1. Patent Search
  2. Details

Processing method for control messages and security module to carry out said method

RE049394 · 2023-01-24

Assignee

Inventors

Cpc classification

International classification

Abstract

The present invention concerns a method for processing messages intended to allow the access to conditional access content and to a security module arranged for implementing this method. The method comprises the steps of receiving by a security module comprising at least one decryption module, a plurality of messages, these messages belonging to at least two different categories; assigning a different priority level to messages from each different category, one of said priority level being defined as high and another priority level, lower that the high priority level, being defined as the standard priority level; associating a value to the messages to which the standard priority level has been assigned; assigning at least one threshold value for the value associated with messages having a standard priority level; and comparing between the threshold value for a determined message and the value associated with said message. If no value associated with said message having standard priority level exceeds the corresponding threshold value, processing the messages according to their priority level, a message to which the high priority level has been assigned being processed before a message to which a lower priority level has been assigned, and change of the value associated with the messages having a standard priority level according to said predefined rule. If the value associated with one of said messages having a standard priority level exceeds the threshold value for the corresponding message, processing one of the messages having a standard priority level before processing a message having a higher priority level, and change of the value associated with the messages having a standard priority level according to said predefined rule.

Claims

1. A method for processing messages intended to allow the access to conditional access content, wherein said method comprises: receiving.[.a plurality of messages.]..Iadd., .Iaddend.by a security module comprising at least one conditional access module .[.(CAK).]. and a processing module, .[.wherein the plurality of messages are classified as.]. .Iadd.a first message .Iaddend.belonging to .[.at least one of.]. a first category and .Iadd.a second message belonging to .Iaddend.a second category.Iadd., wherein the first category is different from the second category.Iaddend.; assigning a .[.different.]. .Iadd.high .Iaddend.priority level to .[.individual messages of the plurality of messages based at least upon the classification, wherein messages classified as belonging to the first category are assigned a high priority level, and messages classified as belonging to the second category are assigned a standard priority level.]. .Iadd.the first messsage and a standard priority level to the second message.Iaddend.; associating at least one value with .[.at least one of the messages assigned the standard priority level.]. .Iadd.the second message.Iaddend., wherein the at least one value is generated based at least upon a predefined rule; determining a threshold value for the .[.messages assigned the standard priority level.]. .Iadd.second message.Iaddend.; when the at least one value associated with the .[.messages assigned the standard priority level does not exceed.]. .Iadd.second message is equal to or less than .Iaddend.the threshold value: processing the .[.plurality of messages.]. .Iadd.first message and the second message .Iaddend.according to their priority level such that .[.a.]. .Iadd.the .Iaddend.first message .[.assigned the high priority level.]. is processed before the .[.messages assigned the standard priority level.]. .Iadd.second message.Iaddend.; and changing the at least one value associated with the .[.messages assigned the standard priority level.]. .Iadd.second message .Iaddend.according to the predefined rule; and when the at least one value associated with the .[.messages assigned the standard priority level.]. .Iadd.second message .Iaddend.exceeds the threshold value: processing .[.a.]. .Iadd.the .Iaddend.second message .[.assigned standard priority level.]. before processing the .[.messages assigned to the high priority level.]. .Iadd.first message.Iaddend.; and changing the at least one value associated with the .[.messages assigned the standard priority level.]. .Iadd.second message .Iaddend.according to the predefined rule.

2. The method of claim 1, wherein the predefined rule comprises assigning an initial value during the reception of a message by the security module and modifying the initial value associated with the message after processing .[.each message of the plurality of messages.]. .Iadd.the first message and the second message.Iaddend..

3. The method of claim 1, wherein the threshold value is a predetermined integer, and wherein the threshold value is exceeded when a value associated with a specific message is higher than the threshold value.

4. The method of claim 1, wherein the threshold value is a threshold duration, and wherein the threshold .Iadd.value is .Iaddend.exceeded when a value associated with a specific message is higher than the threshold value.

