专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20120257749A1 METHOD AND PROCESSING UNIT FOR SECURE PROCESSING OF ACCESS CONTROLLED AUDIO/VIDEO DATA 有权
标题翻译：用于安全访问控制音频/视频数据的方法和处理单元
公开(公告)号：US20120257749A1
公开(公告)日：2012-10-11
申请号：US13524756
申请日：2012-06-15
申请人： Fabien GREMAUD , Olivier Brique
发明人： Fabien GREMAUD , Olivier Brique
IPC分类号： H04N7/167
CPC分类号： H04N21/4181 , H04N7/1675 , H04N21/4405 , H04N21/4623
摘要： A method for verifying access conditions performed by two conditional access devices consecutively on a control message before releasing a control word to a descrambler. The control message includes a first part including first access conditions and a second part structured as a control message including at least second access conditions and a control word. A first conditional access device is configured for decrypting the control message with a common key specific to units having a first conditional access device and verifying the authenticity of said message. When the verification succeeds, the second part and a second right is transmitted to a second conditional access device, which decrypts the second part with a common key specific to units having a second conditional access device and verifies the authenticity of said second part and the second access conditions in relation to the second right encrypted by a personal key embedded therein.
摘要翻译：一种用于在将控制字释放到解扰器之前对控制消息连续地验证由两个条件访问设备执行的访问条件的方法。控制消息包括包括第一访问条件的第一部分和被构造为包括至少第二访问条件和控制字的控制消息的第二部分。第一条件访问设备被配置为用具有第一条件访问设备的单元特有的公共密钥来解密控制消息并且验证所述消息的真实性。当验证成功时，第二部分和第二权利被传送到第二条件访问设备，第二条件访问设备用具有第二条件访问设备的单元特有的公共密钥对第二部分进行解密，并且验证所述第二部分的真实性，通过嵌入其中的个人密钥加密的与第二权限相关的访问条件。

2. 发明申请

US20130101120A1 METHOD FOR SECURE DATA EXCHANGE BETWEEN TWO DEVICES 审中-公开
标题翻译：用于保护两个设备之间的数据交换的方法
公开(公告)号：US20130101120A1
公开(公告)日：2013-04-25
申请号：US13716879
申请日：2012-12-17
申请人： Olivier BRIQUE , Christophe Nicolas , Marco Sasselli
发明人： Olivier BRIQUE , Christophe Nicolas , Marco Sasselli
IPC分类号： H04L9/08
CPC分类号： H04L9/0869 , G06F21/445 , G06F21/602 , G06F21/606 , G06F21/72 , G06F2221/0753 , G06F2221/0755 , G06F2221/2129 , G06F2221/2153 , H04L9/0844 , H04L63/061 , H04N7/1675 , H04N21/4181 , H04N21/4367
摘要： This invention concerns a safe data exchange method between two devices locally connected to one another. In a preferred embodiment, the first device is a security module containing a first encrypting key, said private key of a pair of asymmetric encrypting keys. The second device is a receiver comprising at least one second encrypting key, said public key of said pair of asymmetric encrypting keys. Furthermore each of the devices comprises a symmetrical key. The first device generates a first random number, which is encrypted by said private key, then transmitted to the second device, in which it is decrypted by means of the public key. The second device generates a second random number, which is encrypted by said public key, then transmitted to the first device, in which it is decrypted by means of the private key. A session key, used for safe data exchange, is generated by a combination of the symmetric key and the random numbers generated and received by each of the devices.
摘要翻译：本发明涉及在本地连接到彼此之间的两个设备之间的安全数据交换方法。在优选实施例中，第一设备是包含一对非对称加密密钥的第一加密密钥，所述专用密钥的安全模块。第二设备是包括至少一个第二加密密钥的所述接收器，所述一对非对称加密密钥的所述公开密钥。此外，每个设备包括对称密钥。第一设备生成第一随机数，该第一随机数由所述专用密钥加密，然后被发送到第二设备，在该第二设备中，它通过公钥被解密。第二设备生成第二随机数，其由所述公开密钥加密，然后被发送到第一设备，在该第一设备中，该密钥通过私钥被解密。用于安全数据交换的会话密钥由对称密钥和每个设备生成和接收的随机数的组合产生。

