A method of enabling a user to access recorded data associated with an event, the method comprising determining the location of a user's device at a control unit, confirming the location is within a predetermined vicinity and that the user's device was at the location within a predetermined period and the control unit enabling access for the user to the data if the location of the user's device in the predetermined period is confirmed.
Example embodiments provide systems and methods for dynamically creating intuitive favorites for a user. The system and methods include monitoring actions performed, by the user at a digital receiver, with respect to a plurality of content programs. The actions performed with respect to the plurality of content programs are analyzed. The analysis includes comparing a level of the actions with respect to a first content program of the plurality of content programs with a threshold. Based on the comparing indicating that the first content program is a favorites, an indication that the first content program is a favorites content program is stored to a data store.
H04N 21/258 - Client or end-user data management, e.g. managing client capabilities, user preferences or demographics or processing of multiple end-users preferences to derive collaborative data
H04N 21/442 - Monitoring of processes or resources, e.g. detecting the failure of a recording device, monitoring the downstream bandwidth, the number of times a movie has been viewed or the storage space available from the internal hard disk
H04N 21/45 - Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies
A surveillance system connectable to a network, comprising a communication module and a management module; said system being configured to, during an initialization phase: a. intercept a first message being sent to a first device; b. intercept a second message said second message being a response from the first device to the first message; c. calculate a time interval between the interception of the first message and the second message; d. repeat the steps a. to c. to determine further time intervals; e. determine a distribution of said time intervals; f. store the distribution and during a surveillance phase, intercept a third message said message being sent to the first device; intercept a fourth message said fourth message being a response to the third message; calculate a new time interval between the interception of the third and fourth messages; and verify that the new time interval is within the distribution.
Aspects of the present disclose involve a method, a device, and a system comprising a processor and a machine-readable storage medium storing at a set of instructions for identification and authentication of user profiles associated with a digital television system and displaying information related thereto. In example embodiments, the method includes identifying a user profile registered with a content presentation device based on received identification data that includes biometric data. The method further includes receiving, from a server, identifiers of a set of recently watched channels associated with the user profile and causing presentation of a recent channels interface that includes selectable elements corresponding to the set of recently watched channels.
H04N 21/45 - Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies
H04N 21/41 - Structure of client; Structure of client peripherals
H04N 21/422 - Input-only peripherals, e.g. global positioning system [GPS]
H04N 21/25 - Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication or learning user preferences for recommending movies
H04N 21/258 - Client or end-user data management, e.g. managing client capabilities, user preferences or demographics or processing of multiple end-users preferences to derive collaborative data
H04N 21/442 - Monitoring of processes or resources, e.g. detecting the failure of a recording device, monitoring the downstream bandwidth, the number of times a movie has been viewed or the storage space available from the internal hard disk
H04N 21/466 - Learning process for intelligent management, e.g. learning user preferences for recommending movies
H04N 21/4415 - Acquiring end-user identification using biometric characteristics of the user, e.g. by voice recognition or fingerprint scanning
H04N 21/658 - Transmission by the client directed to the server
H04N 21/433 - Content storage operation, e.g. storage operation in response to a pause request or caching operations
H04N 21/458 - Scheduling content for creating a personalised stream, e.g. by combining a locally stored advertisement with an incoming stream; Updating operations, e.g. for OS modules
H04N 21/482 - End-user interface for program selection
In overview, a computer-implemented method of transmitting data in a data stream from a first device to a second device is disclosed. The data stream is encrypted before transmission from the first device to the second device, and a location of the data in the data stream is indicated to the second device. The location may be a pre-shared location between the first and second devices, or the first device may transmit the location of the data to the second device. The second device decrypts the encrypted data stream, identifies the data in the data stream based on the location, and encrypts the identified data in the data stream.
A media device receives a domain key from a service provider. The media device further encrypts media with a media key and encrypts the media key with the domain key to form an encrypted media token: the protected media key is encapsulated in an encrypted media token. The service provider may then receive the encrypted media token and one or more receiving entity identifiers relating to a receiving entity and ascertain whether the receiving entity is entitled to access media from the media device. If the receiving entity is entitled to access media from the media device, the service provider decrypts the cryptographic media token using the domain key to obtain the media key and providing the media key to the receiving entity. As such, an authenticated receiving entity may obtain the media key necessary to decrypt the media. Moreover, there is no requirement for any intermediate entity to have similar access and thus the encryption provided by the media key is in place throughout the transport of the media from media device to receiving entity.
H04N 7/18 - Closed-circuit television [CCTV] systems, i.e. systems in which the video signal is not broadcast
H04N 21/2347 - Processing of video elementary streams, e.g. splicing of video streams or manipulating MPEG-4 scene graphs involving video stream encryption
H04N 21/266 - Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system or merging a VOD unicast channel into a multicast channel
7.
TECHNIQUES FOR MANAGING GENERATION AND RENDERING OF USER INTERFACES ON CLIENT DEVICES
Techniques and systems are provided for processing user interface content. For example, a server computer can receive a user interface event corresponding to a user interface of a device (e.g., a client device, another server computer, or other device). An application associated with the user interface event can be determined, and an interface model can be generated using the application associated with the user interface event. The interface model defines state information for one or more graphic objects of the user interface. The state information results from the user interface event. The server computer can send the interface model to the device, which enables the device to render the user interface.
The present disclosure relates to methods and devices for testing video data being rendered at or using a media device. A plurality of video frames to be rendered is received, each frame comprising one or more primary screen objects and at least one further screen object. The received frames are rendered at or using the media device wherein the at least one further screen object is superimposed on the one or more primary screen objects of a given frame during rendering. The rendered frames are provided to a data model. Extracted metadata indicating the presence or absence of further screen objects in the rendered video frames is the output of the data model. The data model is also provided with original metadata associated with the video frames prior to rendering. The rendering of each further screen object is then tested based on the original metadata and extracted metadata relating to a given video frame. The disclosure also extends to associated methods and devices for generating training data for testing rendering of video frame and training a data model using the training data.
H04N 21/43 - Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronizing decoder's clock; Client middleware
H04N 17/04 - Diagnosis, testing or measuring for television systems or their details for receivers
An integrated circuit device is disclosed, the device comprising a protective layer and a protected circuit on a substrate, the protective layer being configured to protect the protected circuit by absorbing laser radiation targeted at the protected circuit through the substrate. The device may be configured such that removal of the protective layer causes physical damage that disables the protected circuit. The device may comprise intermediate circuitry protruding into the substrate between the protective layer and the protected circuit, wherein the physical damage that disables the protected circuit is physical damage to the intermediate circuitry. The device may comprise detection circuitry configured to detect a change in an electrical property of the device indicative of removal of the protective layer, and, in response to detecting the change in the electrical property, cause the protected circuit to be disabled.
A content owner registers with an identity authority by providing information about the content owner and a public key of a public/private key pair. The content owner registers content to the identity authority and signs the multiple segments of the content with the private key of the public/private key pair. A system that receives the signed content determines an indicated content owner of the received media content and communicates with the identity authority to confirm that the media content was produced by the indicated content owner. The receiving system requests the public key of the content owner from the identity authority and uses the public key to verify the signature of each media content segment. Accordingly, the receiving system is able to determine if the media content was manipulated after being distributed by the content owner.
G06F 21/10 - Protecting distributed programs or content, e.g. vending or licensing of copyrighted material
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
11.
Method to transmit messages between a device and a remoter server
In order to allow access to the Internet, and therefore to a remote server, for a device having no connection with an Internet gateway, there is provided a method to transmit a message from a first device to a remote server, the first device having no connection with the remote server, the method including detecting a second device by the first device, establishing a communication channel between the first and the second device, transferring the message from the first to the second device, the message comprising an address of the remote server, and transferring, by the second device, the message to the remote server using the remote server address contained in the message.
H04W 4/80 - Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
H04L 67/1034 - Reaction to server failures by a load balancer
H04L 51/48 - Message addressing, e.g. address format or anonymous messages, aliases
12.
SOFTWARE PROTECTION FROM ATTACKS USING SELF-DEBUGGING TECHNIQUES
In overview, methods, computer programs products and devices for securing software are provided. In accordance with the disclosure, a method may comprise attaching a debugger process to a software process. During execution of the software process, operations relevant to the functionality of the code process are carried out within the debugger process. As a result, the debugger process cannot be replaced or subverted without impinging on the functionality of the software process. The software process can therefore be protected from inspection by modified or malicious debugging techniques.
In overview, the disclosed methods, devices, and systems enable the location of the first device to be verified. In particular, second location verification data is generated using a current location of the second device is provided to a first device by a second device which can be matched with first location verification data received by the first device from a server, the first location verification data is generated using a stored location of the first device. If the first and second location verification data match, the location of the first device is considered to have been verified.
H04N 21/254 - Management at additional data server, e.g. shopping server or rights management server
H04N 21/258 - Client or end-user data management, e.g. managing client capabilities, user preferences or demographics or processing of multiple end-users preferences to derive collaborative data
H04N 21/414 - Specialised client platforms, e.g. receiver in car or embedded in a mobile appliance
H04N 21/422 - Input-only peripherals, e.g. global positioning system [GPS]
Example embodiments provide systems and methods for managing intelligent content queuing from a secondary device for content delivery to a primary device. A content queuing system on the secondary device generates and displays a playlist interface on the secondary device. A selection of a content item to be added to a playlist is received. The content queuing system determines that addition of the content item causes a live content item to overlap with an on-demand content item on the playlist. As a result, the content queuing system creates at least two segments for the on-demand content item. The live content item is positioned between the first and a second segment on the playlist. The first segment is scheduled to end at a start time of the live content item and the second segment is scheduled to begin at an ending time of the live content item.
