A method of transmitting entitlement messages to content consumption devices in a access control system, the method comprising periodically transmitting entitlement messages to content consumption devices in a access control system and periodically extending an expiry time comprised in the entitlement messages. The entitlement messages comprise indicator data indicating to the content consumption devices that subsequent entitlement messages loaded into a content consumption device after a first entitlement message is loaded into the content consumption device shall not be used by the content consumption device to access protected media content.

A method of transmitting entitlement messages to content consumption devices in a access control system, the method comprising periodically transmitting entitlement messages to content consumption devices in a access control system and periodically extending an expiry time comprised in the entitlement messages. The entitlement messages comprise indicator data indicating to the content consumption devices that subsequent entitlement messages loaded into a content consumption device after a first entitlement message is loaded into the content consumption device shall not be used by the content consumption device to access protected media content.

A portable information terminal includes a controller configured to control a communication interface to transmit a charging permission response to a broadcast receiving apparatus in response to a charging permission request data transmitted when a broadcasting program that a user of the broadcast receiving apparatus desires to view contains an asset that requires charging. The charging permission response is allowed to be transmitted when positional information indicates that the portable information terminal is positioned inside of a predetermined positional range and apparatus identification information in the charging permission request data, by which the broadcast receiving apparatus is allowed to be identified, coincides with apparatus identification information stored in a memory. The controller controls the communication interface to transmit a charging denial response to the broadcast receiving apparatus when the positional information indicates that the portable information terminal is positioned outside of the predetermined positional range.

A portable information terminal includes a controller configured to control a communication interface to transmit a charging permission response to a broadcast receiving apparatus in response to a charging permission request data transmitted when a broadcasting program that a user of the broadcast receiving apparatus desires to view contains an asset that requires charging. The charging permission response is allowed to be transmitted when positional information indicates that the portable information terminal is positioned inside of a predetermined positional range and apparatus identification information in the charging permission request data, by which the broadcast receiving apparatus is allowed to be identified, coincides with apparatus identification information stored in a memory. The controller controls the communication interface to transmit a charging denial response to the broadcast receiving apparatus when the positional information indicates that the portable information terminal is positioned outside of the predetermined positional range.

A pre-key is combined with non-pre key data to render a content key useful for decrypting content, such as audio-video content. This other, non-pre key data may be anything that, for example, an ATSC 3.0 source such as a Broadcaster would like to authenticate into the content. For example, the data that is XOR'd with pre-key information may include various fields such as the Broadcaster designated market area (DMA), a copyright notice, the identification of the content to be decrypted, the user's group ID (subscriber group), etc.

Methods and apparatus for control of data and content protection mechanisms across a network using a download delivery paradigm. In one embodiment, conditional access (CA), digital rights management (DRM), and trusted domain (TD) security policies are delivered, configured and enforced with respect to consumer premises equipment (CPE) within a cable television network. A trusted domain is established within the user's premises within which content access, distribution, and reproduction can be controlled remotely by the network operator. The content may be distributed to secure or non-secure “output” domains consistent with the security policies enforced by secure CA, DRM, and TD clients running within the trusted domain. Legacy and retail CPE models are also supported. A network security architecture comprising an authentication proxy (AP), provisioning system (MPS), and conditional access system (CAS) is also disclosed, which can interface with a trusted authority (TA) for cryptographic element management and CPE/user device authentication.

Methods and apparatus for control of data and content protection mechanisms across a network using a download delivery paradigm. In one embodiment, conditional access (CA), digital rights management (DRM), and trusted domain (TD) security policies are delivered, configured and enforced with respect to consumer premises equipment (CPE) within a cable television network. A trusted domain is established within the user's premises within which content access, distribution, and reproduction can be controlled remotely by the network operator. The content may be distributed to secure or non-secure “output” domains consistent with the security policies enforced by secure CA, DRM, and TD clients running within the trusted domain. Legacy and retail CPE models are also supported. A network security architecture comprising an authentication proxy (AP), provisioning system (MPS), and conditional access system (CAS) is also disclosed, which can interface with a trusted authority (TA) for cryptographic element management and CPE/user device authentication.

A broadcast receiving apparatus includes a broadcast receiver that receives a broadcast wave of a digital broadcasting service; a separator that separates at least coded program video data, program-cooperation data, and screen layout control information, from the broadcast wave; a video decoder that decodes the coded program video data to reproduce program video information; a cooperation information generator that interprets the program-cooperation data to generate program-cooperation information; and a control unit that, when an instruction to display a given screen is input while the presentation processor divides video display region into sub-regions based on the screen layout control information, places the program video information in one of the sub-regions, places the program-cooperation information in another sub-region, and outputs the data of the video display region as the video information, outputs information of the given screen as the video information without dividing the video display region based on the screen layout control information.

A broadcast receiving apparatus includes a broadcast receiver that receives a broadcast wave of a digital broadcasting service; a separator that separates at least coded program video data, program-cooperation data, and screen layout control information, from the broadcast wave; a video decoder that decodes the coded program video data to reproduce program video information; a cooperation information generator that interprets the program-cooperation data to generate program-cooperation information; and a control unit that, when an instruction to display a given screen is input while the presentation processor divides video display region into sub-regions based on the screen layout control information, places the program video information in one of the sub-regions, places the program-cooperation information in another sub-region, and outputs the data of the video display region as the video information, outputs information of the given screen as the video information without dividing the video display region based on the screen layout control information.

A multimedia signal processing device is used between a multimedia signal source and a down-stream multimedia device. The multimedia signal processing device includes a communication unit, a multimedia decoding unit and a judging unit. The communication unit receives a multimedia signal from the multimedia signal source. The multimedia decoding unit decodes the multimedia signal and receives designated device information from the down-stream multimedia device. The judging unit performs an identification procedure according to a set of data stored in a database and the designated device information of the down-stream multimedia device to obtain a judged result to be stored in the multimedia signal processing device and have the multimedia signal processing device perform an action according to the judged result. A related authorization method involving the steps is performed by the multimedia signal processing device.