3. 发明授权

US08099778B2 Method for access control to conditional access data 有权
标题翻译：访问控制条件访问数据的方法
公开(公告)号：US08099778B2
公开(公告)日：2012-01-17
申请号：US11288223
申请日：2005-11-29
申请人： Nicolas Courtin , Olivier Brique , Jimmy Cochard , Christophe Gogniat
发明人： Nicolas Courtin , Olivier Brique , Jimmy Cochard , Christophe Gogniat
IPC分类号： G06F7/04 , G06F12/00
CPC分类号： H04N7/1675 , H04N21/4181 , H04N21/44236 , H04N21/4623 , H04N21/47211
摘要： A method is disclosed for access control to conditional access data in a multimedia unit comprising at least one security module. This process includes:reception by the multimedia unit of a control message ECM containing at least one control word cw; transmission of this message ECM to said security module, this control message being associated to a message decryption right; determination of a validity date of the ECM control message decryption rights associated to said security module; determination of the present date; comparison of the present date with the expiration date of the decryption rights and determination of whether the present date is prior to the expiration date. In the affirmative case, decryption of the control message ECM and sending of the control word cw to the multimedia unit occurs In the negative case, reading of a value contained in a counter of the security module and comparison of this value occurs, to determine whether this value is comprised within a range authorizing decryption. Further, in the affirmative case, modification of the value of the counter according to a pre-established rule, and decryption of the control message ECM and sending of the control word cw to the multimedia unit also occurs. Finally, in the negative case, access to the conditional access data is blocked.
摘要翻译：公开了一种用于对包括至少一个安全模块的多媒体单元中的条件访问数据的访问控制的方法。该过程包括：由多媒体单元接收包含至少一个控制字cw的控制消息ECM; 将该消息ECM发送到所述安全模块，该控制消息与消息解密权相关联; 确定与所述安全模块相关联的ECM控制消息解密权限的有效期; 确定现在日期; 将当前日期与解密权限的到期日期进行比较，并确定现在日期是否在到期日之前。在肯定的情况下，控制消息ECM的解密和控制字cw发送到多媒体单元发生在否定情况下，发生安全模块的计数器中包含的值的读取和该值的比较，以确定是否该值包含在授权解密的范围内。此外，在肯定的情况下，根据预先确定的规则修改计数器的值，并且还发生控制消息ECM的解密和控制字cw发送到多媒体单元。最后，在否定的情况下，对条件访问数据的访问被阻止。

4. 发明授权

US08819434B2 Method and processing unit for secure processing of access controlled audio/video data 有权
标题翻译：用于访问受控音频/视频数据的安全处理的方法和处理单元
公开(公告)号：US08819434B2
公开(公告)日：2014-08-26
申请号：US12971876
申请日：2010-12-17
申请人： Fabien Gremaud , Olivier Brique
发明人： Fabien Gremaud , Olivier Brique
IPC分类号： H04L9/32
CPC分类号： H04N7/1675 , H04N21/4181 , H04N21/42623 , H04N21/4367 , H04N21/4405 , H04N21/4623
摘要： A method based on access conditions verification performed by two conditional access devices consecutively on a control message before releasing a control word to a descrambler. The control message encapsulates a second part including another control message. The processing unit for carrying out the method comprises a first conditional access device connected to a second conditional access device provided with a descrambler and a secured processor or secured hardware logic. The control message and the second part are each encrypted and accompanied by respectively first and second authentication data. The first conditional access device decrypts and verifies integrity of the control message, verifies the first access conditions and transmits the second part to the second access control device. The second conditional access device decrypts and verifies integrity of the second part and further verifies the second access conditions, and releases and loads the control word into the descrambler.
摘要翻译：一种基于访问条件验证的方法，该方法在将控制字释放到解扰器之前连续地在控制消息上由两个条件访问设备执行。控制消息封装包括另一个控制消息的第二部分。用于执行该方法的处理单元包括连接到具有解扰器和安全处理器或安全硬件逻辑的第二条件访问设备的第一条件访问设备。控制消息和第二部分分别被加密并且分别伴随着第一和第二认证数据。第一条件访问设备解密并验证控制消息的完整性，验证第一访问条件并将第二部分发送到第二访问控制设备。第二条件访问设备解密和验证第二部分的完整性，并进一步验证第二访问条件，并释放并将控制字加载到解扰器中。