G06F 3/0482 - Interaction with lists of selectable items, e.g. menus
H04N 21/422 - Input-only peripherals, e.g. global positioning system [GPS]
H04N 21/436 - Interfacing a local distribution network, e.g. communicating with another STB or inside the home
H04N 21/44 - Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to MPEG-4 scene graphs
H04N 21/472 - End-user interface for requesting content, additional data or services; End-user interface for interacting with content, e.g. for content reservation or setting reminders, for requesting event notification or for manipulating displayed content
H04N 21/482 - End-user interface for program selection
H04N 21/442 - Monitoring of processes or resources, e.g. detecting the failure of a recording device, monitoring the downstream bandwidth, the number of times a movie has been viewed or the storage space available from the internal hard disk
H04N 21/41 - Structure of client; Structure of client peripherals
G06F 3/0488 - Interaction techniques based on graphical user interfaces [GUI] using specific features provided by the input device, e.g. functions controlled by the rotation of a mouse with dual sensing arrangements, or of the nature of the input device, e.g. tap gestures based on pressure sensed by a digitiser using a touch-screen or digitiser, e.g. input of commands through traced gestures
15.
METHOD, RECEIVER, MOBILE DISPLAY DEVICE AND SYSTEM FOR ACCESSING MEDIA CONTENT
The disclosure generally relates to a method for accessing media content, said method being used in a receiver. The method comprises a preparation phase and a use phase. The preparation phase comprises the steps of obtaining, by said receiver, a catalog of media content items, each media content item corresponding to a media content and comprising at least an item description and an item identification data and storing said catalog of media content items in a local database in a memory of the receiver. The use phase comprises the steps of accessing, by a mobile display device, said catalog of media content items through a local communication channel; displaying at least a part of the catalog of media content items on the mobile display device; selecting, by said mobile display device, at least one media content item displayed on the mobile display device; transmitting, by said mobile display device, a request to a content provider, the request comprising the item identification data corresponding to said selected media content item and additional data allowing for the receiver to be identified, said transmission using a first remote communication channel distinct from said local communication channel; and obtaining by the receiver, the media content corresponding to the media content item identified by the identification data contained in said request.
The disclosure generally relates to a method for accessing media content, said method being used in a receiver. The method comprises a preparation phase and a use phase. The preparation phase comprises the steps of obtaining, by said receiver, a catalog of media content items, each media content item corresponding to a media content and comprising at least an item description and an item identification data and storing said catalog of media content items in a local database in a memory of the receiver. The use phase comprises the steps of accessing, by a mobile display device, said catalog of media content items through a local communication channel; displaying at least a part of the catalog of media content items on the mobile display device; selecting, by said mobile display device, at least one media content item displayed on the mobile display device; transmitting, by said mobile display device, a request to a content provider, the request comprising the item identification data corresponding to said selected media content item and additional data allowing for the receiver to be identified, said transmission using a first remote communication channel distinct from said local communication channel; and obtaining by the receiver, the media content corresponding to the media content item identified by the identification data contained in said request.
The disclosure further relates to a receiver and a mobile display device for implementing the above described method and a system comprising at least said receiver and said mobile display device.
H04N 21/41 - Structure of client; Structure of client peripherals
H04N 21/482 - End-user interface for program selection
H04N 21/472 - End-user interface for requesting content, additional data or services; End-user interface for interacting with content, e.g. for content reservation or setting reminders, for requesting event notification or for manipulating displayed content
H04L 65/612 - Network streaming of media packets for supporting one-way streaming services, e.g. Internet radio for unicast
H04N 21/462 - Content or additional data management e.g. creating a master electronic program guide from data received from the Internet and a Head-end or controlling the complexity of a video stream by scaling the resolution or bit-rate based on the client capabi
H04N 21/262 - Content or additional data distribution scheduling, e.g. sending additional data at off-peak times, updating software modules, calculating the carousel transmission frequency, delaying a video stream transmission or generating play-lists
H04N 21/436 - Interfacing a local distribution network, e.g. communicating with another STB or inside the home
H04N 21/433 - Content storage operation, e.g. storage operation in response to a pause request or caching operations
H04N 21/437 - Interfacing the upstream path of the transmission network, e.g. for transmitting client requests to a VOD server
16.
Techniques for incentivized intrusion detection system
The present disclosure relates generally to security solutions. More specifically, techniques (e.g., systems, methods, and devices) are provided to implement an incentivized-based intrusion detection system to detect malicious acts against an asset. The incentive may lure or facilitate the actor to provide information detecting malicious actions against an asset.
A method of enabling a user to access recorded data associated with an event, the method comprising determining the location of a user's device at a control unit, confirming the location is within a predetermined vicinity and that the user's device was at the location within a predetermined period and the control unit enabling access for the user to the data if the location of the user's device in the predetermined period is confirmed.
Malware detection logic executed by a secured device residing in a home network may receive a message from an unsecured device of a first unsecured network and intended for a destination device of the home network, the destination device comprising a security client. The malware detection logic may establish a secure communication channel between the malware detection logic of the secured device and the security client of the destination device. The malware detection logic may execute a validation test on the message to determine that the message includes malware. The malware detection logic may report an alarm to the security client of the destination device. The malware detection logic may transmit information related to the malware to a cloud computing server. The malware detection logic may prevent an application associated with the destination device from processing the message.
A consumable can be used to securely send data to devices. A security platform can produce a consumable, for example an ink cartridge, with data to be uploaded onto a device, such as a printer. If the consumable and device can perform a successful authentication, broadcast data can be delivered to the device via the consumable. Such techniques can help ensure that authentic consumables are being used in authentic devise. Further, such techniques can enable a licensing model where different consumables can be configured with different data to enable or disable different features of the device.
A method for managing communications within a network comprising utility meters, each associated and connected to at least one utility management center through at least one intermediate data concentrator. A message is sent by a utility meter to the destination data concentrator. This message includes metering data measurement reported by said utility meter, its utility meter identifier, the destination data concentrator identifier and the management center identifier. Then, on the basis of several metering data measurements, a metering counter differential consumption value is calculated by difference of two metering counter consumption indexes measured by the utility meter within a time period interval. Then, a report containing at least the metering counter differential consumption value is sent from the destination data concentrator towards the utility management center to which said utility meter is associated.
A device for securing a bottle's cap includes a first part; a second part mechanically connected to the first part through a mechanical connection; and a securing component including a radio frequency transponder, a first portion of the component being implemented in the first part of the device, a second portion of the component being implemented in the second part of the device, at least one portion of the component extending through the mechanical connection. The second part includes a device for fixing the device to a cap of a bottle. The mechanical connection is configured for breaking when a traction or a torsion is applied on the first part of the device versus the second part.
A method of registering or authenticating a user with a relying party is provided, the method including: receiving a request to generate a key pair, the request including key-generation data, the key-generation data including relying party information; deterministically generating, based on at least the key-generation data and a secret key stored in a memory of the authenticator, a key pair comprising a public key and a private key; either: transmitting the public key, or performing further processing using the private key; and deleting the key pair. An authenticator configured to perform the process is also provided.
H04L 9/30 - Public key, i.e. encryption algorithm being computationally infeasible to invert and users' encryption keys not requiring secrecy
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
Systems and techniques are described herein for processing media content. For example, a process can include obtaining a first media frame and a second media frame. The process can include generating, using a first change detector, a first tag indicating a change above a first change threshold has occurred in the second media frame relative to the first media frame. The process can further include generating, using a machine learning model, a second tag indicating that media content of the second media frame is associated with a particular type of media content. The process can further include determining, based the first tag and the second tag, that the media content of the second media frame is associated with the particular type of media content.
H04L 65/613 - Network streaming of media packets for supporting one-way streaming services, e.g. Internet radio for the control of the source by the destination
24.
Method and apparatus for peripheral context management
The present disclosure relates to a method and system for presenting a set of control functions via an interface of a peripheral control device (PCD). A control function can include a command associated with one or more media contexts of a host media device. The method decodes a payload, from the host media device, with an encoded context identifier, where the context identifier indicates a primary media context active on the host media device. The method determines one or more control functions corresponding to the context identifier, and changes the set of control functions on the interface of the PCD to include the one or more control functions that can command the primary media context.
H04N 21/482 - End-user interface for program selection
G06F 3/04886 - Interaction techniques based on graphical user interfaces [GUI] using specific features provided by the input device, e.g. functions controlled by the rotation of a mouse with dual sensing arrangements, or of the nature of the input device, e.g. tap gestures based on pressure sensed by a digitiser using a touch-screen or digitiser, e.g. input of commands through traced gestures by partitioning the display area of the touch-screen or the surface of the digitising tablet into independently controllable areas, e.g. virtual keyboards or menus
H04N 21/422 - Input-only peripherals, e.g. global positioning system [GPS]
H04N 21/222 - Secondary servers, e.g. proxy server or cable television Head-end
H04N 21/84 - Generation or processing of descriptive data, e.g. content descriptors
25.
Media player for receiving media content from a remote server
An embodiment of the present invention may be deployed in a system comprising a media player and a remote server operably connected to communicate with one another. The invention allows for a settings file to be stored on the remote server, the settings file comprising parameters useful for adjusting different settings on the media player such that rendering of a particular content to be made possible on the media player according to a user's predetermined taste by downloading the settings from the server onto the media player.
G06F 15/16 - Combinations of two or more digital computers each having at least an arithmetic unit, a program unit and a register, e.g. for a simultaneous processing of several programs
H04L 67/565 - Conversion or adaptation of application format or content
H04W 4/18 - Information format or content conversion, e.g. adaptation by the network of the transmitted or received information for the purpose of wireless delivery to users or terminals
A method for identifying a peripheral device from a digital content having been received by said peripheral device from a master device located at a user end is described. The master device can be connected to a server located at a back end, and the method includes receiving, by the master device from the peripheral device, at least peripheral identification data. The method also includes generating, at the master device, a first mark as a function of at least a part of the peripheral identification data, and watermarking the digital content using the first mark before transmitting the digital content to the peripheral device.
Systems and techniques are described herein for annotating media content. For example, a process can include obtaining media content and generate, use one or more machine learning models, a metadata file for at least a portion of the media content. The metadata file includes one or more metadata descriptions. The process can include generating a text description of the media content based on the one or more metadata descriptions of the metadata file. The process can include annotating the media content use the text description.
