Abstract: The aim of the present invention is to limit the impact of security breaches, which are the emulators of the security module. This aim is reached by a processing unit of audio/video digital conditional access data, encrypted by control words, responsible for processing security messages containing at least one cryptogram relative to a control word and one instruction relative to the control word, characterized in that it includes means to receive at least two micro programs by security messages, executable by the security module, said security module comprising means to store at least two micro programs and means to receive an instruction contained in the security message, for selecting the micro program indicated by the instruction, for executing the said micro program with at least the cryptogram as a parameter of execution, this execution allowing the calculation of the control word to be sent back to the audio/video processing unit.

Abstract: Systems and/or methods that facilitate descrambling of data communicated between a memory and a host processor are presented. A descrambler component determines the bit order of data signals from a memory device based on pattern information provided to the descrambler component by the memory device during initialization. The descrambler component can receive one or more distinct patterns and can evaluate the data values associated with such patterns for each data line of the memory. The descrambler component can determine the bit order of the data signals based on such patterns and can generate a transformation function that can facilitate rearranging data, which can be received from or sent to the memory device, into a predetermined bit order.

Abstract: A unified system of programming communication. The system encompasses the prior art (television, radio, broadcast hardcopy, computer communications, etc.) and new user specific mass media. Within the unified system, parallel processing computer systems, each having an input (e.g., 77) controlling a plurality of computers (e.g., 205), generate and output user information at receiver stations. Under broadcast control, local computers (73, 205), combine user information selectively into prior art communications to exhibit personalized mass media programming at video monitors (202), speakers (263), printers (221), etc. At intermediate transmission stations (e.g., cable television stations), signals in network broadcasts and from local inputs (74, 77, 97, 98) cause control processors (71) and computers (73) to selectively automate connection and operation of receivers (53), recorder/players (76), computers (73), generators (82), strippers (81), etc.

Abstract: An initialization vector (IV) is employed to decrypt a block of a stream that has been encrypted with Cypher Block Chaining (CBC) encryption, without requiring decryption of previous blocks within the stream. For example, a listener who accesses a distribution point to retrieve encrypted content authenticates himself to an application server that regulates access to encrypted content on the distribution point, and responsively receives a key. The listener then requests access to a reference point within the encrypted content stream somewhere after its beginning (e.g., using preview clips). The distribution point relates the reference point to a corresponding block of the encrypted stream, and identifies an IV previously used for encryption of that block. The distribution point provides the associated encrypted block of content and the IV to the listener to enable mid-stream rendering of the encrypted content, without requiring the listener to decrypt previous blocks within the encrypted stream.

Abstract: A content providing system includes: a server which provides to a host apparatus a first encrypted content including an encrypted area having applied thereto a replacement key; a host apparatus which receives the first encrypted content and replacement key application area information indicating the encrypted area having applied thereto the replacement key from the server; and a data storage device which receives the replacement key from the server and an individual key set in terms of content distribution processing from the server and performs key replacement processing for changing the replacement key application area of the first encrypted content to an encrypted area by the individual key to store a second encrypted content after the key replacement processing in a data recording area.

Abstract: A method to enforce by a management center access rules for a broadcast product accessed by an access key, the management center managing a plurality of Boolean positive and negative attributes, comprising the steps: associating one positive Boolean attribute to a receiver entitled to the attribute and loading the same; associating one negative Boolean attribute to a receiver not entitled to the attribute and loading the same; defining at least a second broadcast encryption scheme for the negative Boolean attributes and associating each negative Boolean attribute corresponding decryption key material; expressing access conditions on a product as a Boolean expression by combining at least one positive Boolean attribute and at least one negative Boolean attribute by at least one Boolean conjunction or disjunction; generating and broadcasting at least one cryptogram to a receiver, encrypting the access key with the two combined broadcast encryption schemes according to the Boolean expression.

Abstract: Systems and methods are described for minimizing power consumption of a mobile user device that transfers content from an internal or external memory module to a wireless display. The content may be encrypted to secure against unauthorized access and encoded to compress the memory size of the content for transmission to other devices. In certain instances, the mobile user device may not be the ideal display device for the content. For example, a user may want a movie to be played on a bigger screen. In this case, the mobile user device may provide the encrypted and encoded content to a wireless display for decryption and decoding. In this way, the mobile user device may not decrypt or decode the content prior to transmitting the content to the mobile user device. Thereby, the mobile user device saves power by foregoing the aforementioned processing.

