Abstract: A method to identify the origin of a security module in a pay-tv system comprising: receiving by the pay-tv decoder system at least a first stream, a second stream and a control word stream, the first and second streams being encrypted by a first and a second control word, respectively, extracting from the control word stream, entitlement messages containing a main control word allowing retrieval of the first and second control words and access conditions, transferring the control word stream to the security module and checking the access conditions, selecting a current control word from the first or second control word based on part of the internal parameter, transmitting the current control word to the pay-tv decoder, selecting a current stream from the first or second stream in accordance with the selection of the first or second control word, and decrypting the current stream with the current control word.

Abstract: A physical device, the possession of which may provide access to digital media content in a fashion similar to the possession of a DVD providing access to the media content stored thereupon on a suitable DVD player. The possession of the physical device grants access to digital content stored on a remote server using a suitable device such as e.g., a set-top box or media player having Internet connectivity. The physical device provides for convenient and possibly anonymous access to content stored on a remote server and has certain advantages over known techniques for storing rights to access the content.

Abstract: A physical device, the possession of which may provide access to digital media content in a fashion similar to the possession of a DVD providing access to the media content stored thereupon on a suitable DVD player. The possession of the physical device grants access to digital content stored on a remote server using a suitable device such as e.g., a set-top box or media player having Internet connectivity. The physical device provides for convenient and possibly anonymous access to content stored on a remote server and has certain advantages over known techniques for storing rights to access the content.

Abstract: A physical device, the possession of which may provide access to digital media content in a fashion similar to the possession of a DVD providing access to the media content stored thereupon on a suitable DVD player. The possession of the physical device grants access to digital content stored on a remote server using a suitable device such as e.g., a set-top box or media player having Internet connectivity. The physical device provides for convenient and possibly anonymous access to content stored on a remote server and has certain advantages over known techniques for storing rights to access the content.

Abstract: A method and device for controlling access to a specific type of services among a plurality of type of services proposed by a service supplier. The method includes entering, into an authentication device of the user, a personal identification code specific to the user, the personal identification code being identical for at least two different types of services proposed by the service supplier; and indicating, by said user, said specific type of services for which the access is required, the indication being made in the authentication device.

Abstract: A system for a local network, the system being configured to extend a near field communication (NFC) between an NFC device and an NFC mobile device beyond the range defined by the NFC standards.

Abstract: A system for a local network, the system being configured to extend a near field communication (NFC) between an NFC device and an NFC mobile device beyond the range defined by the NFC standards.

Abstract: A system for a local network, the system being configured to extend a near field communication (NFC) between an NFC device and an NFC mobile device beyond the range defined by the NFC standards.

Abstract: A method and device for controlling access to a specific type of services among a plurality of type of services proposed by a service supplier. The method includes entering, into an authentication device of the user, a personal identification code specific to the user, the personal identification code being identical for at least two different types of services proposed by the service supplier; and indicating, by said user, said specific type of services for which the access is required, the indication being made in the authentication device.

Abstract: This invention relates to a process for carrying out a transaction between a payment module and a security module connected to a user's unit, this process being characterized in that it comprises the following steps: entering an identifier representative of the transaction to be carried out by means of an input device; generating by the user's unit, a control message containing at least a representative code of said transaction and an identifier of the security module requiring the transaction; sending said control message to said payment module (PP); verifying in said payment module whether it is entitled to carry out the desired transaction; if the payment module is entitled to carry out this transaction, execution of the transaction, storage of the result of the transaction in said payment module and generation by the payment module, of a receipt relating to the desired transaction and to the related security module; sending said receipt to a management center; sending an unlocking code to the security mod

Abstract: A system for a local network, the system being configured to extend a near field communication (NFC) between an NFC device and an NFC mobile device beyond the range defined by the NFC standards.

Abstract: A physical device, the possession of which may provide access to digital media content in a fashion similar to the possession of a DVD providing access to the media content stored thereupon on a suitable DVD player. The possession of the physical device grants access to digital content stored on a remote server using a suitable device such as e.g., a set-top box or media player having Internet connectivity. The physical device provides for convenient and possibly anonymous access to content stored on a remote server and has certain advantages over known techniques for storing rights to access the content.

