electronic commerce transaction and rights management.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.