H04N 21/235 - Processing of additional data, e.g. scrambling of additional data or processing content descriptors
H04N 21/266 - Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system or merging a VOD unicast channel into a multicast channel
G06K 9/00 - Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
Aspects of the present disclosure address systems, methods, and devices for enabling secure communication between electronic control units (ECUs) in a vehicle. The system may include a first and second ECU from a plurality of ECUs in the vehicle. The first ECU is to enable secure communication between the plurality of ECUs by performing operations that include provisioning the second ECU with authentication data for authenticating messages exchanged with a third ECU and provisioning the third ECU with a set of security keys to enable the third ECU to securely exchange messages with the second ECU. The second ECU receives, from the third ECU, a secure message that is cryptographically signed using a security key from the set of security keys provisioned to the third ECU, and the second ECU authenticates the secure message by comparing the authentication data with an authentication signal.
H04W 4/40 - Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
H04L 67/12 - Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
The present invention relates to a system for rendering a content, the rendering of which is subject to conditional access security conditions. A system is described, comprising a host device and a detachable security device, the security device configured to decrypt the encrypted content, re-encrypt it under a local key and to deliver the re-encrypted content to the host device while ensuring that the host device applies or otherwise enforces any conditions associated with the rendering of the content.
A localized electronic betting system includes: a smart contract generation module and a results engine located in a same low-latency environment as the smart contract generation module, wherein: the smart contract generation module is configured to receive a first betting statement from a first user device located within the low-latency environment, to generate a smart contract based on the first betting statement, the smart contract including a criterion to be met and configured to self-execute in response to a determination that the criterion is met, and to transmit the generated smart contract to a local blockchain node located within the low-latency environment; the results engine is configured, based on content received from a results source, to determine information indicative of whether the criterion in the first betting statement is met; and the localized betting system is configured to transmit a signal to the local blockchain node for storage on a local blockchain ledger or a local copy of a blockchain ledger, the signal containing the information indicative of whether the criterion is met. An equivalent method is also provided.
In overview, the disclosed methods, devices, and systems enable the location of the first device to be verified. In particular, second location verification data is generated using a current location of the second device is provided to a first device by a second device which can be matched with first location verification data received by the first device from a server, the first location verification data is generated using a stored location of the first device. If the first and second location verification data match, the location of the first device is considered to have been verified.
H04N 21/254 - Management at additional data server, e.g. shopping server or rights management server
H04N 21/258 - Client or end-user data management, e.g. managing client capabilities, user preferences or demographics or processing of multiple end-users preferences to derive collaborative data
H04N 21/414 - Specialised client platforms, e.g. receiver in car or embedded in a mobile appliance
H04N 21/422 - Input-only peripherals, e.g. global positioning system [GPS]
The disclosed method is concerned with a computer implemented method generating code for protecting sensitive data used by the program, by partitioning the program into a plurality of blocks of code, such that each code block in the program is registered using a code index in a code register created for the program. The code index for a given code block reflects current properties including the current location of the code block, at any given time. During execution of the program at runtime by the computing device, each code block of the program is moved from a first code location in a memory to a respective second code location in the memory, such that the code block is accessible from the second code location in the memory henceforth. The code index for the moved code block is updated to indicate updated current properties, such as the new location of the code block, i.e. the second code location, after moving the code block. In addition to moving the code to the second code location that is different to the first code location; one or more references stored in the memory and that are required for the execution of the code block, i.e. which are accessed by the code block and/or are required to access the code block, are also associated with the moved code block. To enable the association, the one or more references for the code block are registered in a reference register, such that a reference index reflecting current properties for each of the one or more references is adjusted based on updated current properties of the code index of the moved code block.
G06F 21/54 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure by adding security routines or objects to programs
G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules
33.
Techniques for managing generation and rendering of user interfaces on client devices
Techniques and systems are provided for processing user interface content. For example, a server computer can receive a user interface event corresponding to a user interface of a device (e.g., a client device, another server computer, or other device). An application associated with the user interface event can be determined, and an interface model 5 can be generated using the application associated with the user interface event. The interface model defines state information for one or more graphic objects of the user interface. The state information results from the user interface event. The server computer can send the interface model to the device, which enables the device to render the user interface.
Aspects of the present disclose involve a method, a device, and a system comprising a processor and a machine-readable storage medium storing at a set of instructions for identification and authentication of user profiles associated with a digital television system and displaying information related thereto. In example embodiments, the method includes identifying a user profile registered with a content presentation device based on received identification data that includes biometric data. The method further includes receiving, from a server, identifiers of a set of recently watched channels associated with the user profile and causing presentation of a recent channels interface that includes selectable elements corresponding to the set of recently watched channels.
H04N 21/45 - Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies
H04N 21/41 - Structure of client; Structure of client peripherals
H04N 21/422 - Input-only peripherals, e.g. global positioning system [GPS]
H04N 21/25 - Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication or learning user preferences for recommending movies
H04N 21/258 - Client or end-user data management, e.g. managing client capabilities, user preferences or demographics or processing of multiple end-users preferences to derive collaborative data
H04N 21/442 - Monitoring of processes or resources, e.g. detecting the failure of a recording device, monitoring the downstream bandwidth, the number of times a movie has been viewed or the storage space available from the internal hard disk
H04N 21/466 - Learning process for intelligent management, e.g. learning user preferences for recommending movies
H04N 21/4415 - Acquiring end-user identification using biometric characteristics of the user, e.g. by voice recognition or fingerprint scanning
H04N 21/658 - Transmission by the client directed to the server
H04N 21/433 - Content storage operation, e.g. storage operation in response to a pause request or caching operations
H04N 21/458 - Scheduling content for creating a personalised stream, e.g. by combining a locally stored advertisement with an incoming stream; Updating operations, e.g. for OS modules
H04N 21/482 - End-user interface for program selection
35.
Method and system to share a snapshot extracted from a video transmission
The present invention refers to the field of television experience in particular the simultaneous use of the portable computing device and a television to share a user's experience. The present disclosure proposes a method to create a snapshot from a video transmission received by a receiver, said receiver being connected with a portable computing device and having a screen output, said method comprising the steps of receiving a video transmission by the receiver, converting by the receiver, the video transmission into a lower-bandwidth video transmission, sending the lower-bandwidth video transmission to the portable computing device, receiving from the portable computing device to the receiver, a command to execute a snapshot, producing by the receiver a snapshot from the video transmission, sending the snapshot to the portable computing device.
G06F 15/16 - Combinations of two or more digital computers each having at least an arithmetic unit, a program unit and a register, e.g. for a simultaneous processing of several programs
H04N 21/2743 - Video hosting of uploaded data from client
H04N 21/475 - End-user interface for inputting end-user data, e.g. PIN [Personal Identification Number] or preference data
H04N 21/4788 - Supplemental services, e.g. displaying phone caller identification or shopping application communicating with other users, e.g. chatting
H04N 21/433 - Content storage operation, e.g. storage operation in response to a pause request or caching operations
H04L 67/568 - Storing data temporarily at an intermediate stage, e.g. caching
H04N 21/61 - Network physical structure; Signal processing
H04N 21/8549 - Creating video summaries, e.g. movie trailer
36.
Intelligent content queuing from a secondary device
Example embodiments provide systems and methods for managing intelligent content queuing from a secondary device for content delivery to a primary device. A content queuing system on the secondary device generates and displays a playlist interface on the secondary device. A selection of a content item to be added to a playlist is received. The content queuing system determines that addition of the content item causes a live content item to overlap with an on-demand content item on the playlist. As a result, the content queuing system creates at least two segments for the on-demand content item. The live content item is positioned between the first and a second segment on the playlist. The first segment is scheduled to end at a start time of the live content item and the second segment is scheduled to begin at an ending time of the live content item.
H04N 21/482 - End-user interface for program selection
G06F 3/0482 - Interaction with lists of selectable items, e.g. menus
H04N 21/422 - Input-only peripherals, e.g. global positioning system [GPS]
H04N 21/436 - Interfacing a local distribution network, e.g. communicating with another STB or inside the home
H04N 21/44 - Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to MPEG-4 scene graphs
H04N 21/472 - End-user interface for requesting content, additional data or services; End-user interface for interacting with content, e.g. for content reservation or setting reminders, for requesting event notification or for manipulating displayed content
H04N 21/442 - Monitoring of processes or resources, e.g. detecting the failure of a recording device, monitoring the downstream bandwidth, the number of times a movie has been viewed or the storage space available from the internal hard disk
H04N 21/41 - Structure of client; Structure of client peripherals
G06F 3/0488 - Interaction techniques based on graphical user interfaces [GUI] using specific features provided by the input device, e.g. functions controlled by the rotation of a mouse with dual sensing arrangements, or of the nature of the input device, e.g. tap gestures based on pressure sensed by a digitiser using a touch-screen or digitiser, e.g. input of commands through traced gestures
a matching step to extract the biometric data from said marking area, to match them with the biometric data of the profiles stored in the database, and to assign the detected profile ID with the marking area.
transmitting the found profile ID to the application.
A chip includes a substrate having a first surface and a second surface opposite the first surface, and an integrated circuit mounted on a landing zone on the first surface of the substrate. The chip also includes contacts provided about the first surface in the peripheral region, and wire-bonds providing electrical connections between the integrated circuit and the contacts. The chip further includes solder ball connections provided in the peripheral region on the second surface, and connections provided in the substrate for connecting the electrical contacts on the first surface with the solder ball connections on the second surface. The substrate includes at least one conductive track routed through the landing zone region of the substrate, and the chip is configured such that an alteration in the at least one conductive track prevents operation of the integrated circuit.
H01L 23/538 - Arrangements for conducting electric current within the device in operation from one component to another the interconnection structure between a plurality of semiconductor chips being formed on, or in, insulating substrates
H01L 23/00 - SEMICONDUCTOR DEVICES NOT COVERED BY CLASS - Details of semiconductor or other solid state devices
H01L 23/552 - Protection against radiation, e.g. light
H01L 21/66 - Testing or measuring during manufacture or treatment
A method of transmitting entitlement messages to content consumption devices in a access control system, the method comprising periodically transmitting entitlement messages to content consumption devices in a access control system and periodically extending an expiry time comprised in the entitlement messages. The entitlement messages comprise indicator data indicating to the content consumption devices that subsequent entitlement messages loaded into a content consumption device after a first entitlement message is loaded into the content consumption device shall not be used by the content consumption device to access protected media content.
