A method is provided for generating a key ladder for securely communicating between a first device and a second device using a first device symmetric key and a chip-unique private key. The method includes generating a second processor-specific first device symmetric key from a first processor-specific first device symmetric key and a first identifier (CPU_ID), generating a chip-unique first device application private key (CUAPrK) from a second identifier and the second processor-specific first device symmetric key, generating a chip-unique first device application public key (CUAPuK) from the chip-unique first device application private key (CUAPrK), and transmitting the chip-unique first device application public key (CUAPuK) and an identifier of the processor to the second device.

Aspects of the present disclosure provide for systems and methods to automatically load security access files and/or keys on a local digital controller serving subscriber communication equipment, but are not so limited. A disclosed system operates to use a deployment manager as part of auto-loading security access files and/or keys on a local digital controller serving subscriber communication equipment. A disclosed method operates in part to auto-load security access files and/or keys on a local digital controller serving subscriber communication equipment.

A method for execution by a computing device of a dispersed storage network (DSN). The method begins by encrypting a data segment of a data object using a security key to produce an encrypted data segment. The method continues by dispersed storage error encoding the encrypted data segment to produce a set of encoded data slices and sending the set of encoded data slices to storage units of the DSN for storage. The method continues by encrypting the security key using an encryption key to produce an encrypted security key and dispersed storage error encoding the encrypted security key to produce a set of encoded key slices, wherein a decode threshold number of encoded key slices is needed to recover the encrypted security key. The method continues by sending the set of encoded key slices to a set of storage units of the DSN for storage therein.

Described herein are systems and methods for hardware enforcement of hardware functionality in a client television receiver. An activation message containing an activation code for a specific hardware component within the client television receiver can be transmitted from a television service provider system to a host television receiver having an associated smart card. The smart card can decrypt the activation message, identify the client television receiver as the destination of the activation message, security check the activation message, encrypt the activation message with a local key, and transmit the activation message to a security processor on the client television receiver. The security processor can decrypt the activation message, security check the activation message to ensure it is from the smart card and has not been tampered with, and enable the hardware component within the client television receiver based on the activation code within the activation message.

Techniques for rapid video on demand (VOD) media content breach response are described. In some embodiments, during content preparation, a server generates an encrypted media content item by generating a first encrypted portion using a first key derived from a first seed that is of a first type and generating a second encrypted portion using a second key derived from a second seed that is of a second type. In some embodiments, the server classifies the first portion in a first category (e.g., a prioritized category) and the second portion in a second category (e.g., a non-prioritized category). During a breach response, the server repairs the encrypted media content item by re-encrypting portions in the first category, e.g., re-encrypting the first encrypted portion using a replacement key derived from a replacement seed that is of the first type, and updating encryption metadata.

Systems, devices, and process described facilitate use of a first user device communicatively coupled to a local area network (LAN) The first user device may include a first hardware processor configured to execute first, non-transient, computer instructions for facilitating a first seamless DVR engine configured to identify a first content. A second user device is also coupled to the LAN. The second user device may include a second hardware processor configured to execute second, non-transient, computer instructions for facilitating a second seamless DVR configured to identify a second content. Each of the seamless DVR engines may be configured to generate a common universal directory identifying the first content and the second content as being available for use by each of the first user device and the second user device. User devices may independently populate the common universal directory. The universal directory may identify a distinct status for the content.

A method for managing network live streaming data and a related apparatus, device and storage medium, the method includes: a stream pushing request transmitted by a data access device is received; a stream pushing parameter set based on a media content feature of stream pushing data from multiple data sources in the data access device is determined; a target port is then determined according to the stream pushing parameter; the stream pushing data transmitted by the data access device is further received through the target port; and the stream pushing data is pushed to a live streaming device, so that the live streaming device plays media content data in a network live streaming process. In this way, a process of combining media content of multiple terminals and performing network live streaming is implemented.

Systems and methods for managing group encryption are described. In certain methods, a content asset may be encrypted with an asset key. An account key may be determined. Using the account key, an encrypted content asset package may be generated. The asset key may make up at least a portion of the encrypted content asset package. The encrypted content asset package is decryptable with the account key. The encrypted content asset package and an identifier associated with the account key may be transmitted, for example to a playback device.

An example operation may include one or more of splitting a session key into a plurality of partial shares, distributing the plurality partial shares to a plurality of content providers, respectively, where each content provider receives a different partial share of the session key, encrypting a stream of media content based on the session key, and transmitting the encrypted stream of digital content to a user device which has one or more partial shares among the plurality of partial shares.

Techniques related to securely providing artificial intelligence inference on protected video content in a vision processing unit are discussed. Such techniques include decrypting encrypted video via a neural network processor of the vision processing unit by providing the neural network processor direct memory access to a security engine of the vision processing unit and applying a machine learning model to the decrypted video content using the neural network processor such that a host and other components of the vision processing unit do not have access to the decrypted video content.