Abstract: A method of encryption, using an encryption key K with key length k, of at least one message M comprising uniformly distributed symbols, k bits are encrypted of messages at least k bits long, while shorter messages are lengthened, e.g. by padding or concatenation, to obtain a lengthened message at least k bits long before encryption. The encryption efficiency is thus optimized while the encryption security is retained. The encryption method is particularly suitable for JPEG2000 encoded packets comprising a message M. Also provided are an encryption apparatus, a decryption method and a decryption apparatus.

Abstract: A method for communication, including distributing over a communication network multiple channels of digital content, which are encrypted using different, channel- specific control words, and transmitting over the communication network, different, channel-specific entitlement control messages from which the control words are derivable such that each of the different channel-specific control words is derivable from any of the different channel-specific entitlement control messages by authorized receivers of the channels on the communication network. Related methods and apparatus are also included.

Abstract: The invention defines a method for leveraging the standard conditional access module interface of a digital TV receiver to deliver IPTV or other TV content without the need of a set top box. An IP-connected interface (“probe”) is used in place of a conditional access module to establish a two-way communication link between the TV and the IPTV headend or other IP content source and to deliver IP content. In an embodiment, the invention covers the specifics of content navigation without requiring any modification of the TV receiver application software or provisioning of IPTV-specific software. Content navigation is achieved by supporting a catalog/grid browsing session on the TV receiver and enabling a flat multiplex navigation, a virtual MPEG multiplex that contains the definition of several available programs but a single video and audio channel is dynamically switched to carry the selected program.

Abstract: A method and system generates and compares fingerprints for videos in a video library. The video fingerprints provide a compact representation of the spatial and sequential characteristics of the video that can be used to quickly and efficiently identify video content. Because the fingerprints are based on spatial and sequential characteristics rather than exact bit sequences, visual content of videos can be effectively compared even when there are small differences between the videos in compression factors, source resolutions, start and stop times, frame rates, and so on. Comparison of video fingerprints can be used, for example, to search for and remove copyright protected videos from a video library. Further, duplicate videos can be detected and discarded in order to preserve storage space.

Abstract: According to one embodiment, a method of descrambling digital multimedia content starts by sending an out-of-band request for encrypted control data to a headend. A descrambler integrated circuit may then receive digital program data in a scrambled format and the encrypted control data. The encrypted control data may then be decrypted entirely within the descrambler integrated circuit using a multiple-step decryption process starting with a unique key permanently stored in the descrambler integrate circuit and using the partial decryption of control data from the previous decryption step to generate a key to decrypt subsequent encrypted control data. The scrambled digital program data may then be descrambled in the descrambler integrated circuit using the decrypted control data from the last decryption step. Other embodiments are described.

Abstract: A unified system of programming communication. The system encompasses the prior art (television, radio, broadcast hardcopy, computer communications, etc.) and new user specific mass media. Within the unified system, parallel processing computer systems, each having an input (e.g., 77) controlling a plurality of computers (e.g., 205), generate and output user information at receiver stations. Under broadcast control, local computers (73, 205), combine user information selectively into prior art communications to exhibit personalized mass media programming at video monitors (202), speakers (263), printers (221), etc. At intermediate transmission stations (e.g., cable television stations), signals in network broadcasts and from local inputs (74, 77, 97, 98) cause control processors (71) and computers (73) to selectively automate connection and operation of receivers (53), recorder/players (76), computers (73), generators (82), strippers (81), etc.

Abstract: Devices, system, and methods of secure entry and handling of passwords and Personal Identification Numbers (PINs), as well as for secure local storage, secure user authentication, and secure payment via mobile devices and via payment terminals. A mobile electronic device includes: a secure execution environment (SEE) to securely execute code; and a secure video path (SVP) to securely exchange information between the SEE and a touch-screen of the mobile electronic device; wherein the SEE includes a secure password entry module to generate a scrambled on-screen interface, and to send the scrambled on-screen interface to the touch-screen through the SVP.