Abstract: A method to identify the origin of a security module in a pay-tv system comprising: receiving by the pay-tv decoder system at least a first stream, a second stream and a control word stream, the first and second streams being encrypted by a first and a second control word, respectively, extracting from the control word stream, entitlement messages containing a main control word allowing retrieval of the first and second control words and access conditions, transferring the control word stream to the security module and checking the access conditions, selecting a current control word from the first or second control word based on part of the internal parameter, transmitting the current control word to the pay-tv decoder, selecting a current stream from the first or second stream in accordance with the selection of the first or second control word, and decrypting the current stream with the current control word.

Abstract: Systems and methods for performing cascading dynamic crypto periods are disclosed. In embodiments, a control word and a set of functions is transmitted between a head-end and recipient devices at the beginning of a crypto period. The crypto period is divided into a discrete number of sub-crypto periods. The control word used to encrypt and decrypt the broadcast content is changed during each sub-crypto period. At the end of the first sub-crypto period, a derived control word is generated by passing the original control word to a function in the set of functions in order to generate a derived control word at the first transition between sub-crypto periods. The derived control word is used for encryption and decryption of the broadcasted content during the second sub-crypto period. Upon transitioning to the third sub-control-period, the derived control word is input into another function to produce a second derived control word.

Abstract: The present invention provides a solution to the problem of guaranteeing the integrity of software programs by encrypting all or part of each instruction of a program using a key based on all or part of one or a plurality of previous instructions, thus resulting in a different encryption key per instruction. The invention is applicable to software programs whose structures are not necessarily tree-like in nature and is also applicable when the program includes loops, jumps, calls or breaks etc. The invention allows for an exception to be flagged when an encrypted instruction is wrongly decrypted. There is no need for the first instruction to be in clear, since the instruction key may be appropriately initialized as required. The invention can be realized in software or entirely in hardware thereby eliminating the possibility of a third party intercepting a decrypted instruction or a decryption key.

Abstract: The aim of the present invention is to limit the impact of security breaches, which are the emulators of the security module. This aim is reached by a processing unit of audio/video digital conditional access data, encrypted by control words, responsible for processing security messages containing at least one cryptogram relative to a control word and one instruction relative to the control word, characterized in that it includes means to receive at least two micro programs by security messages, executable by the security module, said security module comprising means to store at least two micro programs and means to receive an instruction contained in the security message, for selecting the micro program indicated by the instruction, for executing the said micro program with at least the cryptogram as a parameter of execution, this execution allowing the calculation of the control word to be sent back to the audio/video processing unit.

Abstract: A method for updating, in the background, data stored in physical memories without affecting the current operations performed by the microprocessor. When the update is completely terminated, the application switches from an old version to a new version. This switching occurs by a reconfiguration of the page table during which a first sub-tree structure of pointers accessing the old version of data stored in memories is replaced by a second sub-tree structure of pointers thus allowing access to the new version of data. This update method prevents incoherent transitory states of the system as the latter works with the previous data version until the installation of the new version becomes usable. In the case of an interruption to the update process, the application can always reinitialize the update since the old version of data can be reactivated by returning to the previous configuration of the page table.

Abstract: A method allows a broadcasted conditional access content accessible at the time of transmission to be also accessible at a later time thanks to intermediate storage on a hard disk of a user unit.

Abstract: A method for updating operating data in a security module associated to a user unit for processing digital data broadcast in a transport stream, said unit being connected to a conditional access system transmitting, in said transport stream, to the security module a first stream comprising management messages includes: broadcasting a second stream of operating data patch messages, adding to the first stream of management messages, a trigger message to direct the security module to a conditional access system transmitting a second stream transporting suitable operating data patch messages if a current version of the operating data in the security module requires an update, updating the operating data of the concerned security module with the operating data patch messages from the second stream, directing the security module towards the conditional access system transmitting another stream based on an identifier of the conditional access system in the security module.

Abstract: A method for updating the firmware of a security module allowing it to “jump” towards a dedicated separate patch message stream thanks to a trigger messages stream broadcasted in a main stream of management messages. The trigger messages comprise version information allowing establishing whether the security module is up-to-date, and an identifier indicating to the security module the suitable patch stream. If the current version of the firmware of the security module is inferior to the patch version, the security module is directed towards the stream of patch messages designated by the identifier included in the trigger messages. Once the update of the firmware is complete, the security module is again directed towards the main stream. This return can be carried out automatically, namely with a switch message comprising an identifier of the first stream.