5. 发明申请

US20060005262A1 Method for deactivating and reactivating security modules 有权
标题翻译：禁用和重新启动安全模块的方法
公开(公告)号：US20060005262A1
公开(公告)日：2006-01-05
申请号：US11212904
申请日：2005-08-29
申请人： Henri Kudelski , Olivier Brique , Christian Wirz , Patrick Hauert
发明人： Henri Kudelski , Olivier Brique , Christian Wirz , Patrick Hauert
IPC分类号： G06F17/30
CPC分类号： G07F7/1008 , G06Q20/341 , G06Q20/35765 , H04N7/163 , H04N21/26606 , H04N21/4181 , H04N21/4623
摘要： This invention concerns a security module deactivation and reactivation method particularly intended for access control of conditional access data. These security modules include a plurality of registers (R1, R2, R3, Rn) containing values. The method includes the step of sending at least one management message (RUN-EMM) containing an executable code, this executable code being loaded into a memory of the security module and then executed. The execution of this code in particular can carry out the combination and/or the enciphering of the values of the registers, or render these values illegible. This method also allows the reactivation of the security modules that have been deactivated previously. In this case, the method includes the step of sending another message containing an executable code (RUN-EMM−1) for the reactivation of the modules, this executable code having an inverted function to that of the executable code used for the deactivation of the security modules.
摘要翻译：本发明涉及特别用于条件访问数据的访问控制的安全模块去激活和重新激活方法。这些安全模块包括包含值的多个寄存器（R 1，R 2，R 3，R n）。该方法包括发送包含可执行代码的至少一个管理消息（RUN-EMM）的步骤，该可执行代码被加载到安全模块的存储器中然后被执行。特别地，该代码的执行可以执行寄存器的值的组合和/或加密，或者使这些值难以辨认。该方法还允许重新启用先前已被停用的安全模块。在这种情况下，该方法包括发送包含用于重新激活模块的可执行代码（RUN-EMM ^{-1 ）的另一消息的步骤，该可执行代码具有与可执行文件相反的功能用于停用安全模块的代码。}

6. 发明申请

US20050086175A1 Method for storage and transport of an electronic certificate 审中-公开
标题翻译：存储和运输电子证书的方法
公开(公告)号：US20050086175A1
公开(公告)日：2005-04-21
申请号：US10504288
申请日：2003-02-07
申请人： Olivier Brique , Michael Hill , Jimmy Cochard , Stephane Joly
发明人： Olivier Brique , Michael Hill , Jimmy Cochard , Stephane Joly
IPC分类号： G06F1/00 , G06F9/00 , G06F21/34 , G06K17/00 , H04L9/08 , H04L9/10 , G06F17/60
CPC分类号： G06F21/34 , G06Q20/382
摘要： The aim of this invention is to assure the portability of an electronic certificate and the security of the private key which are part of the certificate X509. In fact, it is important that this certificate is not used for purposes uncontrolled by the holder, such as identity usurpation, the authorization of non-desired transactions or the reproduction of transactions (replay). This aim is reached by a storage and transporting method for an electronic certificate, said certificate having an authority section for the issuing authority, a holder section for the holder of the certificate and a signature section determined by the issuing authority, characterized in that all or part of the holder section is contained in a removable security module and that at least the authority section is contained in a host computer.
摘要翻译：本发明的目的是确保作为证书X509的一部分的电子证书的可移植性和私钥的安全性。事实上，重要的是，该证书不被用于持有人不受控制的目的，例如身份篡夺，不需要的交易的授权或交易的再现（重播）。该目的通过电子证书的存储和运输方法达成，所述证书具有发证机关的授权部分，持证人持有人的证书持有人部分和由发行机构确定的签名部分，其特征在于，全部或持有者部分的一部分包含在可拆卸安全模块中，并且至少该授权部分包含在主机中。

