US2013103941A1PendingUtilityA1

Method for updating data in a security module

Assignee: CARREL XAVIERPriority: Jan 24, 2006Filed: Dec 11, 2012Published: Apr 25, 2013
Est. expiryJan 24, 2026(expired)· nominal 20-yr term from priority
G06F 21/12G06F 21/62H04N 21/235H04N 21/26291H04N 21/8166H04N 21/435H04N 21/6543H04N 7/165H04N 7/163H04N 21/4181H04N 21/4383H04N 7/1675H04N 21/4623H04N 21/26606
41
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

A method for updating operating data in a security module associated to a user unit for processing digital data broadcast in a transport stream, said unit being connected to a conditional access system transmitting, in said transport stream, to the security module a first stream comprising management messages includes: broadcasting a second stream of operating data patch messages, adding to the first stream of management messages, a trigger message to direct the security module to a conditional access system transmitting a second stream transporting suitable operating data patch messages if a current version of the operating data in the security module requires an update, updating the operating data of the concerned security module with the operating data patch messages from the second stream, directing the security module towards the conditional access system transmitting another stream based on an identifier of the conditional access system in the security module.

Claims

exact text as granted — not AI-modified
1 . A method for updating operating data in a security module associated to a user unit for processing digital data broadcast in a transport stream, said unit being connected to a conditional access system transmitting, in said transport stream, to the security module a first stream comprising management messages, said security module including an identifier of the conditional access system transmitting the first stream, said method comprising steps of:
 broadcasting at least one second stream of management messages configured as operating data patch messages comprising each at least a type code of the security module to be updated, an initial and a final version reference, and program data configured to update operating data in the security module,   adding to the first stream of management messages, a management message configured as a trigger message comprising at least the type code of the security module to update, a version information indicating whether said security module is up-to-date, and an identifier indicating to said security module the conditional access system transmitting a second stream transporting suitable operating data patch messages corresponding to the security module defined by the type code, wherein a correspondence table is defined that associates the identifier of the conditional access system to identifiers of the first and second streams transmitted by said conditional access system,   if a current version of the operating data in the security module requires an update, directing the security module towards the conditional access system transmitting the second stream transporting operating data patch messages designated by the identifier included in the trigger message and corresponding to the type of security module defined by the type code,   updating the operating data of the concerned security module related to the stream of operating data patch messages with the operating data patch messages from the second stream, and   directing the security module towards the conditional access system transmitting another stream being determined by the correspondence table with the identifier of the conditional access system.   
     
     
         2 . The method according to  claim 1 , wherein the security module is directed towards the conditional access system transmitting the first stream when updating of the operating data is terminated. 
     
     
         3 . The method according to  claim 1 , wherein the operating data patch messages form a chain, each operating data patch message further comprising an indication defining the position of the operating data patch message in the chain. 
     
     
         4 . The method according to  claim 3 , wherein the chain of operating data patch messages is followed by a management message configured as a switch message comprising at least the type code of the security module, a reference of a final version reached after updating and the identifier of the conditional access system transmitting the first stream or a further second stream, the security module being directed with the switch message towards the conditional access system transmitting the first stream or a further second stream being determined by the correspondence table with the identifier of the conditional access system. 
     
     
         5 . The method according to  claim 1 , wherein the trigger messages further comprise an identifier of the conditional access system transmitting the first or a further second stream, the correspondence table determining the first or the further second stream to which the security module is directed after updating the operating data. 
     
     
         6 . The method according to  claim 1 , wherein the security module is automatically directed towards the conditional access system transmitting the first or a second stream after updating the operating data. 
     
     
         7 . The method according to  claim 1 , wherein a new security module associated for the first time to a user unit is connected to a particular conditional access system transmitting a stream of trigger messages comprising at least one message allowing directing towards a conditional access system transmitting the second stream of operating data patch messages adapted to the type and to the version of the operating data of said security module. 
     
     
         8 . The method according to  claim 1 , wherein the operating data patch messages are transmitted grouped in one stream with a given identifier according to a family of types of security module. 
     
