A system and method for securely and bi-directionally transmitting information including conditional access private data between a client and a headend is disclosed. In an exemplary embodiment, the method includes: establishing a hypertext transfer protocol secure (HTTPs) connection, establishing a hypertext transfer protocol secure (HTTPs) connection; upgrading the HTTPs connection to a persistent bi-directional connection, accepting a first message from a client via the web socket connection, wherein the first message comprises an identifier of the client, parsing the message for the identifier of the client, associating the identifier of the client with the secure web socket connection, and transmitting a second message notifying the headend of the secure web site that connection, the message comprising the identifier of the client.

An external trusted time source is implemented over a network for conditional access system (CAS)/digital rights management (DRM) client devices. A client device includes untrusted software and a trusted execution environment (TEE) for processing an entitlement management message (EMM) that includes an epoch sequence number (ESN) transmitted from an EMM server using a first network connection. A remaining client key set (CKS) lifetime value is stored and updated in the TEE based on the ESN processed.

Techniques are described for efficient delivery and reception of information, such as an Entitlement Management Message (EMM), that is related to Digital Rights Management (DRM) in a terrestrial broadcast system such as ATSC 3.0.

Example methods and systems for modifying the playback of content using pre-processed profile information are described. In some example embodiments, the methods and systems may access a stream of content to be delivered to a playback device, identify a piece of content within the stream of content to be delivered to the playback device, determine a profile for the identified piece of content, and deliver the determined profile to the playback device. In some example embodiments, the methods and systems may receive a stream of content at a playback device, access profile information associated with the stream of content, and modify playback of the stream of content based on the accessed profile information.

Video content is processed for delivery using an automated process that allows for convenient packaging of encrypted or digital rights management (DRM) protected content in a manner such that the packaged content can be efficiently stored in a content delivery network (CDN) or other content source for subsequent re-use by other media clients without re-packaging, and without excessive storage of unused content data.

In a content protection scheme, and in response to a request for a content segment received by a server, the server generates and associates with the segment a message that confers entitlement to a session-specific key from which one or more decryption keys may be derived. The decryption keys are useful to decrypt the segment at runtime as it is about to be rendered by a player. Before delivery, the server encrypts the segment to generate an encrypted fragment, and it then serves the encrypted fragment (and the message) in response to the request. At the client, information in the message is used to obtain the session-specific key. Using that key, the decryption keys are derived, and those keys are then used to decrypt the received encrypted fragment. The decryption occurs at runtime. The approach protects content while in transit to and at rest in the client browser environment.

Disclosed are an electronic apparatus, a server, and a method of controlling the same, the server including: a communicator configured to connect with an electronic apparatus and an external server; and a processor configured to: generate first encrypted information by encrypting first decryption information received from the electronic apparatus, the first decryption information for reproducing content, control the communicator to transmit, to the external server, the generated first encrypted information, generate second decryption information by decrypting second encrypted information received from the external server, the second encrypted information generated based on the first decryption information, and control the communicator transmit the generated second decryption information to the electronic apparatus to scramble the content by a scrambler of the electronic apparatus.

Techniques are described for efficient delivery and reception of information, such as an Entitlement Management Message (EMM), that is related to Digital Rights Management (DRM) in a terrestrial broadcast system such as ATSC 3.0.

The invention relates to a method for the identification of security processors in a system for delivering protected multimedia content, in which: upon request from an identification device, a network head-end transmits (136) a command to suspend a first identified pre-determined security processor which, in response, switches (136) from an active state to an idle state; the sharing server detects (120) that the first security processor is in the idle state and then transmits (120) access control messages to a second security processor instead of the first security processor; in response to the identification of at least the second security processor, upon request from the identification device, the network head-end transmits (134) a command to re-establish the first security processor, and, subsequently, in response, the first security processor switches (134) from the idle state to the active state.

A method is provided to provide configuration information from a broadcast network controller (BNC) to a decoder in an HTTP live streaming (HLS) network. The method includes the steps of: (a) initiating a configuration event notification by the BNC; (b) writing the configuration information as file; (c) announcing the configuration information as a SCTE-104 request; (d) translating the SCTE-104 request into an SCTE-35 message; (e) translating the SCTE-35 message into an HLS playlist file; and (f) retrieving the HLS playlist file at the decoder.