Abstract: A unified system of programming communication. The system encompasses the prior art (television, radio, broadcast hardcopy, computer communications, etc.) and new user specific mass media. Within the unified system, parallel processing computer systems, each having an input (e.g., 77) controlling a plurality of computers (e.g., 205), generate and output user information at receiver stations. Under broadcast control, local computers (73, 205), combine user information selectively into prior art communications to exhibit personalized mass media programming at video monitors (202), speakers (263), printers (221), etc. At intermediate transmission stations (e.g., cable television stations), signals in network broadcasts and from local inputs (74, 77, 97, 98) cause control processors (71) and computers (73) to selectively automate connection and operation of receivers (53), recorder/players (76), computers (73), generators (82), strippers (81), etc.

Abstract: There is provided a method and apparatus for providing a content service. A method of providing a content service includes generating a plurality of pieces of decryption information according to a continuous period of using a broadcasting service with respect to predetermined contents, encrypting the contents, and decrypting the encrypted contents using the decryption information.

Abstract: A broadcast receiving apparatus comprises a broadcast receiving unit (1, 4˜13) for receiving a digital broadcast; a communication unit (1˜3) for performing two-way communication through a network; an operation unit 15 for performing an acquisition operation of a key for decrypting an encrypted broadcast program received by the broadcast receiving unit; and an address generating unit 16 for generating an address of an acquisition location of the key which is accessible with the communication unit, by using program arrangement information corresponding to the broadcast program based on the acquisition operation of a key by the operation unit.

Abstract: The present invention concerns a method for controlling the use of a conditional access content (C0), said content being sent to a plurality of multimedia units (STB) connected to a management center (CG).

Abstract: A reception apparatus of the present invention is provided with a reception unit 301 for receiving a stream including a data signal, a display unit 305 for displaying based on the stream received by the reception unit 301, an authentication process unit 302 for authenticating a sender of the stream received by the reception unit 301, a signal separating unit 303 for separating the data signal from the stream received by the reception unit 301, and a control unit 310 for controlling so as to prohibit the screen unit 305 from displaying a screen based on the data signal separated by the signal separating unit 303 during authentication of the stream by the authentication process unit 302. Thereby, the reception apparatus appropriately plays contents without inflicting a disadvantage or stress on a user.

Abstract: A method embeds tracing secret data into multimedia contents delivered to particular users. The method descrambles a first scrambled video stream having alternate values to obtain a personalized video stream corresponding to an original video stream by a decoder comprising at least a security unit and a descrambling unit, the personalized video stream being obtained by restoring the alternate values by personalized values taking into account an internal parameter on the security unit and received control data containing the original values and their location in the modified stream.

Abstract: A master/slave decision device applied to a first network device is provided, where the first network device is coupled to a second network device, and the master/slave decision device includes a seed distance detection unit and a decision unit. The seed distance decision unit is utilized for detecting a seed distance between a first seed utilized in a first scrambler of the first network device and a second seed utilized in a second scrambler of the second network device. The decision unit is coupled to the seed distance detecting unit, and is utilized for determining the first network device to be a master device or a slave device according to the seed distance.

Abstract: Technologies are disclosed to transfer responsibility and control over security from player makers to content authors by enabling integration of security logic and content. An exemplary optical disc carries an encrypted digital video title combined with data processing operations that implement the title's security policies and decryption processes. Player devices include a processing environment (e.g., a real-time virtual machine), which plays content by interpreting its processing operations. Players also provide procedure calls to enable content code to load data from media, perform network communications, determine playback environment configurations, access secure nonvolatile storage, submit data to CODECs for output, and/or perform cryptographic operations. Content can insert forensic watermarks in decoded output for tracing pirate copies.

Abstract: A network device for building up a network connection via a high-definition multimedia interface, includes a scrambler, a descrambler, a comparator and a control unit. The scrambler is utilized for generating a transmission signal according to a first seed. The descrambler is for decoding a receiving signal to generate a second seed. The comparator is for generating a comparing result according to the first seed and the second seed. The control unit is for controlling the network connection according to the comparing result.

Abstract: A unified system of programming communication. The system encompasses the prior art (television, radio, broadcast hardcopy, computer communications, etc.) and new user specific mass media. Within the unified system, parallel processing computer systems, each having an input (e.g., 77) controlling a plurality of computers (e.g., 205), generate and output user information at receiver stations. Under broadcast control, local computers (73, 205), combine user information selectively into prior art communications to exhibit personalized mass media programming at video monitors (202), speakers (263), printers (221), etc. At intermediate transmission stations (e.g., cable television stations), signals in network broadcasts and from local inputs (74, 77, 97, 98) cause control processors (71) and computers (73) to selectively automate connection and operation of receivers (53), recorder/players (76), computers (73), generators (82), strippers (81), etc.