H04N 21/266 - Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system or merging a VOD unicast channel into a multicast channel
H04N 21/235 - Processing of additional data, e.g. scrambling of additional data or processing content descriptors
H04N 21/418 - External card to be used in combination with the client device, e.g. for conditional access
H04N 21/462 - Content or additional data management e.g. creating a master electronic program guide from data received from the Internet and a Head-end or controlling the complexity of a video stream by scaling the resolution or bit-rate based on the client capabi
H04N 21/633 - Control signals issued by server directed to the network components or client
H04N 21/4623 - Processing of entitlement messages, e.g. ECM [Entitlement Control Message] or EMM [Entitlement Management Message]
H04N 21/6334 - Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key
The present disclosure relates to methods and devices for testing video data being rendered at or using a media device. A plurality of video frames to be rendered is received, each frame comprising one or more primary screen objects and at least one further screen object. The received frames are rendered at or using the media device wherein the at least one further screen object is superimposed on the one or more primary screen objects of a given frame during rendering. The rendered frames are provided to a data model. Extracted metadata indicating the presence or absence of further screen objects in the rendered video frames is the output of the data model. The data model is also provided with original metadata associated with the video frames prior to rendering. The rendering of each further screen object is then tested based on the original metadata and extracted metadata relating to a given video frame. The disclosure also extends to associated methods and devices for generating training data for testing rendering of video frame and training a data model using the training data.
H04N 21/43 - Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronizing decoder's clock; Client middleware
H04N 17/04 - Diagnosis, testing or measuring for television systems or their details for receivers
The present disclosure relates to a wireless token capable of representing a user network, the token being used to automatically provision an IoT enabled device to connect to the user network. Functions required to achieve this include: authenticate the token with the user network, and responsive to said authentication, obtain and store configuration information for enabling the token to communicatively couple one or more devices at or within a defined proximity to the token, with the user network; responsive to a wireless signal received from a given device among the one or more devices, establish a temporary secure communication channel between the given device and the token; and provide the configuration information from the token to the given device using the temporary secure communication channel, wherein the configuration information enables the given device to establish a connection with and operate in the user network based on the obtained configuration information.
The present disclosure relates to the use of cryptographic techniques to facilitate local decision making at a gateway device (120) interfacing between an operator device (110) and edge devices (130), for example as can be found in Internet of Things infrastructures. Local decision making is facilitated in the context of end to end encryption of data between the edge device and operator device by enabling a function of the data to be computed at the gateway (120) without decrypting the data, for example using Functional Encryption (FE). The gateway determines an action based on the computed function, for example whether to transmit the data to the operator device (110). Examples of edge devices are video surveillance cameras or utility consumption meters but the disclosure is applicable to any edge device that produces data to be transmitted with end to end encryption. The disclosure is also not limited to IoT infrastructures.
G08B 13/196 - Actuation by interference with heat, light, or radiation of shorter wavelength; Actuation by intruding sources of heat, light, or radiation of shorter wavelength using passive radiation detection systems using image scanning and comparing systems using television cameras
H04L 29/06 - Communication control; Communication processing characterised by a protocol
A system and method of transmitting respective audio streams to a plurality of end points, such as headphones, earphones, headsets, speakers, etc. is disclosed. Different audio streams are transmitted to each of the plurality of end points. The end points may be arranged to audibly output received audio streams, and so each end point may audibly output a respective different audio stream, i.e. the respective audio streams may be mutually different from each other.
H04N 21/485 - End-user interface for client configuration
H04W 4/80 - Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
44.
Method for acquiring access rights to conditional access content
A method of acquiring access rights to conditional access content. The method comprises receiving an access right on a first terminal through a first communication channel; storing said access right in said first terminal; sending a request for said conditional access content to a content provider, said request containing at least an identifier of an account to which said first terminal is associated, an identifier of the requested content and a piece of information concerning said access right; verifying, by said content provider, the authenticity of said access right using said piece of information concerning the access right; and when there has been a successful verification, marking said access right as used, and sending said conditional access content to at least one terminal linked to said account. The first terminal using near field communication technology (NFC) during at least one transfer of said access rights.
H04W 4/80 - Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
H04N 21/6334 - Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key
H04N 21/8355 - Generation of protective data, e.g. certificates involving usage data, e.g. number of copies or viewings allowed
G06Q 20/32 - Payment architectures, schemes or protocols characterised by the use of specific devices using wireless devices
A method for managing communications within a network comprising utility meters, each associated and connected to at least one utility management center through at least one intermediate data concentrator. A message is sent by a utility meter to the destination data concentrator. This message includes metering data measurement reported by said utility meter, its utility meter identifier, the destination data concentrator identifier and the management center identifier. Then, on the basis of several metering data measurements, a metering counter differential consumption value is calculated by difference of two metering counter consumption indexes measured by the utility meter within a time period interval. Then, a report containing at least the metering counter differential consumption value is sent from the destination data concentrator towards the utility management center to which said utility meter is associated.
Methods and content consumption devices are disclosed that enable a revocation list to be securely enforced and managed, in terms of enforcing version control and providing granular control of individual capabilities, for example. Aspects also relate to enhanced enforcement control of content consumption control information more generally, for example by enforcing version control of activation messages, and/or granular management of individual capabilities.
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
Devices, servers, systems and methods for content protection are provided. Disclosed embodiments improve temporal granularity of controlling access to the protected content and increase resilience against attacks attempting to prevent re-evaluation of conditions of access. Enforcement of re-evaluation may be based on the receipt and/or verification of tokens. In some embodiments, re-evaluation is enforced by periodically rendering content keys required for content decryption unuseable and/or clearing content keys already in use.
H04N 21/2347 - Processing of video elementary streams, e.g. splicing of video streams or manipulating MPEG-4 scene graphs involving video stream encryption
H04N 21/266 - Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system or merging a VOD unicast channel into a multicast channel
H04N 21/418 - External card to be used in combination with the client device, e.g. for conditional access
H04N 21/4405 - Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to MPEG-4 scene graphs involving video stream decryption
H04N 21/4623 - Processing of entitlement messages, e.g. ECM [Entitlement Control Message] or EMM [Entitlement Management Message]
G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
H04L 9/16 - Arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms the keys or algorithms being changed during operation
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
H04N 7/167 - Systems rendering the television signal unintelligible and subsequently intelligible
48.
Method and system to detect abnormal message transactions on a network
A surveillance system connectable to a network, comprising a communication module and a management module; said system being configured to, during an initialization phase: a. intercept a first message being sent to a first device; b. intercept a second message said second message being a response from the first device to the first message; c. calculate a time interval between the interception of the first message and the second message; d. repeat the steps a. to c. to determine further time intervals; e. determine a distribution of said time intervals; f. store the distribution and during a surveillance phase, intercept a third message said message being sent to the first device; intercept a fourth message said fourth message being a response to the third message; calculate a new time interval between the interception of the third and fourth messages; and verify that the new time interval is within the distribution.
The present disclosure relates to a method and system for presenting a set of control functions via an interface of a peripheral control device (PCD). A control function can include a command associated with one or more media contexts of a host media device. The method decodes a payload, from the host media device, with an encoded context identifier, where the context identifier indicates a primary media context active on the host media device. The method determines one or more control functions corresponding to the context identifier, and changes the set of control functions on the interface of the PCD to include the one or more control functions that can command the primary media context.
H04N 21/482 - End-user interface for program selection
G06F 3/0488 - Interaction techniques based on graphical user interfaces [GUI] using specific features provided by the input device, e.g. functions controlled by the rotation of a mouse with dual sensing arrangements, or of the nature of the input device, e.g. tap gestures based on pressure sensed by a digitiser using a touch-screen or digitiser, e.g. input of commands through traced gestures
H04N 21/422 - Input-only peripherals, e.g. global positioning system [GPS]
H04N 21/222 - Secondary servers, e.g. proxy server or cable television Head-end
H04N 21/84 - Generation or processing of descriptive data, e.g. content descriptors
50.
Method and device to transfer a video stream between a host device and an electronic descrambling device
A method to transfer a video stream from a host device comprising a controller configured for bulk transfers to a descrambling device, comprises: forming a chain out transfer comprising a chain out header linked with multiple chain out descriptors, the first chain out descriptor pointing to an out description packet containing at least one producer ID, the second and subsequent chain out descriptor pointing to chunks from the video stream, the last chain out descriptor being configured to generate an interrupt; forming a chain in transfer comprising a chain in header linked with a plurality of chain in descriptors, each chain in descriptor pointing to a descrambled chunk; requesting the controller to process the chain; receiving the description packet by the descrambling device and using key data associated with the chunks to descramble them; receiving by the controller the descrambled chunks and triggering an interrupt on the last chunk.
H04N 7/167 - Systems rendering the television signal unintelligible and subsequently intelligible
H04N 21/418 - External card to be used in combination with the client device, e.g. for conditional access
H04N 21/436 - Interfacing a local distribution network, e.g. communicating with another STB or inside the home
H04N 21/4405 - Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to MPEG-4 scene graphs involving video stream decryption
H04N 21/266 - Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system or merging a VOD unicast channel into a multicast channel
H04N 21/8352 - Generation of protective data, e.g. certificates involving content or source identification data, e.g. UMID [Unique Material Identifier]
H04N 21/84 - Generation or processing of descriptive data, e.g. content descriptors
A computer implemented method for sending context information between programs, the method including: displaying a graphical user interface including a plurality of selectable application icons; receiving a simultaneous selection of a first icon and a second icon from the plurality of selectable application icons; launching a first program associated with the first icon; launching a second program associated with the second icon; and sending context information between the first program and the second program.
Malware detection logic executed by a secured device residing in a home network may receive a message from an unsecured device of a first unsecured network and intended for a destination device of the home network, the destination device comprising a security client. The malware detection logic may establish a secure communication channel between the malware detection logic of the secured device and the security client of the destination device. The malware detection logic may execute a validation test on the message to determine that the message includes malware. The malware detection logic may report an alarm to the security client of the destination device. The malware detection logic may transmit information related to the malware to a cloud computing server. The malware detection logic may prevent an application associated with the destination device from processing the message.