5. The method of claim 1, wherein the threshold value is a duration and the threshold value is exceeded when a remaining time .[.(RT).]. for a specific message is smaller than the threshold value.

6. The method of claim 2, wherein assigning the initial value comprises assigning a null value to the message.

7. The method of claim 2, wherein assigning an initial value comprises assigning a value higher than a maximum value associated with the .[.messages assigned the standard priority level.]. .Iadd.second message.Iaddend..

8. The method of claim 2, wherein modifying the initial value associated with the message comprises incrementing the initial value.

9. The method of claim 2, wherein modifying the initial value associated to the message comprises decrementing the initial value.

10. The method of claim 7, wherein the difference between the initial value assigned to the message during its reception and the maximum value associated with the .[.messages assigned standard priority level.]. .Iadd.second message .Iaddend.is one unit.

11. The method of claim 8, wherein the initial value is incremented by one unit.

12. The method of claim 8, wherein the initial value is incremented by a value corresponding to a duration for processing a last processed message.

13. The method of claim 9, wherein the initial value is decremented by a value corresponding to a duration for processing a last processed message.

14. The method of claim 4, wherein the value associated with the specific message is equal to a remaining time (RT), and wherein the remaining time equals:
RT=TV−AWT wherein TV is the threshold value; and AWT is an actual duration spent by the specific message in a memory cooperating with the security module.

15. A system comprising: at least one processor; and memory encoding computer executable instructions that, when executed by the at least one processor, perform a method comprising: receiving.[.a plurality of messages.]..Iadd., .Iaddend.by a security module comprising at least one conditional access module .[.(CAK).]. and a processing module, .[.wherein the plurality of messages are classified as.]. .Iadd.a first message .Iaddend.belonging to .[.at least one of.]. a first category and .Iadd.a second message belonging to .Iaddend.a second category.Iadd., wherein the first category is different from the second category.Iaddend.; assigning a .[.different.]. .Iadd.high .Iaddend.priority level to .[.individual messages of the plurality of messages based at least upon the classification, wherein messages classified as belonging to the first category are assigned a high priority level, and messages classified as belonging to the second category are assigned a standard priority level.]. .Iadd.the first message and a standard priority level to the second message.Iaddend.; associating at least one value with .[.at least one of messages assigned the standard priority level.]. .Iadd.the second message.Iaddend., wherein the at least one value is generated based at least upon a predefined rule; determining a threshold value for the .[.messages assigned the standard priority level.]. .Iadd.second message.Iaddend.; when the at least one value associated with the .[.messages assigned the standard priority level does not exceed.]. .Iadd.second message is equal to or less than .Iaddend.the threshold value: processing the .[.plurality of messages.]. .Iadd.first message and the second message .Iaddend.according to their priority level such that .[.a.]. .Iadd.the .Iaddend.first message .[.assigned the high priority level.]. is processed before the .[.messages assigned the standard priority level.]. .Iadd.second message.Iaddend.; and changing the at least one value associated with the .[.messages assigned the standard priority level.]. .Iadd.second message .Iaddend.according to the predefined rule; and when the at least one value associated with the .[.messages assigned the standard priority level.]. .Iadd.second message .Iaddend.exceeds the threshold value: processing .[.a.]. .Iadd.the .Iaddend.second message .[.assigned standard priority level.]. before processing the .[.messages assigned to the high priority level.]. .Iadd.first message.Iaddend.; and changing the at least one value associated with the .[.messages assigned the standard priority level.]. .Iadd.second message .Iaddend.according to the predefined rule.

16. The system of claim 15, wherein the predefined rule comprises assigning an initial value during the reception of a message and modifying the initial value associated with the message after processing .[.each message of the plurality of messages.]. .Iadd.the first message and the second message.Iaddend..

17. The system of claim 16, wherein modifying the initial value associated with the message comprises incrementing the initial value.