Abstract: Embodiments of the present invention provide for the copy protection of distributed material after conditional access is applied, regardless of where the material is distributed. The solutions described provide the advantage of being sufficiently simple in implementation to qualify as “curb high” solutions. “Curb high” solutions provide a range of security from minimal security to a high level of security while requiring relatively fewer system resources to implement than prior approaches.

Abstract: Systems and methods are disclosed in which image representations of text strings can be easily edited. As such, one embodiment, among others, includes the step of receiving input from a user. The received input is indicative of a selection of an image. The image corresponds to a text string. That embodiment further comprises the step of correlating the image to the corresponding text string. Upon correlating the image to the text string, the text string is displayed to the user.

Abstract: Methods and apparatus for connecting, e.g., bridging, a cable network to other networks and/or devices is described. A bridge device facilitates the distribution of cable provider content to end users operating IP based devices. The bridge device performs one of more of the following: interface protocol conversions, user device controlled tuner selection, transcoding of data, transrating of a data stream, decryption in accordance with a conditional access protocol and re-encryption in accordance with an authorized service domain protocol.

Abstract: A method for securely obtaining a control word in a chip set of a receiver, said control word for descrambling scrambled content received by the receiver, the method comprising, at the chip set: receiving a secured version of a virtual control word from a conditional access/digital rights management client communicably connected to the chip set; obtaining the virtual control word from the secured version of the virtual control word; and using a first cryptographic function to produce a given output from an input that comprises the virtual control word and either a plurality of signature verification keys or one or more values derived from a plurality of signature verification keys, each signature verification key being associated with a conditional access/digital rights management system, the given output comprising at least one control word, wherein the first cryptographic function has the property that it is infeasible to determine a key pair including a signature key and a signature verification key and an

Abstract: An adaptive security policy based scalable video service apparatus includes a video streaming server, an adaptive security policy server and a terminal. The video streaming server receives a service demand via a network and generates an encrypted streaming data. The adaptive security policy server analyzes a media structure and the service demand, by using a service profile received from the video streaming server, so as to generate a security policy description. The terminal generates and transmits the service demand to the video streaming server or the adaptive security server, obtains the encrypted streaming data from the video streaming server and decrypts the encrypted streaming data for playback, storing and retransmission.

Abstract: Exemplary embodiments of methods and apparatuses to project personal video recorder (“PVR”) trick mode operations over a network are described. A first content stream may be at a first speed. A request to access the first content stream at a second speed can be received. A second content stream can be generated based on a second speed. The second content stream can be send over a network to be rendered at the first speed by a client device. One or more anchor frames in the first content stream are selected. The second content stream is generated based on the one or more anchor frames. One or more dummy frames can be inserted into the second content stream. Indexing information can be generated to create a second content stream to send over the network.

Abstract: Methods and devices are provided to embed imperceptible watermarks into a host content and to subsequently extract embedded watermarks in a manner so as to achieve desired levels of robustness, transparency and security. For a particular host content, a first number of embedding opportunities are used to insert watermarks, which is less than a number of all embedding opportunities within the host content. Watermarks are extracted from a first number of watermark extraction opportunities, which is less than a number of all watermark extraction opportunities associated with the host content. The relationship between the first number of embedding opportunities, the first number of watermark extraction opportunities and the number of all watermark extraction opportunities is such that a circumvention attempt that overwrites watermarks at all extraction opportunities degrades perceptual quality of the host content below a desired perceptual quality level.

Abstract: A secure end to end connection is established between a remote device having a wireless link and a control/monitoring location for the remote device through a gateway. During the establishing of the secure connection, a compressed message representation is used to communicate between the gateway and the remote device over the wireless link and an uncompressed message representation is used to communicate between the gateway and the first location. The establishment of the secure connection utilizes public-key algorithms.