The present invention aims to improve data protection against illegal access by a strong differentiation of the security level specific on a type of data so that when the protection on a part of the data is violated, the remaining data are still inaccessible. A method for controlling access, via an open communication network, to user private data, comprising steps of: dividing the user private data into a plurality of categories, each category defining a privacy level of the data, encrypting the user private data of each category with a category key pertaining to the category of the data, attributing to a stakeholder an entity configured for accessing to at least one category of user private data, and authorizing the access to the at least one category of user private data for the entity of the stakeholder, by providing the stakeholder with the category keys required for decrypting the user private data of the corresponding category.
G16H 10/60 - ICT specially adapted for the handling or processing of patient-related medical or healthcare data for patient-specific data, e.g. for electronic patient records
In overview, an integrated circuit in accordance with the disclosure comprises first and second network interface processors which are separate processors and which are connected by a first unidirectional interconnect. The first unidirectional interconnect allows data transfer from the first network interface processor to the second network interface processor, while preventing data transfer in the reverse direction. The first network interface processor is for communication with a first network which may be a secure network and the second network interface processor is for communication with second network which may be a public network, for example an insecure public network. In this way, the processing of data received from each of the first and second networks is performed by separate processors and data can only be sent from the first network to the second network, thereby protecting the first network from the second network.
System and method for establishing secure conference calls. In one example system, a central conference call server establishes point-to-point connections with accessory devices comprising a secure element and connected to corresponding participant devices. The conference call server includes an interface to a plurality of secure elements configured to perform scrambling and unscrambling of media signals communicated to and from the accessory devices. In another example, one of the participant devices operates as the central conference call server. In other examples, participant devices communicate on a conference call via point-to-point connections between all accessory devices connected to the participant devices. The accessory devices include secure elements for decryption and encryption of media signals communicated between the accessory devices.
The present disclosure relates generally to security solutions. More specifically, techniques (e.g., systems, methods, and devices) are provided to implement an incentivized-based intrusion detection system to detect malicious acts against an asset. The incentive may lure or facilitate the actor to provide information detecting malicious actions against an asset.
Methods, system and devices are provided that generate a sequence of sub-keys for cryptographic operations from a main key. The main key is operated on only once to generate the sub-keys of the sequence, with a transformation comprising one or more one-way functions. The respective bit values of the sub-keys of the sequence are set using respective bit values of the one or more one-way functions. Advantageously, deriving sub-key bits from respective output bits of one or more one-way functions removes or at least reduces correlations between the main key and the sub-keys, as well as between sub-keys, making it harder or even impossible to recover the main key or other sub-keys from a single sub-key, for example as found using a side-channel attack. At the same time, by using the main key only once (rather than using the main key each time a sub-key is generated), the vulnerability of the main key to a side-channel attack is reduced, because the opportunities for recovering physical information that could lead to the discovery of the main key are reduced. Specific embodiments use parallel or chained execution of sub-functions to generate respective sub-keys. Other specific embodiments generate all sub-keys from a single one-way function in one go.
H04L 9/06 - Arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
58.
Method and apparatus to create intuitive favorites for users
Example embodiments provide systems and methods for dynamically creating intuitive favorites for a user. The system and methods include monitoring actions performed, by the user at a digital receiver, with respect to a plurality of content programs. The actions performed with respect to the plurality of content programs are analyzed. The analysis includes comparing a level of the actions with respect to a first content program of the plurality of content programs with a threshold. Based on the comparing indicating that the first content program is a favorites, an indication that the first content program is a favorites content program is stored to a data store.
H04N 21/431 - Generation of visual interfaces; Content or additional data rendering
G06F 16/78 - Retrieval characterised by using metadata, e.g. metadata not derived from the content or metadata generated manually
G06F 16/9535 - Search customisation based on user profiles and personalisation
G06F 3/0482 - Interaction with lists of selectable items, e.g. menus
H04N 21/258 - Client or end-user data management, e.g. managing client capabilities, user preferences or demographics or processing of multiple end-users preferences to derive collaborative data
H04N 21/442 - Monitoring of processes or resources, e.g. detecting the failure of a recording device, monitoring the downstream bandwidth, the number of times a movie has been viewed or the storage space available from the internal hard disk
H04N 21/45 - Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies
An integrated circuit and a method of configuring a plurality of integrated circuits are disclosed. Each integrated circuit comprises a cryptographic key specific to it. Each integrated circuit comprises a cryptographic key specific to it. Each cryptographic key can be generated on the respective integrated circuit using a physical unclonable function and data associated with the cryptographic key, e.g. a configuration message comprising instructions for generating the cryptographic key using the physical unclonable function. The cryptographic key specific to the integrated circuit is not stored on the integrated circuit. Each of the plurality of integrated circuits are configured using a data file that is encrypted with the respective cryptographic key specific to the integrated circuit, circuit.
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
A method for managing communications within a network comprising utility meters, each associated and connected to at least one utility management center through at least one intermediate data concentrator. A message is sent by a utility meter to the destination data concentrator. This message includes metering data measurement reported by said utility meter, its utility meter identifier, the destination data concentrator identifier and the management center identifier. Then, on the basis of several metering data measurements, a metering counter differential consumption value is calculated by difference of two metering counter consumption indexes measured by the utility meter within a time period interval. Then, a report containing at least the metering counter differential consumption value is sent from the destination data concentrator towards the utility management center to which said utility meter is associated.
A method for securing transmission of digital data in a communication network comprising a central station or a terminal and at least one device monitored by the central station via the communication network. The at least one device is configured to produce and to transmit a digital data stream to the central station or terminal. The at least one device further comprises a secure non-volatile memory for storing at least device specific information. The at least one device forms a data block based on at least the device specific information stored in the secure memory. The data block thus formed may compose additional data to be merged with the digital data stream produced by the at least one device. A modified digital data stream results from this merging operation and is transmitted by the at least one device to the central station or terminal.
H04N 21/8358 - Generation of protective data, e.g. certificates involving watermark
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
Example embodiments provide systems and methods for securing a deployed camera. A security apparatus is coupled to the deployed camera and accesses video content from the coupled camera. The security apparatus accesses video content from the coupled camera, splits the video content within a plurality of RTP packets, encrypts payloads of the RTP packets, embeds in a header of the encrypted RTP packets, at least two key identifications for decryption of the encrypted RTP packets, and transmits the plurality of RTP packets over a network to a video management system.
H04L 9/16 - Arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms the keys or algorithms being changed during operation
63.
Securing digital data transmission in a communication network
A method for securing transmission of digital data in a communication network comprising a central station or a terminal and at least one device monitored by the central station via the communication network. The at least one device is configured to produce and to transmit a digital data stream to the central station or terminal. The at least one device further comprises a secure non-volatile memory for storing at least device specific information. The at least one device forms a data block based on at least the device specific information stored in the secure memory. The data block thus formed may compose additional data to be merged with the digital data stream produced by the at least one device. A modified digital data stream results from this merging operation and is transmitted by the at least one device to the central station or terminal.
H04N 21/8358 - Generation of protective data, e.g. certificates involving watermark
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
A method of transmitting data to a receiver via a network includes transmitting a sequence of first data packets to the receiver via the network, each first data packet including payload data and identification data, the identification data identifying the respective first data packet, the identification data being different for each first data packet. The method also includes transmitting a corresponding second data packet for each first data packet to the receiver via the network, each second data packet including the data enabling identification of the corresponding first data packet and additional data related to the corresponding first data packet, the data enabling identification of the corresponding first data packet enabling the receiver to associate each second data packet with the corresponding first data packet.
H04L 29/06 - Communication control; Communication processing characterised by a protocol
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
A method for initiating a transmission of a program stream for delivery from a local access point to a client device, said program stream being structured as a plurality of regular segments relating to a single event. This method comprises the steps of: (a) processing at least one of the regular segments into a set of particular segments, where the at least one regular segment carries a payload of a first playback duration and the payload of said set represents a second playback duration that is greater than that of the first playback duration, and where the second playback duration is sufficient to comply with a client device requirement for initiating a rendering of the event, and (b) transmitting, during an initial period, from the local access point said set of particular segments.
H04N 7/173 - Analogue secrecy systems; Analogue subscription systems with two-way working, e.g. subscriber sending a programme selection signal
H04N 21/2343 - Processing of video elementary streams, e.g. splicing of video streams or manipulating MPEG-4 scene graphs involving reformatting operations of video signals for distribution or compliance with end-user requests or end-user device requirements
H04L 29/06 - Communication control; Communication processing characterised by a protocol
H04N 21/845 - Structuring of content, e.g. decomposing content into time segments
H04N 21/236 - Assembling of a multiplex stream, e.g. transport stream, by combining a video stream with other content or additional data, e.g. inserting a URL [Uniform Resource Locator ] into a video stream, multiplexing software data into a video stream; Remultiplexing of multiplex streams; Insertion of stuffing bits into the multiplex stream, e.g. to obtain a constant bit-rate; Assembling of a packetised elementary stream
66.
Method for detecting at least one glitch in an electrical signal and device for implementing this method
A method for detecting at least one glitch in an electrical signal. This method comprises: generating, from said electrical signal, at least one digital oscillating signal which is sensitive to glitches; and—performing the following steps as a repeatable round: (a) assigning a time window to at least one digital oscillating signal; said time window being implemented on the basis of a clock signal substantially insensitive to said at least one glitch to be detected; (b) determining from said time window a sampling value of the digital oscillating signal, said sampling value being characteristic of said digital oscillating signal throughout its time window; (c) detecting any potential glitch in said electrical signal by comparing said sampling value with an expected reference value; and (d) outputting a response typifying a result of the comparison step. Also, a device for implementing said method is described.
G06F 1/08 - Clock generators with changeable or programmable clock frequency
G06F 21/72 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
G06F 21/75 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by inhibiting the analysis of circuitry or operation, e.g. to counteract reverse engineering
67.
Method and system for searching for at least a specific datum in a user unit
A system and method for searching for a specific datum among data stored in a permanent memory of a user unit linked to a central authority, comprising: receiving in the user unit, a processing key derived, in said central authority, using a key derivation function applied on a secret piece of information, said key derivation function being a first iterative one-way function; storing said processing key in a temporary memory of the user unit; receiving from said central authority the specific datum converted by a second one-way function using said processing key; in the user unit, converting at least a part of the data stored in the permanent memory using said second one-way function and said processing key; comparing said converted specific datum received from the central authority with the converted data from the permanent memory, thereby providing a search result; and deleting said processing key from the temporary memory.
