Gabler Lexikon Logistik
5 stars based on
Technisches Gebiet der Erfindung Field of the Invention. The present invention relates generally to a method for providing authorization, authentication and access control from or to "executable code" or a "software object", the application code, operating systems and associated components e. Technischer Hintergrund der Erfindung Background of the Invention. More specifically, the MSOs want to have the ability to access control services and the associated use of software objects in set-top terminals.
A well-known attempt to address the authenticity of code objects for the PC environment, is the "Authenticode" capability from Microsoft. This product allows software vendors to obtain a wurde ein tier von intelligenz zu binaren optionen signature for published executable code Authenticode is a digital signature provided with only one signatory.
However, the code is using the private key which is not published was signed by Microsoft and is reviewed by the public key from Microsoft, which is bundled with the Authenticode verification code in the operating system.
While Authenticode provides digital signature protection for executable code, it does not means for determining the access requests and revenue generation purposes ready and is applicable only to executable code in the executable code for access control purposes.
A second known attempt to treat the control of Java applets "Java Security", which is intended to prevent applets from investigating files on a client system, modifying or discourage the use of network connections to bypass file security and data confidentiality measures however. As is the case with Authenticode Java Security does not provide authentication of any software objects, unless it is Java-based, nor does it provide the link with access requirements for access control and revenue generation purposes.
Although each of the products described above, tries to treat the protection and control of virtual objects in a PC environment against unauthorized use by a given set-top terminal, they do not completely treat the problems associated with the authorization, authentication and access control and thus do not provide an optimal solution that meets the requirements MSO-ready.
Zusammenfassung der Erfindung Summary of the Invention. Da Set Top Terminals bzw. As set-top terminals or decoder terminals require a computing environment for entertainment purposes by using downloadable software objects such operating systems, libraries, Java virtual machines, applications, applets, etc.
In accordance with the proposed concept not only the identity of each software object must be authenticated, but also the use of the MSO control via authorization permissions along with the control with which set-top terminal resources may use a given software object exposed. These measures complement those of the object validation and verification and ensure that software objects that have wurde ein tier von intelligenz zu binaren optionen been authenticated, not be used.
To the extent that how these measures are used, the set top problems is terminal no longer exposed, that are associated with objects that do not follow the safety design rules or in the worst case, which may be contaminated with a virus, it can be assumed from that that it can cause damage to the network of the MSO and the associated set-top terminals.
Aspekte der Erfindung sind in den begleitenden Zeichnungen festgelegt. Aspects of the invention are defined in the accompanying drawings. In a particular embodiment of the invention creates wurde ein tier von intelligenz zu binaren optionen method for providing authorization and access control software objects stored in digital set-top terminals, a fingerprint signature for each software object, each fingerprint associated with a service or level of service, encoding each link, and creates a link table which receives the information that was generated by the encoding step note that this table may consist of one or more link entries.
Additionally, the method sends the association table to the digital set-top terminal and also transmits a message to the digital set-top terminal, indicating what software objects the set-top terminal may use. Wenn jedoch das herunterzuladende Softwareobjekt oder das zu verwendende mit einer Servicestufe bzw. In ei Finally, the proposed method provides a system routine at the digital set-top terminal ready before downloading the object is taken to be called as soon as the software object is downloaded or optional, whenever the software object is to be used "called" or, if it executable code.
However, when the downloaded software object or to wurde ein tier von intelligenz zu binaren optionen used is associated with a service level or a service level for which the set-top terminal has been authorized, that is download or use of the object allowed. In accordance with yet another embodiment of the invention, the transmitted message further indicates which set-top terminal resources may use authorized software as a whole, the object or the set-top.
Yet a further advantage provided by another embodiment of the present invention is that that if the software object about to be invoked contains the correct fingerprint and authorization rights match the authorization requirements associated with the software object that method further determines whether the use of set-top terminal resource has been authorized.
In one embodiment, further, the method provides a wurde ein tier von intelligenz zu binaren optionen system routine at the digital set-top terminal wurde ein tier von intelligenz zu binaren optionen available, if it is determined that wurde ein tier von intelligenz zu binaren optionen use of a set-top has been requested Terminal resource, and the second system routine uses the transmitted messages to determine if the software object wurde ein tier von intelligenz zu binaren optionen requested set-top terminal may use resource.
In the case in which the resource as impulsautorisierbare resource authorized by linking them to a pulse level in the messagethe user is allowed to request an impulse authorization immediately of this resource and it is avoided that the subscriber user the must call customer service Center of the MSO for such an authorization.
Another advantageous feature of an embodiment of the invention is that if the software object to be used does not contain the correct fingerprint, the software object is not executed. Multisystem cable operators have to expand the access control capabilities, the ability to access software objects in set-top terminals, and to use them, which wurde ein tier von intelligenz zu binaren optionen able to download such objects and later to use these objects, if you download and their use is authorized and objects authentication check made to control.