Abstract: A system, apparatus, and method are directed towards allowing ingestion of encrypted content into such as a VOD server, or PVR, or the like by selectively encrypting portions of a content stream based on various selection rules. In one embodiment, the selection rules include leaving selected portions of the content stream unencrypted, including packets that include a PES header; or video packets that include various trick play data such as picture start, GOP start, sequence start, sequence end data; PIDs associated with a PAT, PMT, or the like; while other portions of the content stream may be encrypted, including video and/or audio PIDs, or other video and/or audio portions. In still another embodiment, Entitlement Control Messages (ECMs) may be inserted that employ an encryption/decryption key rotation scheme, such as odd and/or even scrambling control bit structures, which may also be rotated based on a variety of conditions.

Abstract: Systems and methods include broadcasting an entitlement management message (EMM) in a communication system using a scheduled delivery window. The systems and methods including receiving a EMM broadcast window from a distribution system, listening for the EMM during the EMM broadcast window, and receiving the EMM from the distribution system during the EMM broadcast window.

Abstract: An input processing circuit decodes a digital video signal selected by an input signal selector. Decryption circuits each decrypt the encryption of a video signal output from the input processing circuit, and generate an authentication key of the encryption. A video signal selector selects and outputs one of the video signals output from the decryption circuits, to a monitor. The decryption circuits each include a pseudo-signal generation circuit which extracts information from the video signal, and based on the extracted information, generates a pseudo-video signal.

Abstract: An apparatus, system, method, and article for shuffling video information are described. The apparatus may include a media processing node to receive video information. The media processing node may include a shuffling module to shuffle the video information according to a shuffle order and a trusted entity programmed based on the shuffle order to provide access to the video information. The video information may be provided in an unshuffled manner when accessed through the trusted entity. Other embodiments are described and claimed.

Abstract: Disclosed are a method and apparatus capable of reducing the computational complexity of encryption and decryption by encrypting only data of scalable video coding contents for each coding layer in terms of temporal, spatial, and SNR scalabilities to provide a service for protected scalable video coding contents, and capable of protecting contents by generating and distributing an encryption key for encryption and decryption depending on a class of a contents consumer.

Abstract: Methods and apparatus permit a one-way downloadable security for electronic signals such as cable television, free-to-air, direct broadcast satellite, electronic device enablement, and other services. The system can allow a broadcast transmission capability (1) to provide an encrypted signal to an individual reception capability (2) in a manner that maintains the full security of a traditional decryption key process while completely eliminating any need for a trusted authority. By including a nascent decryption key generator that may create a secure, key-based environment from an unsecure individualized information transmission (12), a sequence of key(s) from a root key(s) to a derived key(s) to a temporary key(s) and ultimately to a fully random key(s) can be generated in activating a device or a decryption capability for a subscriber.

Abstract: A method of providing an encrypted data stream, includes obtaining a first data stream, partitioned into sections corresponding to key periods, each of a plurality of the key periods being associated with a respective value of a key, wherein each section corresponding to a key period associated with a value of the key includes at least one encrypted data unit decryptable using that associated key value, obtaining a sequence of key messages, at least some of which carry key information for obtaining at least one of the key values, obtaining a replacement data stream section, forming an encrypted output data stream, corresponding at least partially to the first data stream, by inserting the replacement data stream section so as to replace a corresponding part of the first data stream with a tail end of the replacement data stream section preceding at least part of a section of the first stream corresponding to a certain key period, and providing as output the encrypted output data stream in synchrony with an as

Abstract: There is provided an apparatus for the certification of privacy compliance. The apparatus includes a registry of at least one of enrolled video surveillance operators, approved surveillance hardware devices, approved surveillance software programs, approved surveillance system installers, and approved entities that manage surveillance systems. The apparatus further includes a registry searcher, in signal communication with the registry, for receiving queries to the registry, and for determining whether at least one of a particular surveillance operator, a particular surveillance hardware device, a particular surveillance software program, a particular surveillance system installer, and a particular entity that manages a particular surveillance system is on the registry based on a given query.

Abstract: A system for extracting a video-watermark embedded in a video sequence, comprising a decryption and decoding engine to receive the video sequence in a video-codec-encoded format and encrypted, then decrypt the video sequence yielding a decrypted video sequence, then decode the decrypted video sequence yielding a decrypted decoded video sequence, and then output the decrypted decoded video sequence to a display device for rendering thereon, a measurement module to measure memory usage utilized by the engine decoding at least part of the video sequence yielding measurements of memory usage, a memory usage analyzer to analyze the measurements to determine an arrangement of video frames of at least one frame type in the video sequence, and an encoding feature analyzer to analyze the arrangement of the video frames to extract the video-watermark from the video sequence. Related apparatus and methods are also described.

