The invention relates to a process for transmitting streaming digital content to a client device for access to digital content. The inventive process makes it possible, in particular, to apply an access control system to the protection of direct-mode video streams. The process also makes it possible to significantly improve the security and safety of the system, based on a periodic mandatory back-communication on the part of the client device.

Providing a conditional access system (CAS) to a set-top box is described. An example method includes encapsulating a CAS application in a NCAS (Next CAS) container, and objects associated with the CAS application are executed in the NCAS container. Resources for the CAS application and other applications running on the set-top box are pre-allocated so that each application has a pre-fixed resource allocation upon startup of the set-top box. An execution of the CAS application is validated using a linked chain of trust.

A virtual set-top box (vSTB) for executing a middleware component, designed originally for use with the physical STB, including emulating hardware capabilities of the physical STB to process IPTV content received over a connection for presenting the IPTV content on a display of the electronic device.

Input/output (I/O) operation requests from pageable storage mode guests are interpreted without host intervention. In a pageable mode virtual environment, requests issued by pageable storage mode guests are processed by one or more processors of the environment absent intervention from one or more hosts of the environment. Processing of the requests includes manipulating, by at least one processor on behalf of the guests, buffer state information stored in host storage. The manipulating is performed via instructions initiated by the guests and processed by one or more of the processors.

The present invention allows the combination and adaptation of a broadcast data reception system with a Conditional Access System which may be embedded in the receiving device, such as a television, or can be provided as a module which is connected to the receiving device and which allows service provider controlled, typically cloud based, interactivity via the same CAS with different Multi Channel video programming distributors (MVPD) service providers.

A virtual set-top box (vSTB) for executing a middleware component, designed originally for use with the physical STB, including emulating hardware capabilities of the physical STB to process IPTV content received over a connection for presenting the IPTV content on a display of the electronic device.

A conditional access module receives a multimedia stream transporting multimedia content and application data forming an application to be executed in relation to the multimedia content. At reception of the multimedia stream by the conditional access module, the application data is separated from the multimedia stream by an input filter included in the conditional access module. The application data includes a current authentication code. The input filter forwards the application data with the current authentication code to a quarantine memory associated with an application checker included in the conditional access module. The application checker verifies the current authentication code by using a reference authentication code previously acquired by the conditional access module. Upon successful verification of the authentication code, the application data is retrieved from the quarantine memory and merged by a merging module with the multimedia content previously separated by the input filter.

The present invention relates to the domain of control of access to audiovisual content transmitted to a receiver, in particular control based on the localization of the receiver.

This invention proposes a method of control of access to content transmitted to a receiver, said receiver being part of an access geographic control system comprising verification means and security means, the method comprising the following steps:

acquisition of a current localization by a portable device,

transfer of the current localization to the verification means,

extraction, in a memory of the verification means, of a localization data set defining at least one area,

verification, by the verification means, that the current localization is included in said area, and if so, transmission of an authorization message for the reception of the audiovisual content to the security means relative to the receiver.

A system architecture provides a hardware-based root of trust solution for supporting distribution and playback of premium digital content. In an embodiment, hardware root of trust for digital content and services is a solution where the basis of trust for security purposes is rooted in hardware and firmware mechanisms in a client computing system, rather than in software. From this root of trust, the client computing system constructs an entire media processing pipeline that is protected for content authorization and playback. In embodiments of the present invention, the security of the client computing system for content processing is not dependent on the operating system (OS), basic input/output system (BIOS), media player application, or other host software.

A method of transmitting entitlement messages to content consumption devices in a access control system, the method comprising periodically transmitting entitlement messages to content consumption devices in a access control system and periodically extending an expiry time comprised in the entitlement messages. The entitlement messages comprise indicator data indicating to the content consumption devices that subsequent entitlement messages loaded into a content consumption device after a first entitlement message is loaded into the content consumption device shall not be used by the content consumption device to access protected media content.