Controlling access to a software object in accordance with one aspect of the invention consists of three parts. The first defines the access requests for a particular service and associated objects determined and the second sets the authorization rights for a particular set-top terminal firmly to these services and associated objects access.
The third provides additional identification information to allow the set-top terminal to authenticate the objects before they are used. The access requests can be considered as the lock and authorization rights can be considered as the key. And no parental control required if the authorization rights match the access rights, is the set-top terminal allows the service and the linked objects access. Es gibt zwei Nachrichtentypen, welche die Zugriffssteuerfunktion erleichtern.
There are two types of messages that facilitate the access control function. First, the Entitlement Control Message ECM delivers the Entitlement Control Structure ECS to be further explained below wurde ein tier von intelligenz zu binaren optionen contains the Entitlement Control Entry ECR also explained below for the associated objects and the authorization information lists required for program viewing or use of the object the objects is necessary.
The second message, the entitlement management message EMMprovides the permissions that have been purchased by a user or granted. Die Funktionen aller dieser Nachrichten werden unten detaillierter beschrieben. The functions of all of these messages are described in more detail below. In the following, an outline is provided, such as software objects are authorized to run off post authentication.
All software objects that are not authorized in this way and authenticated are not be able to be used by the set-top terminal. In the event that, keep all the preventive measures that are intended to unauthorized software objects from the set-top terminal, fail, this approach helps in capturing such applications and in preventing its use or performance.
In the digital set-top terminal, the use of all software objects including applications that are associated with a given service must be authorized by the access control system. The software object that is either specified at the request of the subscriber or MSO, has downloadable code or data that can be used in set-top terminal.
Als erstes, wie im Blockdiagramm von First, as in the block diagram of 1 1 dargestellt, verwendet eine Objektauthentifizierungssignatur eine Richtung bei shown, an object authentication signature uses a direction at OASD entweder einen nationalen Zugriffcontroller OASD either a national access controller NAC in dem nationalen Steuerszenario oder einen lokalen Zugriffscontroller NAC in the national control scenario or a Local Access Controller LAC im lokalen Steuerszenarioum mit einer Anzahl von Set Top Terminals LAC in local control scenario to a number of set-top terminals a a.
To interact and so on. Die Details der Wechselwirkungen von jedem dieser Vorrichtungen werden unten in Verbindung mit der detaillierten Beschreibung der Erfindung beschrieben. The details of the interactions of each of these devices will be described below in connection with the detailed description of the invention. For example, each software object that would like to place in this category of MSO, that is associated with access control, with a "fingerprint.
Note that the fingerprint can be a key or starting point for a key simply that could be encrypted by known means, or it could be a value which is derived from an original value by processing this as an image or otherwise ie, the fingerprint can object size, checksum, etc. This is performed after the software object is verified and validated either through inspection, testing, etc. The intent of the software verification and validation is to ensure that the design and implementation of the object of a predetermined set wurde ein tier von intelligenz zu binaren optionen rules and requirements follows that have been established for security purposes.
This can be carried out under contract with the MSO details of which are outside the scope of this application. The signature can be based on a unique object identifier which can MSO-specific or not and a cryptographic CRC of the object based and serves as a form of certification, for the software object itself is unique different conventional signature methods can be used, the details of which outside the scope of this application are.
If different software objects are associated with a service, anyone can be associated with a signature and a global signature for the entire software package will be provided whenever the authentication of this link is of higher degree desired. Where each fingerprint of each software object is then associated with a service level.
Das Gruppieren wird erzeugt, um die Steuerung des Benutzerzugriffs des Teilnehmerzugriffs auf diese Gruppe aus Diensten, basierend auf dem Teilnehmerprofil des MSO dh welche Dienste wurden von einem gegebenen Verbraucher abonniert zu erleichtern. The grouping is created to control user access subscriber access in this group of services based on the subscriber profile of the MSO ie which services were subscribed to by a given consumer easier.
In addition, can be stored on a server at the other end of the network while such authorization rights as opposed to storage in the set-top terminalwhere a set-top terminal can query its rights by communicating with the server in real time, it is typically advantageous within the set-top terminals to distribute this information for reasons of security, robustness, performance and minimizing effects of the failure of a single point. The authorization levels, for is authorized to the subscriber, are in a corresponding entitlement management message EMM routed detail in the description of 1 1Schritt step 50 50 beschrieben.
In a preferred embodiment of the invention there are two types of steps, the first one Subskriptionsstufe that with a service and corresponding objects is linked, which persists for a period of time and which is sold prior to actual use. It is understood by the skilled artisan that other uses, combinations or conditions on these two stages can be constructed. As previously mentioned, the OASD functionality can be embodied in a device independent software and hardwarewhich in turn would communicate with the AC or the DAC to get the access request assignments according to the stage for this object.