18. The system of claim 16, wherein modifying the initial value associated the message comprises decrementing the initial value.

19. The system of claim 17, wherein the initial value is incremented by a value corresponding to a duration for processing a last processed message.

20. The system of claim 18, wherein the initial value is decremented by a value corresponding to a duration for processing a last processed message.

21. A receiver .Iadd.multimedia unit .Iaddend.comprising: .Iadd.a receiver, the receiver being configured to receive one or more streams of encrypted content; .Iaddend. at least one processor; and memory encoding computer executable instructions that, when executed by the at least one processor, .[.perform a method.]. .Iadd.cause the processor to perform operations .Iaddend.comprising: .[.receiving a plurality of messages.]. .Iadd.receive .Iaddend.by a security module comprising at least one conditional access module .[.(CAK).]. and a processing module, .[.wherein the plurality of messages are classified as.]. .Iadd.a first message .Iaddend.belonging to .[.at least one of.]. a first category and .Iadd.a second message belonging to .Iaddend.a second category.Iadd., wherein the first category is different from the second category, and wherein the first message and the second message are associated with at least one stream of the one or more streams of encrypted content.Iaddend.; .[.assigning.]. .Iadd.assign .Iaddend.a .[.different.]. .Iadd.high .Iaddend.priority level to .[.individual messages of the plurality of messages based at least upon the classification, wherein messages classified as belonging to the first category are assigned a high priority level, and messages classified as belonging to the second category are assigned a standard priority level.]. .Iadd.the first message and a standard priority level to the second message.Iaddend.; .[.associating.]. .Iadd.associate .Iaddend.at least one value with .[.at least one of the messages assigned the standard priority level.]. .Iadd.the second message.Iaddend., wherein the at least one value is generated based at least upon a predefined rule; .[.determining.]. .Iadd.determine .Iaddend.a threshold value for the .[.messages assigned the standard priority level.]. .Iadd.second message.Iaddend.; when the at least one value associated with the .[.messages assigned the standard priority level does not exceed.]. .Iadd.second message is equal to or less than .Iaddend.the threshold value: .[.processing.]. .Iadd.process .Iaddend.the .[.plurality of messages.]. .Iadd.first message and the second message .Iaddend.according to their priority level such that .[.a.]. .Iadd.the .Iaddend.first message .[.assigned the high priority level.]. is processed before the .[.messages assigned the standard priority level.]. .Iadd.second message.Iaddend.; and .[.changing.]. .Iadd.change .Iaddend.the at least one value associated with the .[.messages assigned the standard priority level.]. .Iadd.second message .Iaddend.according to the predefined rule; and when the at least one value associated with the .[.messages assigned the standard priority level.]. .Iadd.second message .Iaddend.exceeds the threshold value: .[.processing a.]. .Iadd.process the .Iaddend.second message .[.assigned standard priority level.]. before processing the .[.messages assigned to the high priority level.]. .Iadd.first message.Iaddend.; and .[.changing.]. .Iadd.change .Iaddend.the at least one value associated with the .[.messages assigned the standard priority level.]. .Iadd.second message .Iaddend.according to the predefined rule.

Description

BRIEF DESCRIPTION OF THE DRAWINGS

(1) The present invention and its advantages will be better understood with reference to the enclosed drawings and to the detailed description of particular embodiments, wherein:

(2) FIGS. 1a to 1e show a first embodiment of the invention;

(3) FIGS. 2a to 2g show a second example of management of messages according to this invention;

(4) FIGS. 3a to 3g illustrates a third example of an execution of a method according to the invention;

(5) FIGS. 4a to 4h illustrates a fourth example of an execution of a method according to the invention;

(6) FIGS. 5a to 5d illustrates a fifth example of an execution of a method according to the invention; and

(7) FIGS. 6a and 6b disclose a sixth example of a way in which a method according to the invention may be carried out.