Abstract: The present invention provides a method for decrypting encrypted content transmitted from an operator to a plurality of users where said operator further provides security information allowing for the decryption of said content. The method has the advantage of satisfying the goal of providing the capability for detecting a fraudulent user who retransmits control words extracted from the security information to other users. The method provides for the achievement of the goal without incurring extra overhead in addition to the transmitted content and security information. The method makes use of control words which are based on multiple solutions provided by collisions in mathematical functions and involves the observation of choices of control words retransmitted by the fraudulent user.

Abstract: One embodiment of the invention relates to an apparatus comprising an input, a descrambler unit and a re-scrambler unit. The input is adapted to receive scrambled content. The descrambler unit is coupled to the input. The descrambler unit descrambles the scrambled content in order to recover unscrambled content and concurrently routes both the unscrambled content over a first communication link for display on a display device and the unscrambled content over a second communication link. The re-scrambler unit is coupled to the second communication link. The re-scrambler unit is adapted to scramble the unscrambled content to produce re-scrambled content for transmission.

Abstract: An apparatus and a method for generating a constructively multi-patterned watermark, an apparatus and a method for inserting and detecting the watermark using the same. The method includes dividing user's hidden data into plural partial data and outputs the plural partial data, performing a message-encoding of the plural partial data, modulating the plural message-encoded data into image signal format and outputting plural message signals, generating a synchronization signal for synchronizing the constructively multi-patterned watermark with a two-dimensional translation of an image, generating, plural sub-base patterns using the plurality of message signals modulated into the image signal format, and the synchronization signal, and generating a base watermark that is the constructively multi-patterned watermark, using the plural sub-base patterns.

Abstract: A random number or HDCP key is sent from a TV to a set back box (SBB) over a HDMI channel, and unless the SBB returns the same random number/key to the TV over a USB link, the TV will not communicate further with the SBB.

Abstract: A method and a system for generating a scrambled data stream is described, wherein the method comprises: providing a code book comprising code information for scrambling data in data stream comprising one or more service streams; generating a control word request associated with at least one crypto period in at least one of said service streams; in response to said control word request, generating on the basis of said code information at least one control word associated with said crypto period in said service stream; and, scrambling data associated with at least one of said service streams using said control word.

Abstract: A bridge is disclosed having a security engine to protect digital content at insecure interfaces of the bridge. The bridge permits cryptographic services to he offloaded from a central processing unit to the bridge. The bridge receives a clear text input from a central processing unit. The bridge encrypts the clear text input as cipher text for storage in a memory. The bridge provided the cipher text to a graphics processing unit.

Abstract: A partial multiple encryption device consistent with certain embodiments has an input adapted to receive a unencrypted video signal. An encryption arrangement produces a partially multiple encrypted video signal from the unencrypted video signal. An output is adapted to provide the partially multiple encrypted video signal. This abstract is not to be considered limiting, since other embodiments may deviate from the features described in this abstract.

Abstract: A surveillance video transmission apparatus, includes a video input unit configured to collect physical videos and make the collected physical videos informative; a video analysis unit configured to analyze content of the collected video by recognizing the collected video and detecting an event; and an encryption selection unit configured to select one of a non-encryption mode, a regions-of-interest encryption mode and a full video encryption mode based on the analysis result of the collected video. Further, the surveillance video transmission apparatus includes a video process unit configured to perform one of a non-encryption, a regions-of-interest encryption and a full video encryption and encoding on the collected video according to the selected encryption mode; and a video transmission unit configured to transmit the encoded video and encryption-related information to a surveillance video receiving apparatus.

Abstract: A video player sends a video content identifier and a video player identifier through a network to a server. The video content identifier identifies video content. The video player identifier identifies the video player. Further, a first subset of encrypted video content and an initialization vector are received from a server. In addition, a hash of the video player identifier is generated. The first subset of the encrypted video content is decrypted with a decryption key to generate a first result. Further, a first operation on the initialization vector and the hash is performed to generate a second result. In addition, a second operation is performed on the first result and the second result to generate a first subset of plaintext of video content.