Diese eindeutige und geheime Codierung der ECS ist in Schritt The additional MSO specific signature takes the signature wurde ein tier von intelligenz zu binaren optionen a previously signed object a ie, the fingerprint or "digital signature" generated by the OASDand adds thereto a unique object identifier if an MSO-specific object identifier is required.
This unique and secret encoding of the ECS is wurde ein tier von intelligenz zu binaren optionen step 30 30 gezeigt. The ECS may contain the access requirements for the object and linked resources or it can be partitioned into two ECS's, one for the access requests for the object and for the resources.
The latter approach is typically a more appropriate approach, because the resource authorization is independent of a wurde ein tier von intelligenz zu binaren optionen object and is carried out wide on a set-top base.
However, any approach may be used ie, a combined ECS or two separate ECS's and has no impact on how the authorization steps are performed. The paid and free use period can resource constraints for example, assigned by this facility, as specified by the AC or the DAC which again can be specified via the billing system interface along with global set-top terminal.
Either way, the partitioning of the physical product should not alter the functional steps that are necessarily performed it may optimize these steps. Where the MSO collection of unique ECS's form a link table in the national or local download function Downloader is made available that is associated with the AC or the DAC and is downloaded to the digital set-top terminal either in its all or an entry at a time in an appropriate message if it is downloaded.
Whenever the Downioader downloading protected software objects, it provides the digital set-top terminal secret "software object fingerprint for the levels of service link" ECS is available, which was preferably encoded by known methods prior to transmission.
It is understood by those skilled in the art that this independence provides an additional security measure. The ECS in such an embodiment is piggybacked wurde ein tier von intelligenz zu binaren optionen on the downloaded object.
The set-top terminal examines the ECS to perform the authentication check. The set top wurde ein tier von intelligenz zu binaren optionen function loads the first NBytes the object down as indicated by the header information that accompanies the downloaded object displayed and ignores the behind drawn bytes that comprise the ECS.
However, the preferred embodiment described above is advantageous for the embodiment for two reasons: However, the preferred embodiment is not limited how the ECS may be forwarded, nor limited to the ECS to the type of message it specifies EMM or some other control message. The MSO then controls using the AC or the DAC both are HW and SW devicesvia parameter settings from the billing system and based on the customer profile access by the set top terminal to a specific service and a linked object or group of objects by using the aforementioned entitlement management messages EMMthe terminal specifically for this set top.
These messages also attach whether permitted in the set-top terminal to use the software object and can also specify which set-top terminal resources eg communication ports, printer port, keyboard, etc. Additionally, the AC or the DAC may selectively wurde ein tier von intelligenz zu binaren optionen an Impulse authorization tier and the setting via the same message forwarding to facilitate immediate authorization of the requested resource when the subscriber explicitly requests that the resource is to be authorized.
In the wurde ein tier von intelligenz zu binaren optionen where a resource is authorized as a impulsautorisierbare resource by associating this with a pulse level in the messagethe user ie, immediately request an impulse authorization of this resource, thereby preventing the subscriber user the MSO must call for such an authorization.
The access controller or DAC then sends the entitlement to the set-top terminal that is authorized to receive this service and linked objects again, these permissions are assigned in the previously described EMM. Wurde ein tier von intelligenz zu binaren optionen system routine is generated and made available on set-top terminal and is invoked whenever the set-top terminal authorization rights and the authenticity of the software objects associated with the requested service checks.
This system routine may be part of the core code BIOS in the set-top terminal. Sie kann ebenso innerhalb des Betriebssystems OS oder innerhalb von Middleware bereitgestellt werden. It can also be within the operating system OS or provided within middleware. If the operating system, such as the JVM is downloaded, the resident routine is called to check the authorization rights before downloading, and if this is the case, authenticate these objects after downloading.
Once the operating system is loaded, each subsequent object using that involves the operating system on the JVM, the equivalent authorization and authentication routine in the OS calls. Specifically, authenticates and authorizes the set-top terminal, a downloaded object using the EMM's and ECM's associated with a given set-top terminal and object.
The set top can authorization rights against the authorization requirements of the software object before downloading the object to be used when downloading the object or whenever the wurde ein tier von intelligenz zu binaren optionen check.
The following authorization checks are optional. In In 3 3 ist Schritt is step die Herunterladeanforderung. The use or the start of the object is allowed only if the verification is successful.
Der CA-Check wird erleichtert durch den sicheren Prozessor. The CA check is facilitated by the secure processor. In addition, a run-time feature can be implemented wherever the secure processor records the object term and its flow checked, starting for example with first use ie the first time, where wurde ein tier von intelligenz zu binaren optionen secure processor was involved in the authentication and authorization of the object.