MODES FOR CARRYING OUT THE INVENTION

(8) The present invention relates to a method for processing messages intended for Pay-TV, in particular for control messages containing at least one control word (CW Control Word) allowing the decryption of encrypted content and accordingly, the visualization of conditional access content. The method of the invention also enables processing other types of messages such as management messages (EMM; Entitlement Management Messages), impulsive management messages (IEMM, Impulsive Entitlement Management Messages), used in particular for purchasing products, or even other types of messages.

(9) This processing method is implemented in a security module comprising a conditional access module and a processing module, this security module being part of a multimedia unit. The multimedia unit or its receiver portion receives a stream of encrypted content. The security module receives a stream of control messages ECM from the receiver. This security module is in particular in charge of the processing of the control messages received, the process involving the verification of the access rights, and if the access rights are present and valid, the decryption of the message so as to extract the control word(s). When a control word is decrypted, it is transmitted to a descrambling module of the decoder that uses this control word to decrypt the content and to display it in order to be viewed.

(10) FIGS. 1 to 6 schematically illustrate a security module SC comprising at least a memory and a processing unit. The memory can be unique and can comprise several areas, each corresponding to different memorized data. It is also possible to provide several memories, each of them storing different data. A combination of both variants is also possible. In the following description, it is assumed that the security module comprises a single memory, divided into several areas. According to a variant, the functions of the security module can be carried out by an application. In this case, the security module cooperates with a memory which is not part of this security module.

(11) In FIGS. 1 to 4, three memory areas are associated with control messages, each zone of the memory corresponding to a different priority level. A fourth zone of the memory corresponds to a counter whose function is explained in more detail below.

(12) In the example illustrated by FIG. 1, the security module is responsible for processing messages corresponding to several channels referred to as A, B, C, D, E, G and H.

(13) Three priority levels are associated with the control messages. These levels are referred to as 1st for the highest priority level, as 2nd for the medium priority level and as Std for the lowest priority level.

(14) The lowest priority level, referred to as Std, is called standard level. The priority level referred to as 1st corresponds to a high priority and the priority level referred to as 2nd corresponds to a medium priority. The priority levels different from standard level, i.e., in this example, the high and medium levels, only receive first control messages for a specific channel. A first message is the first message that arrives when the conditions just change. Such a first message arrives in particular when the user has changed the channel.

(15) In cases in which the system receives messages corresponding to predictive channels, a first message will be sent for the channel to which the user is connected to, as well as on predictive channels linked to this new channel viewed by the user. These first messages are all memorized in memories associated with the high (1st) and medium (2nd) security levels. More specifically, the first message corresponding to the channel to which the user has just switched is usually stored in the memory area associated with the high priority level and the first messages corresponding to the predictive channels are usually stored in the memory area associated with the medium priority level. When the security module receives following messages for these channels, these messages different from the first messages are memorized in a memory area corresponding to a standard priority level. In the embodiments illustrated by FIGS. 1 to 4, the messages are memorized in a chronological order, the most recent messages being illustrated on the right portion of the figures and the oldest messages in the left portion.

(16) The following description is made on the basis of the examples shown by FIGS. 1 to 6. It is clear that these examples are used to help understanding the principle of the invention, but that they are not limitative.

(17) In these figures, the reference SC corresponds to the security module and more specifically to the processing module which is in charge of the processing of the control messages. The character found under the reference SC corresponds to the channel for which a message is being processed. The horizontal lines correspond to a priority level, a determined priority level can be associated with a memory area in which the messages are stored before processing. These messages are processed, for each horizontal line, according to the First In First Out principle, the first message stored, i.e., the one shown on the left in the figures, being processed first.

(18) In the state shown in FIG. 1a, showing the initial state of the security module SC, the processing module processes the message corresponding to a channel referred to as A. The memory of the standard priority level Std of the security module contains a message B corresponding to a first channel, a message corresponding to a second channel referred to as C, a message corresponding to a third channel referred to as D and a message corresponding to a fourth channel referred to as E.