7. 发明申请

US20130103941A1 METHOD FOR UPDATING DATA IN A SECURITY MODULE 审中-公开
标题翻译：在安全模块中更新数据的方法
公开(公告)号：US20130103941A1
公开(公告)日：2013-04-25
申请号：US13711014
申请日：2012-12-11
申请人： Xavier Carrel , Olivier Brique , Henri Kudelski , Nicolas Fischer
发明人： Xavier Carrel , Olivier Brique , Henri Kudelski , Nicolas Fischer
IPC分类号： G06F21/62
CPC分类号： G06F21/62 , G06F21/12 , H04N7/163 , H04N7/165 , H04N7/1675 , H04N21/235 , H04N21/26291 , H04N21/26606 , H04N21/4181 , H04N21/435 , H04N21/4383 , H04N21/4623 , H04N21/6543 , H04N21/8166
摘要： A method for updating operating data in a security module associated to a user unit for processing digital data broadcast in a transport stream, said unit being connected to a conditional access system transmitting, in said transport stream, to the security module a first stream comprising management messages includes: broadcasting a second stream of operating data patch messages, adding to the first stream of management messages, a trigger message to direct the security module to a conditional access system transmitting a second stream transporting suitable operating data patch messages if a current version of the operating data in the security module requires an update, updating the operating data of the concerned security module with the operating data patch messages from the second stream, directing the security module towards the conditional access system transmitting another stream based on an identifier of the conditional access system in the security module.
摘要翻译：一种用于更新与用户单元相关联的用于处理在传输流中广播的数字数据的安全模块中的操作数据的方法，所述单元连接到条件访问系统，所述条件访问系统在所述传输流中向安全模块传输包括管理消息包括：广播第二流操作数据补丁消息，将管理消息的第一流添加到触发消息，以将安全模块引导到条件访问系统，该条件访问系统发送传输合适的操作数据补丁消息的第二流，如果当前版本的安全模块中的操作数据需要更新，使用来自第二流的操作数据补丁消息来更新相关安全模块的操作数据，将安全模块指向基于条件的标识符的条件访问系统发送另一个流访问系统在安全模块中。

8. 发明授权

US08364704B1 Method and system for transmitting messages for database 有权
标题翻译：用于传输数据库消息的方法和系统
公开(公告)号：US08364704B1
公开(公告)日：2013-01-29
申请号：US10049696
申请日：2000-09-06
申请人： Olivier Brique , Christophe Nicolas , Marco Sasselli
发明人： Olivier Brique , Christophe Nicolas , Marco Sasselli
IPC分类号： G06F17/30
CPC分类号： H04N21/4623 , G06F17/30575 , H04N7/165 , H04N21/26606 , H04N21/26613 , H04N21/47211 , H04N21/63345
摘要： For updating shared databases on a subscriber network, a managing center sends messages addressed to each of these bases. When one requires to address a great number of databases, the time to accede to each of them increases considerably considered the necessity to repeat the information to ensure the good reception of messages. Instead of addressing by name each database, it is proposed to transmit criteria in which a certain number of databases recognize themselves and apply a selective updating on these bases.
摘要翻译：为了在订户网络上更新共享数据库，管理中心发送寻址到每个这些基地的消息。当需要解决大量数据库时，加入其中的每个数据库的时间大大增加，认为有必要重复这些信息以确保良好的信息接收。建议不要通过名称对每个数据库进行处理，而是提供一些标准，其中一定数量的数据库承认自己，并在这些基础上应用选择性更新。