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
68.
Media player for receiving media content from a remote server
An embodiment of the present invention may be deployed in a system comprising a media player and a remote server operably connected to communicate with one another. The invention allows for a settings file to be stored on the remote server, the settings file comprising parameters useful for adjusting different settings on the media player such that rendering of a particular content to be made possible on the media player according to a user's predetermined taste by downloading the settings from the server onto the media player.
G06F 15/16 - Combinations of two or more digital computers each having at least an arithmetic unit, a program unit and a register, e.g. for a simultaneous processing of several programs
H04L 29/08 - Transmission control procedure, e.g. data link level control procedure
H04W 4/18 - Information format or content conversion, e.g. adaptation by the network of the transmitted or received information for the purpose of wireless delivery to users or terminals
H04L 29/06 - Communication control; Communication processing characterised by a protocol
The generation of hash values become popular with the storage of pin code by an authentication server, since the authentication server knows only the result of the hash function and not the pin code itself. Each time an authentication is requested, a hash function is executed on the received pin code and then compared with the stored reference hash value of the initial pin code. In order to improve the security of the hash value, it is proposed a method to produce a secure hash value (R) from a plaintext (P), said method comprising: —producing a first result (H) using an hash function of the plaintext (P), —obtaining an initial floating value (U0) by converting the first result (H) into a floating number representation of the first value (H), —updating a floating value (Un) by executing at least once a Transcendental function (TF) on the initial floating value (Un−1), —obtaining the secure hash value (R) by mixing the first result (H) with the updated floating value (Un).
H04L 9/06 - Arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
G06F 7/544 - Methods or arrangements for performing computations using exclusively denominational number representation, e.g. using binary, ternary, decimal representation using unspecified devices for evaluating functions by calculation
A method of enabling a user to access recorded data associated with an event, the method comprising determining the location of a user's device at a control unit, confirming the location is within a predetermined vicinity and that the user's device was at the location within a predetermined period and the control unit enabling access for the user to the data if the location of the user's device in the predetermined period is confirmed.
The present invention relates to the domain of control of access to audiovisual content transmitted to a receiver, in particular control based on the localization of the receiver.
verification, by the verification means, that the current localization is included in said area, and if so, transmission of an authorization message for the reception of the audiovisual content to the security means relative to the receiver.
H04N 21/258 - Client or end-user data management, e.g. managing client capabilities, user preferences or demographics or processing of multiple end-users preferences to derive collaborative data
H04N 21/266 - Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system or merging a VOD unicast channel into a multicast channel
H04N 21/414 - Specialised client platforms, e.g. receiver in car or embedded in a mobile appliance
H04N 21/422 - Input-only peripherals, e.g. global positioning system [GPS]
H04N 21/45 - Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies
A method for managing communications within a network comprising utility meters, each associated and connected to at least one utility management center through at least one intermediate data concentrator. A message is sent by a utility meter to the destination data concentrator. This message includes metering data measurement reported by said utility meter, its utility meter identifier, the destination data concentrator identifier and the management center identifier. Then, on the basis of several metering data measurements, a metering counter differential consumption value is calculated by difference of two metering counter consumption indexes measured by the utility meter within a time period interval. Then, a report containing at least the metering counter differential consumption value is sent from the destination data concentrator towards the utility management center to which said utility meter is associated.
A method of transmitting entitlement messages to content consumption devices in a access control system, the method comprising periodically transmitting entitlement messages to content consumption devices in a access control system and periodically extending an expiry time comprised in the entitlement messages. The entitlement messages comprise indicator data indicating to the content consumption devices that subsequent entitlement messages loaded into a content consumption device after a first entitlement message is loaded into the content consumption device shall not be used by the content consumption device to access protected media content.
H04N 21/266 - Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system or merging a VOD unicast channel into a multicast channel
H04N 21/235 - Processing of additional data, e.g. scrambling of additional data or processing content descriptors
H04N 21/418 - External card to be used in combination with the client device, e.g. for conditional access
H04N 21/462 - Content or additional data management e.g. creating a master electronic program guide from data received from the Internet and a Head-end or controlling the complexity of a video stream by scaling the resolution or bit-rate based on the client capabi
H04N 21/633 - Control signals issued by server directed to the network components or client
H04N 21/4623 - Processing of entitlement messages, e.g. ECM [Entitlement Control Message] or EMM [Entitlement Management Message]
H04N 21/6334 - Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key
A method of scanning a plurality of ports at one or more target IP addresses is disclosed. Each of the plurality of ports corresponds to a port number at one of the one or more target IP addresses, for example an IPv4 or IPv6 address. The method comprises assigning each port to one of a plurality of sets of ports and executing a plurality of port scanning processes at the same time on a common source machine (virtual or physical). Each port scanning process sends port probe requests to the ports of a respective set of the plurality of sets from a different respective source IP addresses. Thus, a different respective source IP address is associated with each set of the plurality of sets of ports, different from the source IP addresses associated with the remaining sets, and each set of target IP addresses receives probe requests from a different respective source IP address. The sets may be aligned with target addresses or may spread several target addresses or only part of the ports of a target address. For example, one or more of the plurality of port scanning processes may send port probe requests to more than one target IP address and/or two or more of the plurality of port scanning processes may send port probe requests to the same target IP address.
A method (1) of and a device for rendering content data of a content data stream. From content data identified in the content data stream, a level of toxicity is determined (4). The level of toxicity represents a measure of authenticity of the received content data stream. Content data of the received content data stream is rendered (6) based on an aggregated level of toxicity.
H04N 21/25 - Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication or learning user preferences for recommending movies
H04N 21/8358 - Generation of protective data, e.g. certificates involving watermark
H04N 21/254 - Management at additional data server, e.g. shopping server or rights management server
Example embodiments provide systems and methods for dynamically creating intuitive favorites for a user. The system and methods include monitoring actions performed, by the user at a digital receiver, with respect to a plurality of content programs. The actions performed with respect to the plurality of content programs are analyzed. The analysis includes comparing a level of the actions with respect to a first content program of the plurality of content programs with a threshold. Based on the comparing indicating that the first content program is a favorites, an indication that the first content program is a favorites content program is stored to a data store.
H04N 21/431 - Generation of visual interfaces; Content or additional data rendering
G06F 16/78 - Retrieval characterised by using metadata, e.g. metadata not derived from the content or metadata generated manually
G06F 16/9535 - Search customisation based on user profiles and personalisation
G06F 3/0482 - Interaction with lists of selectable items, e.g. menus
H04N 21/258 - Client or end-user data management, e.g. managing client capabilities, user preferences or demographics or processing of multiple end-users preferences to derive collaborative data
H04N 21/442 - Monitoring of processes or resources, e.g. detecting the failure of a recording device, monitoring the downstream bandwidth, the number of times a movie has been viewed or the storage space available from the internal hard disk
H04N 21/45 - Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies
Content source and sink devices and methods help to guard against compromising security of content transferred from a source device to a sink device, for example where a primary encryption mechanism protecting the content has been compromised. A content source device is configured to connect to a content sink device to transmit digital media content to the content sink device. The content source device includes a connection module configured to establish a connection to the sink device, encrypt a digital media content for transmission across the connection with a first cipher using a connection key, and transmit the encrypted digital media content to the sink device over the connection. The content source also includes a protection module configured to prevent the sink device from using the digital media content without authorisation. The protection module receives a digital certificate identifying the sink device, verifies the digital certificate, and determines if the digital certificate identifies a sink device authorised to receive digital media content over the connection. If the determination is positive, the protection module enables the sink device to use the digital media content.
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
H04N 21/4408 - Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to MPEG-4 scene graphs involving video stream encryption, e.g. re-encrypting a decrypted video stream for redistribution in a home network
A system and a method for monitoring the integrity of code are provided. Dummy code is provided in an on demand decryption area of an object file while runtime code is provided elsewhere (and may be in the same object file or another object file). A compensation area is also provided which is initially blank. During execution, checksums can be calculated based on the result of an exclusive or (XOR) operation between contents of the on demand code decryption area and a compensation area such as a compensation area. As the runtime code populates the on demand code decryption area with the runtime code (potentially with the exception of areas masked to maintain integrity of relocation instructions allowed to remain in the dummy code) the compensation area is populated with the result of an XOR operation between the dummy code and the runtime code. As a result, the checksums will be the same throughout execution as long as integrity of the code has not been compromised.
G06F 12/14 - Protection against unauthorised use of memory
G06F 21/64 - Protecting data integrity, e.g. using checksums, certificates or signatures
G06F 21/14 - Protecting executable software against software analysis or reverse engineering, e.g. by obfuscation
G06F 21/51 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
G06F 21/54 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure by adding security routines or objects to programs
A smart device capable of switching between at least two applications based on the position of the smart device and a method of doing the same is provided.
G06K 7/08 - Methods or arrangements for sensing record carriers by means detecting the change of an electrostatic or magnetic field, e.g. by detecting change of capacitance between electrodes
G06K 19/06 - Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
G06F 3/01 - Input arrangements or combined input and output arrangements for interaction between user and computer
G09G 3/36 - Control arrangements or circuits, of interest only in connection with visual indicators other than cathode-ray tubes for presentation of an assembly of a number of characters, e.g. a page, by composing the assembly by combination of individual elements arranged in a matrix by control of light from an independent source using liquid crystals
G06F 3/044 - Digitisers, e.g. for touch screens or touch pads, characterised by the transducing means by capacitive means
G06F 3/045 - Digitisers, e.g. for touch screens or touch pads, characterised by the transducing means using resistive elements, e.g. a single continuous surface or two parallel surfaces put in contact
G06F 3/0488 - Interaction techniques based on graphical user interfaces [GUI] using specific features provided by the input device, e.g. functions controlled by the rotation of a mouse with dual sensing arrangements, or of the nature of the input device, e.g. tap gestures based on pressure sensed by a digitiser using a touch-screen or digitiser, e.g. input of commands through traced gestures
G06F 3/0484 - Interaction techniques based on graphical user interfaces [GUI] for the control of specific functions or operations, e.g. selecting or manipulating an object, an image or a displayed text element, setting a parameter value or selecting a range
G06F 3/0482 - Interaction with lists of selectable items, e.g. menus
G06F 3/0487 - Interaction techniques based on graphical user interfaces [GUI] using specific features provided by the input device, e.g. functions controlled by the rotation of a mouse with dual sensing arrangements, or of the nature of the input device, e.g. tap gestures based on pressure sensed by a digitiser
G06F 1/16 - Constructional details or arrangements
G06F 3/0346 - Pointing devices displaced or positioned by the user; Accessories therefor with detection of the device orientation or free movement in a 3D space, e.g. 3D mice, 6-DOF [six degrees of freedom] pointers using gyroscopes, accelerometers or tilt-sensors
80.