(19) The messages located in this memory area and corresponding to the standard priority level, are not first messages. The value of the message counter for channel B is 2, this value being defined as follows. A message (A) has been processed since the reception of the message B by the security module. The number of messages processed is equal to 1. The rank of the message B in the memory corresponding to the standard level is 1 as this is the first message of the queue corresponding to this priority level. The value associated with the message B is equal to the sum of these two values, 1+1=2.

(20) The message of channel C is associated with the value 3 that corresponds to the sum of 1 (number of messages processed from the reception of message C) and 2 (rank of the message C in the standard level memory). The message of channel D is associated with the value 4 and the message E of channel E is associated with the value 5.

(21) A counter threshold value is also set. The latter is for instance equal to 5 in the example used. This value is known to the security module and/or to the processing module.

(22) Let us assume that the user switches from channel D to channel G. The first message from channel G is located in the memory corresponding to the high priority. The channel H being a predictive channel (on which the user is very likely to switch), the first message for this channel is stored in the memory corresponding to the medium priority level. Since messages referred to as D, that correspond to the channel previously viewed by the user, as well as E that was a predictive channel, are no more useful, the corresponding messages are deleted. This is shown by FIG. 1b.

(23) In FIG. 1c, the message G corresponding to the highest priority is processed by the processing module. When the processing module has processed a message, the counter value is changed according to a pre-established rule. In the examples of FIGS. 1 to 4, this pre-established rule consists in increasing the counter value for one unit for each message processed. As a message has been processed, the counter value associated with the standard priority level messages is incremented by 1, which results in a value of 3 for the message B corresponding to channel B and of 4 for the message C of channel C.

(24) In the situation corresponding to FIG. 1d, the message of channel H is processed in the processing module. The counter value for the message B of channel B is incremented by 1, which results in a value of 4. In a similar way, the value for channel C reaches 5. As these values are lower or equal to the threshold value (5), the conventional processing will continue.

(25) In the step corresponding to FIG. 1e, since the memory areas corresponding to high and medium priority levels are void, the first message of the memory of standard level Std, i.e., B, is processed and the message processing will continue in a conventional way.

(26) In the example disclosed by FIGS. 2a to 2g, the initial situation is identical to that shown by FIG. 1. The user switches from channel D to channel E that was a predictive channel. In this case, F becomes a new predictive channel and the first message from channel F is stored in the memory corresponding to the medium priority level (2nd). This is shown by FIG. 2b. The user thus switches on channel F, the channel G becoming a predictive channel. The first message from channel G is stored in the memory corresponding to the medium priority level 2nd while the processing module processes the message from channel F. The counter value associated with the messages of standard level Std is incremented due to the fact that the message F has been processed. This value becomes 3 for B, 4 for C and 5 for E. This can be seen on FIG. 2c.

(27) In FIG. 2d, the user switches from channel F to G, the channel H becoming a predictive channel. The message G is processed and the counter value for B and C respectively increases to 4 and 5.

(28) The user thus switches on channel H and receives a message corresponding to the channel I as the predictive channel. This is illustrated by FIG. 2e. The message I is stored in the memory corresponding to the medium priority level 2nd and the counter values are incremented in order to set B to 5 and C to 6. The threshold value being 5 and the counter value for C being higher than this threshold value, the first message of the memory corresponding to the standard level Std is processed, before the message I corresponding to a higher priority level compared to the standard level. The message B will thus be processed in the processing module. The counter value for the message C will remain higher than the threshold value. Thereby, the message C will be processed in the processing module, before the message I corresponding to the medium security level. This is illustrated on FIGS. 2e and 2f.

(29) In FIG. 2g, the standard level no longer contains messages associated with a counter value higher than the threshold value. The message having the highest security level, in this case I, can thus be processed in the processing module.

