Abstract: A host receiver and a client receiver are operatively in a direct broadcast satellite system. Program materials received by the host receiver from the direct broadcast satellite system are decrypted by the host receiver. The decrypted program materials are then encrypted at the host receiver using a copy protection key. The copy protection key is encrypted at the host receiver using a host-client pairing key shared between the host receiver and client receiver. The encrypted program materials and the encrypted copy protection key are transferred from the host receiver to the client receiver. The transferred copy protection key is decrypted at the client receiver using the host-client pairing key. The transferred program materials are then decrypted at the client receiver using the decrypted copy protection key.

Abstract: A method, apparatus, article of manufacture, and a memory structure for delivering purchase information comprising storing purchase information for a purchase of a user in a set top box. The set top box (STB) is configured to receive and display the broadcast signals through a tuner onto a display device. The STB establishes a connection to the Internet through a user initiated action (e.g., when the user accesses the Internet using the STB). A new transmission control/Internet protocol (TCP/IP) connection is obtained using the established user-initiated Internet connection without the user requesting the connection. A secure electronic connection is established with a server through the new TCP/IP connection. The purchase information is then transmitted from the STB through the secure electronic connection to the server.

Abstract: A method, apparatus, and article of manufacture provide the ability to activate functionality in a set-top box 500. A feature authorization message is received in a set-top box 500. The feature authorization message comprises one or more rules to be evaluated (wherein each of the rules comprises one or more tests for a status of one or more conditional access module 502 attributes), one or more event requirements for rule evaluation, and one or more features that are dependent by the rule evaluation result (wherein each of the one or more features represents a set of one or more abilities of hardware and/or software of the set-top box 500). When one or more of the event requirements have been met, the one or more rules are evaluated to obtain a result. The ability to use the one or more features are then set based on the result.

Abstract: Program materials received from a direct broadcast satellite system are distributed between a host receiver and a client receiver for remote decryption. Using either a same pairing key or different host and client pairing keys, an encrypted media encryption key is received at both the host and client receivers, and the encrypted media encryption key is decrypted at both the host and client receivers using the pairing key. Encrypted program materials are received from the broadcast system at the host receiver, and the encrypted program materials are decrypted at the host receiver using the media encryption key. The encrypted program materials are also transferred from the host receiver to the client receiver, where the encrypted program materials are decrypted at the client receiver using the media encryption key.

Abstract: A method, apparatus, and article of manufacture provide the ability to activate functionality in a set-top box. A feature authorization message is received in a set-top box. The feature authorization message comprises one or more rules to be evaluated (wherein each of the rules comprises one or more tests for a status of one or more conditional access module attributes), one or more event requirements for rule evaluation, and one or more features that are dependent by the rule evaluation result (wherein each of the one or more features represents a set of one or more abilities of hardware and/or software of the set-top box). When one or more of the event requirements have been met, the one or more rules are evaluated to obtain a result. The ability to use the one or more features are then set based on the result.

Abstract: A communication system 10 includes a head end 12. The head end communicates with a system gateway 26. A plurality of user devices 28 is coupled to the gateway 26. The gateway receives the plurality of first encrypted signals, decrypts the plurality of first encrypted signals to form unencrypted signals and encrypts the unencrypted signals with a second encryption to form a plurality of second encrypted signals and communicates the second encrypted signals to the plurality of user devices. The signals may also be super-encrypted signals. That is, rather than un-encrypting at the gateway, the first encrypted signals may be again encrypted.

Abstract: A communication system 10 includes a head end 12. The head end communicates with a system gateway 26. A plurality of user devices 28 is coupled to the gateway 26 that includes a memory device 94 for storing content therein. The gateway 26 receives the plurality of first encrypted signals and stores the signals in the memory device 94. The storing in the memory device 94 may be performed after further encryption. One of the user devices 28 generates a request for content and communicates the request to the gateway 26. The gateway 26 communicates content corresponding to the request to the user device 28.

Abstract: A communication system 10 includes a head end 12 that generates a device list with channel or content authorizations. The head end communicates the list to a system gateway 26. The gateway 26 receives the list. A plurality of user devices 28 is coupled to the gateway 26. A first device of the plurality of user devices generates a channel or content request at the system gateway. The gateway 26 compares the channel or content authorizations from the list to the channel request from the first user device and communicates to the first user device a channel or content corresponding to the channel request in response to comparing. Thus, authorized users are able to receive the channel or content in response to the list. The list may be generated at a subscriber information module 52 and communicated with the content or channel through a satellite 18 or through a communication network 50.

Abstract: A communication system 10 includes a service provider 12 used to provide content to a user device 14. The user device 14 is coupled to a network. A service is selected at the user device. A welcome video is communicated from the service provider 12 to the user device 14. A confirmation signal is provided from the user device 14 to the service provider 12 in response to successfully receiving the welcome video. Access to the service is enabled at the service provider 12 in response to the confirmation signal.

Abstract: A communication system includes a content repository 274 storing a content file and a video transport processing system 273 in communication with the content repository 274. The video transport processing system 273 receives a plurality of conditional access information, stores a relative time of arrival of each of the plurality of conditional access information and encrypts the content file using the plurality of conditional access information and the relative time of arrival to form an encrypted content file.

