Described herein are systems and methods for securing transmission of content from a smart card in a host television receiver to a client television receiver. The smart card can receive the encrypted content stream from the television service provider, decrypt the content stream with the global network key, identify the client television receiver as the destination of the content stream, generate a unique key specific to the content stream, encrypt the unique key with a local key known to the client television receiver, encrypt the content stream with the unique key, and transmit the encrypted content stream along with the encrypted unique key to the client television receiver. The client television receiver can then receive the encrypted content stream and the encrypted unique key, decrypt the unique key, decrypt the content stream with the unique key, and transmit the content stream to a display device of the client television receiver.

An electronic apparatus including a control circuit that controls access to content and determines an operation mode of the electronic apparatus, and a monitoring circuit that monitors the access to the content, acquires content access information, and generates a table. The control circuit causes each of the content access information acquired by the monitoring circuit and the table generated by the monitoring circuit to be stored in a non-transitory computer-readable recording medium of the electronic apparatus. The monitoring circuit can update the content access parameters as additional content access information is acquired, and when the control circuit determines that the electronic apparatus is in an active mode, the control circuit can refer to the table and select, when access parameters of the active mode match the updated content access parameters, a current content to be output from the electronic apparatus.

Tools are provided for distributing access-restricted content in an internet protocol television (IPTV) environment based on portable entitlement keys. Such tools can include a decoder, an encoder, and a network entitlement handler. The decoder may be configured to receive a key associated with entitlement information, and transmit the entitlement information over a network. The encoder may be configured to receive content from content providers, and to encode the content to create IP-compatible content, with access restrictions based on entitlement. The network entitlement handler may be configured to receive a request for requested content from the decoder; receive the access-restricted content (including the requested content) from the encoder; and transmit the requested content over the network to the decoder using IP, when the decoder is entitled to receive the requested content.

A method to transfer a video stream from a host device comprising a controller configured for bulk transfers to a descrambling device, comprises: forming a chain out transfer comprising a chain out header linked with multiple chain out descriptors, the first chain out descriptor pointing to an out description packet containing at least one producer ID, the second and subsequent chain out descriptor pointing to chunks from the video stream, the last chain out descriptor being configured to generate an interrupt; forming a chain in transfer comprising a chain in header linked with a plurality of chain in descriptors, each chain in descriptor pointing to a descrambled chunk; requesting the controller to process the chain; receiving the description packet by the descrambling device and using key data associated with the chunks to descramble them; receiving by the controller the descrambled chunks and triggering an interrupt on the last chunk.

Devices, servers, systems and methods for content protection are provided. Disclosed embodiments improve temporal granularity of controlling access to the protected content and increase resilience against attacks attempting to prevent re-evaluation of conditions of access. Enforcement of re-evaluation may be based on the receipt and/or verification of tokens. In some embodiments, re-evaluation is enforced by periodically rendering content keys required for content decryption unuseable and/or clearing content keys already in use.

Methods and apparatus for dynamically adjusting capacity allocation; e.g., to a group of services in a multimedia distribution network. In one embodiment, bandwidth allocation is adjusted by predicting bandwidth utilization of the group of services based on historical bandwidth utilization information. Behavioral templates and statistical models may also be employed for the predictions. The invention provides more efficient use of available bandwidth compared to conventional bandwidth allocation schemes where the overall bandwidth for a group of services is set to a constant value that is not changed frequently. The present invention further provides a bandwidth allocation method in a switched distribution network. The bandwidth allocation method allocates bandwidth such that the bandwidth required by the number of services does not exceed the allocation, i.e., the total usage falls within the allocation.

A method is provided for generating a key ladder for securely communicating between a first device and a second device using a first device symmetric key and a chip-unique private key. The method includes generating a second processor-specific first device symmetric key from a first processor-specific first device symmetric key and a first identifier (CPU_ID), generating a chip-unique first device application private key (CUAPrK) from a second identifier and the second processor-specific first device symmetric key, generating a chip-unique first device application public key (CUAPuK) from the chip-unique first device application private key (CUAPrK), and transmitting the chip-unique first device application public key (CUAPuK) and an identifier of the processor to the second device.

The present disclosure relates to an electronic apparatus. The electronic apparatus includes a signal receiving unit that may receive a video signal; an interface unit that may communicates with a security processing module; a signal processing unit; and a processor that transmits first data of the video signal received by the signal receiving unit to the security processing module through the interface unit and receives secured second data from the security processing module, controls the signal processing unit to process the received second data for displaying a video, identifies whether continuity of processing of second data by the signal processing unit is limited based on a ratio of a transmission amount of the first data and a transmission amount of the second data transmitted and received between the interface unit and the security processing module, and performs subsequent processing according to the identification.

Disclosed is a device for transmitting content over an external display facility, including: a processing unit; a USB connector; an HDMI connector; a data storage body; at least one wireless communication module; and an internal battery. The processing unit is designed, according to the mode, to: record visual content data on the data storage body when the data is received from the input connector and/or the at least one wireless communication module; encrypt the recorded data, or decrypt the encrypted data recorded on the data storage body; convert the content data into a media flow; and transmit the media flow via the output connector such that an external screen to which the device is connected transmits the corresponding media.

A reproducing device includes a reproducer that reproduces a content, a communicator that establishes a direct wireless connection to an information terminal, and a controller. The controller determines whether the information terminal is a previously permitted information terminal or not when the communicator receives a content reproduction request from the information terminal through wireless connection. The controller performs first control to power on the reproducer, and issues an instruction to perform the content reproduction to the reproducer, when it is determined that the information terminal is the previously permitted information terminal, and when the reproducer is powered off. The controller does not perform the first control when it is determined that the information terminal is not the previously permitted information terminal.