(30) The fact that a message from the standard priority level has a higher value than the threshold value results in initiating the processing of a standard priority level message, before processing a higher priority level message. It should be noted that the message having initiated the change of priority is not necessarily the message processed, but the first message of the queue or of the memory area corresponding to the standard level. In the example shown on FIG. 2e, the fact that the counter value associated to a message C is higher than the threshold value results in modifying the priority order. However, the following message processed is the message B, associated with a value equal to the threshold value, and not the message C, associated with a higher value and having initiated the change of priority.

(31) In the embodiment shown in FIGS. 3a to 3g, two users share the same security module. The second user switches from channel D to channel G while the first user switches from channel A to channel K. The first message from channel G is stored in the memory corresponding to the high level while the message corresponding to the predictive channel H is stored in the memory corresponding to the medium level. This is shown on FIG. 3b. The message from channel K is then stored in the memory corresponding to the high level while the message G is processed by the processing module. This corresponds to FIG. 3c. The counter value for the message C is increased and the messages having the highest priority level are processed. These messages are K, H and L in that order. This corresponds to FIGS. 3d and 3e. When these messages have been processed, as illustrated by FIG. 3f, the counter value for C is equal to 6, which is higher than the threshold value. The first message having a standard priority level, herein the message C, will thus be processed as a priority, before the message M having a higher priority level. This is shown in FIG. 3g.

(32) In the embodiment illustrated by FIGS. 4a to 4h, the user unit receives messages for allowing to achieve a mosaic. These messages correspond to the channels K, L and M. As disclosed by FIGS. 4b to 4e, the messages K, L and M are processed before the counter value for the messages f the standard level exceeds the threshold value. This threshold value is exceeded after processing the message M shown in FIG. 4e. When the security module receives a new message N, having a medium priority level, the latter is put on hold in order to allow the previous processing of the messages C and D corresponding to the standard priority level. This is due to the fact that the counter value has exceeded the threshold value for one of the messages of the standard priority level. The processing of the message N is achieved after processing the messages of the standard priority level.

(33) In the embodiment illustrated by FIG. 5, the configuration of the security module is slightly different from that of the modules of the previous embodiments. The memory contains two priority levels, one of them corresponding to a high level, referred to as 1st and the other corresponding to a lower level, referred to as Std. and called standard level. The medium priority level present in the embodiments of FIGS. 1 to 4 is thus absent in this embodiment. The counter contains durations and the incrementation of the counter is not performed by steps of one unit, but depends on a duration of the processing of the messages, as it is explained below.

(34) The security module contains means for determining a duration. These means can be a clock and means for determining the moment between the beginning and the end of a message processing. These means for determining a duration can further comprise a clock external to the security module, said clock transmitting time or durations to the security module. A way to determine a duration comprises adding a time stamp to each message.

(35) In reference to FIGS. 5a to 5d, the messages having a standard priority level are no more associated with an integer depending on their place in a queue, such as in the previous examples, but rather to a duration. More specifically, each message is associated to the storage period in the memory, or in other words, to the duration between the moment when this message has been stored in the memory of the security module and the current time, this current time corresponding to the moment when the security module verifies which is the next message to be processed. This duration is determined just after having finished to process a message.

(36) The threshold value is no longer, as in embodiments shown in FIGS. 1 to 4, a “small” integer related to a number of priority messages that it is possible to process before a standard level message, without causing any problem. In the embodiment of FIG. 5, as in that of FIG. 6, the threshold value is related to a duration. In the examples disclosed, this duration is measured in milliseconds. The latter could be measured in a different unit, for instance in seconds or in an arbitrary time unit. The duration could also be measured in a value that depends on a duration, for instance a number of pulses, as far as these pulses are delivered at a regular interval.