Method for acquiring access rights to conditional access content
A method of acquiring access rights to conditional access content. The method comprises receiving an access right on a first terminal through a first communication channel; storing said access right in said first terminal; sending a request for said conditional access content to a content provider, said request containing at least an identifier of an account to which said first terminal is associated, an identifier of the requested content and a piece of information concerning said access right; verifying, by said content provider, the authenticity of said access right using said piece of information concerning the access right; and when there has been a successful verification, marking said access right as used, and sending said conditional access content to at least one terminal linked to said account. The first terminal using near field communication technology (NFC) during at least one transfer of said access rights.
H04W 4/80 - Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
H04N 21/6334 - Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key
H04N 21/8355 - Generation of protective data, e.g. certificates involving usage data, e.g. number of copies or viewings allowed
G06Q 20/32 - Payment architectures, schemes or protocols characterised by the use of specific devices using wireless devices
G06Q 30/06 - Buying, selling or leasing transactions
H04B 5/00 - Near-field transmission systems, e.g. inductive loop type
Aspects of the present disclose involve a method, a device, and a system comprising a processor and a machine-readable storage medium storing at a set of instructions for identification and authentication of user profiles associated with a digital television system and displaying information related thereto. In example embodiments, the method includes identifying a user profile registered with a content presentation device based on received identification data that includes biometric data. The method further includes receiving, from a server, identifiers of a set of recently watched channels associated with the user profile and causing presentation of a recent channels interface that includes selectable elements corresponding to the set of recently watched channels.
H04N 21/45 - Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies
H04N 21/41 - Structure of client; Structure of client peripherals
H04N 21/422 - Input-only peripherals, e.g. global positioning system [GPS]
H04N 21/25 - Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication or learning user preferences for recommending movies
H04N 21/258 - Client or end-user data management, e.g. managing client capabilities, user preferences or demographics or processing of multiple end-users preferences to derive collaborative data
H04N 21/442 - Monitoring of processes or resources, e.g. detecting the failure of a recording device, monitoring the downstream bandwidth, the number of times a movie has been viewed or the storage space available from the internal hard disk
H04N 21/466 - Learning process for intelligent management, e.g. learning user preferences for recommending movies
H04N 21/4415 - Acquiring end-user identification using biometric characteristics of the user, e.g. by voice recognition or fingerprint scanning
H04N 21/658 - Transmission by the client directed to the server
H04N 21/433 - Content storage operation, e.g. storage operation in response to a pause request or caching operations
H04N 21/458 - Scheduling content for creating a personalised stream, e.g. by combining a locally stored advertisement with an incoming stream; Updating operations, e.g. for OS modules
H04N 21/482 - End-user interface for program selection
82.
Methods, devices and system for generating a watermarked stream
A device (40) for generating a watermarked stream (39), comprising: at least one input interface (41) configured to receive encrypted control messages (20) and conditional access streams (30) including a main stream (33) and protected watermarking data streams (35) from which a watermarking information (38) can be embedded in said watermarked stream (39); a security module (43) configured to process said control messages (20) and to control access to said conditional access streams (30); a descrambler (45) configured to remove protection applied on at least some of said conditional access streams (30); a watermarking unit (47) configured to generate the watermarked stream (39) from said conditional access streams (30) by selectively processing said watermarking data streams (35) depending on access data (AC, AR) included in some of said control messages (20).
H04N 21/2389 - Multiplex stream processing, e.g. multiplex stream encrypting
H04N 21/236 - Assembling of a multiplex stream, e.g. transport stream, by combining a video stream with other content or additional data, e.g. inserting a URL [Uniform Resource Locator ] into a video stream, multiplexing software data into a video stream; Remultiplexing of multiplex streams; Insertion of stuffing bits into the multiplex stream, e.g. to obtain a constant bit-rate; Assembling of a packetised elementary stream
H04N 21/44 - Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to MPEG-4 scene graphs
H04N 21/4623 - Processing of entitlement messages, e.g. ECM [Entitlement Control Message] or EMM [Entitlement Management Message]
H04N 21/266 - Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system or merging a VOD unicast channel into a multicast channel
H04N 21/8358 - Generation of protective data, e.g. certificates involving watermark
H04N 21/845 - Structuring of content, e.g. decomposing content into time segments
83.
Active shield for detecting an intrusion on an integrated circuit
A method and a device for detecting an attack on an integrated circuit. Attacks which are detectable using an active shield as described herein include physical and electrical contacting using a probe and modification of interconnect routing, including modification through the use of focused ion beam technology.
A method to protect a device key in a device comprising at least one secure element locally connected to at least one time programmable memory storing a global value in form of a bit string comprising locked bits and unlocked bits. The locked bits are irreversibly pre-programmed in the one-time-programmable memory during an initialization phase of the device while the un-locked bits remaining in an initial state may be programmable by the secure element. The secure element is configured to generate, at initialization of the device, a device specific value by using the global value, program the device specific value previously obtained in the one time programmable memory, and erase the global value by programming the unlocked bits of the corresponding bit string. A further object of the disclosure includes a device configured to carry out the method.
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
H04L 9/00 - Arrangements for secret or secure communications; Network security protocols
H04L 9/06 - Arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
The disclosure generally relates to a method for accessing media content, said method being used in a receiver (10). The method comprises a preparation phase and a use phase. The preparation phase comprises the steps of obtaining, by said receiver (10), a catalog of media content items, each media content item corresponding to a media content and comprising at least an item description and an item identification data and storing said catalog of media content items in a local database in a memory (13) of the receiver (10). The use phase comprises the steps of accessing, by a mobile display device (11), said catalog of media content items through a local communication channel (16); displaying at least a part of the catalog of media content items on the mobile display device (11); selecting, by said mobile display device (11), at least one media content item displayed on the mobile display device; transmitting, by said mobile display device (11), a request to a content provider (12), the request comprising the item identification data corresponding to said selected media content item and additional data allowing for the receiver (10) to be identified, said transmission using a first remote communication channel (17) distinct from said local communication channel (16); and obtaining by the receiver (10), the media content corresponding to the media content item identified by the identification data contained in said request. The disclosure further relates to a receiver (10) and a mobile display device (11) for implementing the above described method and a system comprising at least said receiver and said mobile display device.
H04N 21/41 - Structure of client; Structure of client peripherals
H04N 21/262 - Content or additional data distribution scheduling, e.g. sending additional data at off-peak times, updating software modules, calculating the carousel transmission frequency, delaying a video stream transmission or generating play-lists
H04N 21/433 - Content storage operation, e.g. storage operation in response to a pause request or caching operations
H04N 21/437 - Interfacing the upstream path of the transmission network, e.g. for transmitting client requests to a VOD server
H04N 21/462 - Content or additional data management e.g. creating a master electronic program guide from data received from the Internet and a Head-end or controlling the complexity of a video stream by scaling the resolution or bit-rate based on the client capabi
H04N 21/472 - End-user interface for requesting content, additional data or services; End-user interface for interacting with content, e.g. for content reservation or setting reminders, for requesting event notification or for manipulating displayed content
H04N 21/482 - End-user interface for program selection
H04L 65/612 - Network streaming of media packets for supporting one-way streaming services, e.g. Internet radio for unicast
H04N 21/436 - Interfacing a local distribution network, e.g. communicating with another STB or inside the home
Malware detection logic executed by a secured device residing in a home network may receive a message from an unsecured device of a first unsecured network and intended for a destination device of the home network, the destination device comprising a security client. The malware detection logic may establish a secure communication channel between the malware detection logic of the secured device and the security client of the destination device. The malware detection logic may execute a validation test on the message to determine that the message includes malware. The malware detection logic may report an alarm to the security client of the destination device. The malware detection logic may transmit information related to the malware to a cloud computing server. The malware detection logic may prevent an application associated with the destination device from processing the message.
Aspects of the present disclosure address systems, methods, and devices for enabling secure communication between electronic control units (ECUs) in a vehicle. The system may include a first and second ECU from a plurality of ECUs in the vehicle. The first ECU is to enable secure communication between the plurality of ECUs by performing operations that include provisioning the second ECU with authentication data for authenticating messages exchanged with a third ECU and provisioning the third ECU with a set of security keys to enable the third ECU to securely exchange messages with the second ECU. The second ECU receives, from the third ECU, a secure message that is cryptographically signed using a security key from the set of security keys provisioned to the third ECU, and the second ECU authenticates the secure message by comparing the authentication data with an authentication signal.
H04W 4/40 - Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
H04L 29/08 - Transmission control procedure, e.g. data link level control procedure
G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
A system for rendering a content, the rendering of which is subject to conditional access security conditions. The system includes a host device and a detachable security device, the security device configured to decrypt the encrypted content, re-encrypt it under a local key and to deliver the re-encrypted content to the host device while ensuring that the host device applies or otherwise enforces any conditions associated with the rendering of the content.
A method of monitoring execution in an execution environment of an operation, for example a cryptographic operation, comprising a sequence of instructions, is disclosed. Instructions sent in the sequence from a main processor to one or more auxiliary processors, for example cryptographic processors, to execute the operation are monitored and the sequence of instructions is verified using verification information. The method comprises enabling output from the execution environment of a result of the operation in response to a successful verification of the sequence, or generating a verification failure signal in response to a failed verification of the sequence.