9. 发明申请

US20070174617A1 Method for updating the firmware of a security module 有权
标题翻译：更新安全模块固件的方法
公开(公告)号：US20070174617A1
公开(公告)日：2007-07-26
申请号：US11656468
申请日：2007-01-23
申请人： Xavier Carrel , Olivier Brique , Henri Kudelski , Nicolas Fisher
发明人： Xavier Carrel , Olivier Brique , Henri Kudelski , Nicolas Fisher
IPC分类号： H04L9/00
CPC分类号： G06F21/62 , G06F21/12 , H04N7/163 , H04N7/165 , H04N7/1675 , H04N21/235 , H04N21/26291 , H04N21/26606 , H04N21/4181 , H04N21/435 , H04N21/4383 , H04N21/4623 , H04N21/6543 , H04N21/8166
摘要： A method for updating the firmware of a security module allowing it to “jump” towards a dedicated separate patch message stream thanks to a trigger messages stream broadcasted in a main stream of management messages. The trigger messages comprise version information allowing establishing whether the security module is up-to-date, and an identifier indicating to the security module the suitable patch stream. If the current version of the firmware of the security module is inferior to the patch version, the security module is directed towards the stream of patch messages designated by the identifier included in the trigger messages. Once the update of the firmware is complete, the security module is again directed towards the main stream. This return can be carried out automatically, namely with a switch message comprising an identifier of the first stream.
摘要翻译：一种用于更新安全模块的固件的方法，其允许其由于在主要管理消息流中广播的触发消息流而“跳转”到专用的单独补丁消息流。触发消息包括允许确定安全模块是否是最新的版本信息，以及向安全模块指示适当的补丁流的标识符。如果安全模块的固件的当前版本低于补丁版本，则安全模块指向由包括在触发消息中的标识符指定的补丁消息流。一旦固件更新完成，安全模块将再次指向主流。该返回可以自动执行，即具有包括第一流的标识符的切换消息。

10. 发明申请

US20060190726A1 Method for secure data exchange between two devices 有权
标题翻译：两种设备之间的安全数据交换方法
公开(公告)号：US20060190726A1
公开(公告)日：2006-08-24
申请号：US10517428
申请日：2003-06-10
申请人： Olivier Brique , Christophe Nicolas , Marco Sasselli
发明人： Olivier Brique , Christophe Nicolas , Marco Sasselli
IPC分类号： H04L9/00
CPC分类号： H04L9/0869 , G06F21/445 , G06F21/602 , G06F21/606 , G06F21/72 , G06F2221/0753 , G06F2221/0755 , G06F2221/2129 , G06F2221/2153 , H04L9/0844 , H04L63/061 , H04N7/1675 , H04N21/4181 , H04N21/4367
摘要： This invention concerns a safe data exchange method between two devices locally connected to one another. In a preferred embodiment, the first device (10) is a security module containing a first encrypting key, said private key (PAKV) of a pair of asymmetric encrypting keys. The second device is a receiver (11) comprising at least one second encrypting key, said public key (PAKB) of said pair of asymmetric encrypting keys. Furthermore each of the devices comprises a symmetrical key (13). The first device (10) generates a first random number (A), which is encrypted by said private key (PAKV), then transmitted to the second device (11), in which it is decrypted by means of the public key (PAKB). The second device (11) generates a second random number (B), which is encrypted by said public key (PAKB), then transmitted to the first device (10), in which it is decrypted by means of the private key (PAKV). A session key (SK), used for safe data exchange, is generated by a combination of the symmetric key (13) and the random numbers (A, B) generated and received by each of the devices.
摘要翻译：本发明涉及在本地连接到彼此之间的两个设备之间的安全数据交换方法。在优选实施例中，第一设备（10）是包含一对非对称加密密钥的第一加密密钥，所述专用密钥（PAKV）的安全模块。第二设备是包括至少一个第二加密密钥，所述一对非对称加密密钥的所述公开密钥（PAKB）的接收器（11）。此外，每个设备包括对称密钥（13）。第一设备（10）生成通过所述私钥（PAKV）加密的第一随机数（A），然后发送到第二设备（11），其中它通过公钥（PAKB）进行解密，。第二设备（11）生成由所述公共密钥（PAKB）加密的第二随机数（B），然后发送到第一设备（10），其中它通过私钥（PAKV）进行解密，。用于安全数据交换的会话密钥（SK）由对称密钥（13）和由每个设备生成和接收的随机数（A，B）的组合产生。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式