(37) In the example of FIG. 5, let us assume that the messages of standard priority level are all associated to a same threshold value TV that has been set to 3000 ms. This threshold value depends on the cryptoperiod and on the number of channels for which messages can be sent during this cryptoperiod. In the example of FIG. 5a, for each standard priority level message, the corresponding cell in the row referred to as AWT indicates the time value associated to this message. This time value corresponds to the actual waiting time, or in other words, to the time that the message has spent in the memory. The message B1 is for instance associated to the value 2800 ms, which means that this message has been stored 2800 ms ago. The message C1 is associated with the value 2000 ms and the value of the message B2 is of 500 ms. The message C2 is associated with the value 0, which means that it has just been stored by the security module memory.

(38) As in the previous embodiments, the value associated with the messages stored in the memory of the security module is compared to the threshold value. According to an advantageous embodiment, the messages are stored in the form of a queue in an order corresponding to a decreasing AWT actual waiting time. It is therefore sufficient to compare the AWT value of the first message of the queue with the threshold value. According to a variant, it is also possible to compare the threshold value with the values associated with all the messages.

(39) In the example disclosed in FIG. 5a, the highest value associated with a message is 2800 ms for the message B1. This value is lower than the threshold value which is of 3,000 ms. In this case, the messages are processed depending on their priority level. The message having the highest priority level and the oldest message stored in the memory of the security module is the message G. The latter is processed in a conventional way.

(40) FIG. 5b shows the state of the memory after processing the message G, assuming that the process for this message has lasted 220 ms. The value associated with each standard priority level message is modified according to a predefined rule, the rule consisting in the present case, of adding the actual processing time of the previous message, which would mean measuring the actual waiting time AWT for each message. According to this example, a duration of 220 ms is thus added to each AWT value associated with the different messages of standard priority level. The value associated with the message B1 is of 2800+220=3020 ms. The value assigned to the message C1 is 2220 ms; it is 720 ms for the message B2 and 220 ms for the message C2.

(41) The highest value, herein of 3020 ms, is compared to the threshold value, which has been set to 3000 ms. Since this threshold value has been exceeded, the message B1 is processed as a priority, before processing the message H which has a higher priority level. The processing for this message B1 is shown in FIG. 5c.

(42) Let us assume that this process has lasted 200 ms. A value of 200 ms is then added to the value associated with each standard priority level message.

(43) The new values associated with standard priority level messages are therefore 2420 for C1, 920 for B2 and 420 for C2. Since none of these values exceed the threshold value, the “normal” priority is respected, which means that the oldest message, having the highest priority level is processed. This message is the message referred to as H in the example shown in FIG. 5d. This embodiment has the advantage of taking into account the real time that each message of standard level has spent in the memory of the security module.

(44) In the embodiments previously described, the threshold value was common to all messages having the standard priority level. In the embodiment shown in FIG. 6, on the contrary, a different threshold value can be assigned to different messages. This allows in particular to manage messages for channels having different cryptoperiods.

(45) For this purpose, the memory of the security module comprises different memory areas. The security module comprises, as in the embodiment disclosed in FIG. 5, a memory area intended to receive the messages of high priority level (1st) and a memory area for storing the actual waiting time AWT. In addition to this, it comprises an incremental counter arranged to memorize the position of each message in the queue. This counter is referred to as Rg on FIG. 6.

(46) The security module further comprises a memory area intended to store an estimated waiting time EWT, another memory area for storing the threshold value and finally a memory for storing the remaining time RT, this remaining time being defined as the difference between the threshold value TV and the actual waiting time AWT.

(47) As shown in FIG. 6b, some messages (E2, E3, E4) have a first threshold value which is of 3000 ms in this example, while the message F2 has another threshold value, herein of 2000 ms. This threshold value is stored with each message. The parameters related to a same message are represented in the same column in FIGS. 6a and 6b. In this embodiment, the threshold value is contained in the ECM message itself, preferably in a plain text part of this message. In this way, the threshold value can be extracted from the control message ECM before having decrypted this message.