Abstract: A method and apparatus for storing and retrieving program material for subsequent replay is disclosed.

Abstract: One or more embodiments of the invention provide a method, apparatus, and article of manufacture for preventing unauthorized access to digital services comprising. Access control to digital services is distributed among a plurality of physically separate and independently controlled nonvolatile memory components on a system bus. The plurality of nonvolatile memory components are then communicatively coupled to a microprocessor. The microprocessor is configured to use state information in the nonvolatile memory components to provide desired functionality and enforce one or more security policies for accessing the digital services.

Abstract: A method and apparatus for storing and retrieving program material for subsequent replay is disclosed. In summary, the present invention describes a system and method for storing and retrieving program material for subsequent replay. The method comprises the steps of accepting encrypted access control information and the program material encrypted according to a first encryption key, the access control information including a first encryption key and control data; decrypting the received access control information to produce the first encryption key; decrypting the program material using the first encryption key; re-encrypting the program material using according to a second encryption key; encrypting the second encryption key according to a third encryption key to produce a fourth encryption key; and providing the re-encrypted program material and a fourth encryption key for storage.

Abstract: One or more embodiments of the invention provide a method, apparatus, and article of manufacture for limiting unauthorized access to digital services. A hidden non-modifiable identification number is embedded into a nonvolatile memory component. The nonvolatile memory component is used to contain state information to provide desired functionality and enforce one or more security policies for accessing the digital services. Also, the hidden number uniquely identifies a device containing the nonvolatile memory component and access to the digital services is based on access rights associated with the hidden number. Once embedded, access to the nonvolatile memory component is isolated such that access to the identification number is limited to a fixed state custom logic block, the nonvolatile memory component is protected from modification such that it is read only, and the nonvolatile memory component is not directly accessible via a system bus.

Abstract: A method and apparatus for storing and retrieving program material for subsequent replay is disclosed. In summary, the present invention describes a system and method for storing and retrieving program material for subsequent replay. The method comprises the steps of accepting encrypted access control information and the program material encrypted according to a first encryption key, the access control information including a first encryption key and control data; decrypting the received access control information to produce the first encryption key; decrypting the program material using the first encryption key; re-encrypting the program material using according to a second encryption key; encrypting the second encryption key according to a third encryption key to produce a fourth encryption key; and providing the re-encrypted program material and a fourth encryption key for storage.

Abstract: A system and method for storing and retrieving program material for subsequent replay is disclosed. The method includes accepting a receiver ID associated with a receiver key stored in a memory of the receiver, determining a pairing key for encrypting communications between the conditional access module and the receiver, encrypting the pairing key with the receiver key, and transmitting a message comprising the encrypted pairing key to the receiver. The apparatus comprises a receiver for receiving a data stream transmitting a media program encrypted according to a media encryption key and an encrypted media encryption key and a conditional access module, communicatively coupleable with the receiver.

Abstract: A communication system 100 includes a group of user devices, a first device separate from the group of user devices, a first satellite, a peer-to-peer network 130 in communication with the user devices and the satellite 106 and a content delivery network 120 in communication with the user devices. The content delivery network encrypts the content in response to a first encryption-decryption information and communicates the content to the plurality of user devices through a satellite. At each of the plurality of the group of user devices the content is encrypted in response to a second encryption-decryption information. A first user device communicates a content request to the group of user devices. At least one of the group of user devices communicates the content to the first user device through the peer-to-peer network. The first user device requests the encryption-decryption information from a content delivery network through a terrestrial network.

Abstract: A communication system 100 includes a group of user devices 110, a first satellite 106 and a content delivery network 120 in communication with the group of user devices 110. The content delivery network 120 communicates encryption-decryption information to the plurality of user devices using the first satellite 106 and encrypts the content in response to the encryption-decryption information. The content delivery network 120 communicates the content to the plurality of user devices separately from the encryption-decryption information. The plurality of user devices 110 decrypts the content in response to the encryption-decryption information. A control word packet may also be used to convey security information to the user devices so that decryption may be performed.

Abstract: A communication system 100 includes a group of user devices 110, a satellite 106 and a content delivery network 120 in communication with the group of user devices 110. The content delivery network 120 selects a plurality of user devices 110 from the group of user devices 110, divides content into a crucial portion and non-crucial portions, communicates the non-crucial portions to the plurality of user devices using a peer-to-peer network until all non-critical portions are received. After communicating the non-crucial portions, the content delivery network 120 communicates the crucial portion to the plurality of user devices 110 through the satellite. The plurality of user devices assembles the crucial portion and the non-crucial portions to form the content. In addition, security information may be first transmitted through the satellite to the user devices so that a peer-to-peer network may be established. Thereafter, the non-crucial portion are exchanged through the peer-to-peer network.

Abstract: A communication system 100 includes a plurality of user devices 110 and a content delivery network 120 that is in communication with the plurality of user devices 110. The content delivery network 120 communicates a participation signal to each of the plurality of communication devices. The content delivery network 120 communicates a secure authorization message signal to each of the plurality of user devices. The content delivery network 120 authenticates the participation signal for each of the plurality of user devices and, after authentication, communicates the content to the plurality of users.