G06F 9/38 - Concurrent instruction execution, e.g. pipeline, look ahead
G06F 21/55 - Detecting local intrusion or implementing counter-measures
G06F 21/72 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
G06F 30/327 - Logic synthesis; Behaviour synthesis, e.g. mapping logic, HDL to netlist, high-level language to RTL or netlist
G06F 11/28 - Error detection; Error correction; Monitoring by checking the correct order of processing
90.
Securing digital data transmission in a communication network
A method for securing transmission of digital data in a communication network comprising a central station or a terminal and at least one device monitored by the central station via the communication network. The at least one device is configured to produce and to transmit a digital data stream to the central station or terminal. The at least one device further comprises a secure non-volatile memory for storing at least device specific information. The at least one device forms a data block based on at least the device specific information stored in the secure memory. The data block thus formed may compose additional data to be merged with the digital data stream produced by the at least one device. A modified digital data stream results from this merging operation and is transmitted by the at least one device to the central station or terminal.
H04L 29/06 - Communication control; Communication processing characterised by a protocol
H04N 21/8358 - Generation of protective data, e.g. certificates involving watermark
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
A content handling device comprises a plurality of content transformation modules that can define one or more paths from a content source module to a content sink module. The content is associated with one or more usage rules requiring one or more transformations to be applied to the content. To enforce usage rules, each content transformation module is configured to receive the content, apply a transformation to the content in accordance with the usage rules and apply a tagging operation corresponding to the transformation to the content. In some embodiments output of the content by the content sink module is prevented if all tagging operations corresponding to the usage rules have not been applied. While in some embodiments usage rule tags corresponding to the usage rules are embedded locally at the content handling device, the disclosure also extends to a content distribution system with a usage rule tag embedding functionality.
H04N 21/4402 - Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to MPEG-4 scene graphs involving reformatting operations of video signals for household redistribution, storage or real-time display
H04N 21/41 - Structure of client; Structure of client peripherals
H04N 21/4405 - Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to MPEG-4 scene graphs involving video stream decryption
H04N 21/4623 - Processing of entitlement messages, e.g. ECM [Entitlement Control Message] or EMM [Entitlement Management Message]
A computer implemented method for sending context information between programs, the method including: displaying a graphical user interface including a plurality of selectable application icons; receiving a simultaneous selection of a first icon and a second icon from the plurality of selectable application icons; launching a first program associated with the first icon; launching a second program associated with the second icon; and sending context information between the first program and the second program.
A utility meter and method for metering consumption of at least one utility including: a metering unit, a communication unit for sending/receiving messages to/from a management center, a memory to store a unique identifier pertaining to the utility meter and a first key, an encryption unit for encrypting the utility consumption as a first cryptogram, a message generator for generating a utility message containing the first cryptogram, a key generator for generating a payload key to be used by the encryption unit for encrypting the utility consumption, a second cryptogram generated by the encryption unit by encrypting the payload key with the first key, the second cryptogram being intended to be included, by the message generator, at least once into the utility message to be sent to the remote management center.
H04L 29/06 - Communication control; Communication processing characterised by a protocol
H04L 9/30 - Public key, i.e. encryption algorithm being computationally infeasible to invert and users' encryption keys not requiring secrecy
H04Q 9/00 - Arrangements in telecontrol or telemetry systems for selectively calling a substation from a main station, in which substation desired apparatus is selected for applying a control signal thereto or for obtaining measured values therefrom
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
H04L 9/06 - Arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
H04L 9/14 - Arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
A method to control the display of content on a screen connected to a processing platform, the content including access conditions, and the method including acquiring an image within a sensitive area, the sensitive area being an area within which content displayed on the screen would be within the field of view of an observer placed thereat, detecting a number of potential observers within the sensitive area, acquiring a number of credentials from the detected observers within the sensitive area, if the number of credentials is below the number of detected observers, disabling the display of the content, if the number of credentials equal the number of detected observers, comparing each credential with the access conditions and if all credentials match the access conditions, enabling display of the content.
H04N 21/454 - Content filtering, e.g. blocking advertisements
H04N 21/442 - Monitoring of processes or resources, e.g. detecting the failure of a recording device, monitoring the downstream bandwidth, the number of times a movie has been viewed or the storage space available from the internal hard disk
An integrated circuit device is disclosed, the device comprising a protective layer and a protected circuit on a substrate, the protective layer being configured to protect the protected circuit by absorbing laser radiation targeted at the protected circuit through the substrate. The device may be configured such that removal of the protective layer causes physical damage that disables the protected circuit. The device may comprise intermediate circuitry protruding into the substrate between the protective layer and the protected circuit, wherein the physical damage that disables the protected circuit is physical damage to the intermediate circuitry. The device may comprise detection circuitry configured to detect a change in an electrical property of the device indicative of removal of the protective layer, and, in response to detecting the change in the electrical property, cause the protected circuit to be disabled.
A method, system, device, and/or a non-transitory computer readable medium to provide a customized application associated with a television experience based on the recognition of users located in front of a television display and in the field of view of a camera. The method may include performing an initializing operation, the initializing operation including enrolling a plurality of users in a database of a computer system, acquiring a wide image using the camera and scanning the wide image for biometric information; and performing an identification operation requested by the application including, acquiring a second wide image with the camera, extracting an active area from the second wide image, storing the extracted active area as a second fast scanning area image, and extracting the biometric data of a face appearing in the second fast scanning area image.
G06K 9/72 - Methods or arrangements for recognition using electronic means using context analysis based on the provisionally recognised identity of a number of successive patterns, e.g. a word
G06K 9/32 - Aligning or centering of the image pick-up or image-field
97.
Intelligent content queuing from a secondary device
Example embodiments provide systems and methods for managing intelligent content queuing from a secondary device for content delivery to a primary device. A content queuing system on the secondary device generates and displays a playlist interface on the secondary device. A selection of a content item to be added to a playlist is received. The content queuing system determines that addition of the content item causes a live content item to overlap with an on-demand content item on the playlist. As a result, the content queuing system creates at least two segments for the on-demand content item. The live content item is positioned between the first and a second segment on the playlist. The first segment is scheduled to end at a start time of the live content item and the second segment is scheduled to begin at an ending time of the live content item.
H04N 21/482 - End-user interface for program selection
G06F 3/0482 - Interaction with lists of selectable items, e.g. menus
H04N 21/41 - Structure of client; Structure of client peripherals
H04N 21/422 - Input-only peripherals, e.g. global positioning system [GPS]
H04N 21/436 - Interfacing a local distribution network, e.g. communicating with another STB or inside the home
H04N 21/44 - Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to MPEG-4 scene graphs
H04N 21/442 - Monitoring of processes or resources, e.g. detecting the failure of a recording device, monitoring the downstream bandwidth, the number of times a movie has been viewed or the storage space available from the internal hard disk
H04N 21/472 - End-user interface for requesting content, additional data or services; End-user interface for interacting with content, e.g. for content reservation or setting reminders, for requesting event notification or for manipulating displayed content
G06F 3/0488 - Interaction techniques based on graphical user interfaces [GUI] using specific features provided by the input device, e.g. functions controlled by the rotation of a mouse with dual sensing arrangements, or of the nature of the input device, e.g. tap gestures based on pressure sensed by a digitiser using a touch-screen or digitiser, e.g. input of commands through traced gestures
98.
Method and system to detect abnormal message transactions on a network
A surveillance system connectable to a network, comprising a communication module and a management module; said system being configured to, during an initialization phase: a. intercept a first message being sent to a first device; b. intercept a second message said second message being a response from the first device to the first message; c. calculate a time interval between the interception of the first message and the second message; d. repeat the steps a. to c. to determine further time intervals; e. determine a distribution of said time intervals; f. store the distribution and during a surveillance phase, intercept a third message said message being sent to the first device; intercept a fourth message said fourth message being a response to the third message; calculate a new time interval between the interception of the third and fourth messages; and verify that the new time interval is within the distribution.
Devices, servers, systems and methods for content protection are provided. Disclosed embodiments improve temporal granularity of controlling access to the protected content and increase resilience against attacks attempting to prevent re-evaluation of conditions of access. Enforcement of re-evaluation may be based on the receipt and/or verification of tokens. In some embodiments, re-evaluation is enforced by periodically rendering content keys required for content decryption unuseable and/or clearing content keys already in use.
H04N 21/2347 - Processing of video elementary streams, e.g. splicing of video streams or manipulating MPEG-4 scene graphs involving video stream encryption
H04N 21/266 - Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system or merging a VOD unicast channel into a multicast channel
H04N 21/418 - External card to be used in combination with the client device, e.g. for conditional access
H04N 21/4405 - Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to MPEG-4 scene graphs involving video stream decryption
H04N 21/4623 - Processing of entitlement messages, e.g. ECM [Entitlement Control Message] or EMM [Entitlement Management Message]
G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
H04L 9/16 - Arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms the keys or algorithms being changed during operation
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
H04N 7/167 - Systems rendering the television signal unintelligible and subsequently intelligible
The disclosure provide methods and content consumption devices that enable a scene, for example a 360° scene, that is larger (i.e. has more pixels in at least one dimension) than a display format of the content consumption device to be displayed. Constituent scene views are received individually by the content consumption device, for example as broadcasts, and are combined, for example stitched together, at the content consumption device to output a part of the scene that fits in the display format. The part of the scene (and hence the required constituent streams) to be displayed are determined by a signal, for example a navigational input from a user, enabling the user to navigate in the scene.
H04N 5/232 - Devices for controlling television cameras, e.g. remote control
H04N 21/44 - Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to MPEG-4 scene graphs
H04N 21/4728 - End-user interface for requesting content, additional data or services; End-user interface for interacting with content, e.g. for content reservation or setting reminders, for requesting event notification or for manipulating displayed content for selecting a ROI [Region Of Interest], e.g. for requesting a higher resolution version of a selected region
G06T 3/00 - Geometric image transformation in the plane of the image
G06T 3/40 - Scaling of a whole image or part thereof
H04N 21/434 - Disassembling of a multiplex stream, e.g. demultiplexing audio and video streams or extraction of additional data from a video stream; Remultiplexing of multiplex streams; Extraction or processing of SI; Disassembling of packetised elementary stream
H04N 21/2368 - Multiplexing of audio and video streams