(48) As it is disclosed in FIG. 6a, each message is associated with an actual waiting time AWT, a threshold value TV and an estimated waiting time. This estimated waiting time depends on the actual waiting time AWT and on a rank of a message in the queue, this rank being given by the value of the incremental counter for this message. Furthermore it depends on a theoretical processing time P′. According to a first embodiment, this theoretical processing time is the maximum duration necessary for processing a control message. According to a second embodiment, the theoretical processing time is an average of the actual processing times on a certain number of messages, for instance the last 16 messages. In the example of FIG. 6, this maximum processing time is of 250 ms. This maximum processing time essentially depends on the processing capacities of the security module.

(49) The estimated waiting time EWT is equal to the actual waiting time AWT for the first message from the queue of messages of the standard priority level. For each following message from this queue, a duration corresponding to the theoretical processing time is added. The estimated processing time can be obtained by the following formula:
AWT=EWT+P′(Rk−1)
where Rk is the rank of the message in the queue.

(50) In FIG. 6a, we thus have AWT=920+1.Math.250=1170 for E3 and 420+2.Math.250=920 for E4.

(51) Finally, a last value is associated with each message, this value corresponding to the remaining time RT before reaching the threshold value TV. This remaining time is calculated by the difference between the threshold value TV and the actual waiting time AWT. For the message E2, we have TR=3000−2420=580 ms; we have 3000−920=2080 ms for E3 and 3000−420=2580 ms for E4.

(52) In the previous embodiments, the messages of a given priority level are processed according to the FIFO principle (First In First Out). A message of a given priority level received by the security module is stored at the end of the message queue of this priority level.

(53) In the embodiment disclosed in FIGS. 6a and 6b, the messages of the standard security level are classified according to a crescent order of remaining times RT. Thus, in the example disclosed in FIG. 6b, the message F2 has a threshold value of 2000 ms. At the moment of its reception by the security module, the remaining time is equal to the threshold value, i.e., of 2000 ms. This remaining time is smaller than the remaining time for the messages E3 and E4. The message F2 is introduced between the message E2 and the message E3, so as to be processed after the message E2, but before the message E3. This method allows to better take into account processing requirements for each single message. In particular, this allows to take into account that the messages can be associated with cryptoperiods having different durations.

(54) In the embodiment disclosed in FIG. 6, at the end of each message processing, the values of the different parameters of messages of standard priority level are recalculated. The minimal remaining time is determined. If no message having a priority level higher than the standard level is awaiting to be processed, the message having the shortest remaining time is processed. If the minimal remaining time for a message is smaller than the threshold value, for instance zero, the message associated with this negative remaining time is processed as a priority, i.e., before any message of higher priority level. If the minimal remaining time is positive or null and if at least one message having a priority level higher than the standard level is awaiting to be processed, the normal priority is respected, namely the oldest message among the messages having the highest priority level is processed first.

(55) It is of course possible to set a threshold value to a positive number, for instance of 300 ms and to change the processing order when the remaining time falls below this threshold value of 300 ms. This avoids, in most situations, to manage a negative time value.

(56) The remaining time RT is calculated as being the difference between the threshold value TV and the actual waiting time AWT in the embodiment of FIG. 6.

(57) According to a variant, it is also possible to calculate the waiting time, not using the actual waiting time, but rather the estimated waiting time. The result will be RT=TV−EWT. The estimated waiting time EWT value is calculated as in the embodiment of FIG. 5, with EWT=AWT+P′ (Rk−1).

(58) The present invention allows to ensure that the standard messages, i.e., other messages than the first messages for a given channel, are processed sufficiently early in order to provide to the user the access to the conditional access content in a continuous way. It also allows to manage messages coming from sources using the different cryptoperiods.

(59) The present invention has been described essentially with examples using two or three priority levels and the control messages ECM. It is possible to provide a much higher number of priority level, for instance until 256, and to process, according to the same method, a combination of control messages, management messages and other messages.