     
         9 . The method according to  claim 4 , wherein the operating data patch messages, the trigger messages and the switch messages comprise at least one code designating the family and a type of security module. 
     
     
         10 . The method according to  claim 1 , wherein the operating data patch messages of the second stream are transmitted to the security modules by positive addressing, the operating data patch messages comprising specific addresses or identifiers of individual security modules or a range of addresses or identifiers defining a group of security modules. 
     
     
         11 . The method according to  claim 1 , wherein the trigger messages of the first stream are transmitted by positive addressing, the trigger messages comprising specific addresses or identifiers of individual security modules or a range of addresses or identifiers defining a group of security modules. 
     
     
         12 . A conditional access system to which is connected at least one user unit for processing digital data broadcast in a transport stream, said unit being associated to a security module, the conditional access system being configured to transmit, in the transport stream, to the security module, a first stream of management messages, said security module including an identifier of the conditional access system transmitting the first stream, the conditional access system comprising hardware and software configured to update operating data of the security module by performing steps of:
 broadcasting at least one second stream of management messages configured as operating data patch messages, each operating data patch message comprising at least a type code of the security module to be updated, an initial and a final version reference, and program data suitable for updating the operating data of the security module,   adding to the first stream of management messages, a management message configured as a trigger message comprising at least the type code of the security module to update, a version information indicating whether said security module is up-to-date, and an identifier indicating to said security module the conditional access system transmitting a second stream transporting the suitable operating data patch messages corresponding to the security module defined by the type code, wherein a correspondence table is defined that associates the identifier of the conditional access system to identifiers of the first and second streams transmitted by said conditional access system,   if a current version of the operating data of the security module requires an update, directing the security module towards the conditional access system transmitting the second stream transporting operating data patch messages designated by the identifier included in the trigger message and corresponding to the type of security module defined by the type code,   updating the operating data of the concerned security module with the operating data patch messages from the second stream, and   directing the security module towards the conditional access system transmitting another stream being determined by the correspondence table with the identifier of the conditional access system.   
     
     
         13 . The conditional access system according to  claim 12  configured to direct the security module to the first stream when updating of the operating data is terminated. 
     
     
         14 . The conditional access system according to  claim 12 , wherein the operating data patch messages form a chain, each operating data patch message further comprising an indication defining the position of the operating data patch message in the chain. 
     
     
         15 . The conditional access system according to  claim 14 , wherein the chain of operating data patch messages is followed by a management message configured as a switch message comprising at least the type code of the security module, a reference of a final version reached after updating and the identifier of the conditional access system transmitting the first stream or a further second stream, the security module being directed with the switch message towards the conditional access system transmitting the first stream or a further second stream being determined by the correspondence table with the identifier of the conditional access system. 
     
     
         16 . The conditional access system according to  claim 12 , wherein the trigger messages further comprise an identifier of the conditional access system transmitting the first or a further second stream, the correspondence table determining the first or the further second stream to which direct the security module after updating the operating data. 
     
     
         17 . The conditional access system according to  claim 12 , wherein the operating data patch messages are transmitted grouped in one stream with a given identifier according to a family of types of security module. 
     
     
         18 . The conditional access according to  claim 14 , wherein the operating data patch messages, the trigger messages and the switch messages comprise at least one code designating a family and a type of security module. 
     
     
         19 . The conditional access system according to  claim 12 , wherein the operating data patch messages of the second stream are transmitted to the security modules by positive addressing, the operating data patch messages comprising specific addresses or identifiers of individual security modules or a range of addresses or identifiers defining a group of security modules. 
     
     
         20 . The conditional access system according to  claim 12 , wherein the trigger messages of the first stream are transmitted by positive addressing, the trigger messages comprising specific addresses or identifiers of individual security modules or a range of addresses or identifiers defining a group of security modules.

Join the waitlist — get patent alerts

Track US2013103941A1 — get alerts on status changes and closely related new filings.

We store only your email — no account needed. See our privacy policy.