This invention relates generally to communication networks and, more particularly a key distribution system for a broadcast network.
Modern communications systems may include a type of delivery service known as “broadcast” addressing wherein a single source node broadcasts information or messages (i.e. data) to multiple receiver nodes by sending a single instance of the data or message. This type of service uses efficient addressing mechanisms to deliver a single delivery instance of the data to multiple receiver nodes using minimal system resources or bandwidth. Broadcast addressing is achieved by using a special code in the address filed of message (or data packet). The originator, or source, of the data may desire to use this efficient broadcast addressing mechanism to deliver the data, but still be able to control access to the data such that only authorized receiver nodes may interpret the data. A common method to control access to data is to encrypt the data at its source. Only receiver nodes possessing the correct key to decrypt the data are able to interpret the data, and access is thus controlled.
Some broadcast systems also support a subset transmission mode referred to as “multicast” addressing wherein the transmission is to a subset of the machines on a network.
FIG. 1 shows a typical communication system. Network 100 may comprise Broadcast Server(s) 110 as a single source node, Database 115 coupled to Broadcast Server(s) 110, Internet 120 to which broadcast service is coupled. Network 100 also comprise various receiver nodes such as: Mobile Switching Center (MSC) 130 which is coupled to a plurality of Base Stations 150, each Base Station 150 may be in wireless communication with a plurality of Mobile Stations 160. A plurality of MSCs and their associated Base Stations made form a host cellular network. Other nodes may include Network Access Point 190, which may be a server, gateway, bridge, or router providing access to the Internet for various devices 195. Another node to Network 100 may be a Public Service Telephone Network (PSTN) 170 which may provide an access point for various telephonic devices 180.
In a dynamic environment, a problem exists to efficiently maintain the list of authorized receiver nodes (those nodes having the correct key). Of particular interest is the ability to update the list of authorized receiver nodes (add or delete members) without impacting the entire population of authorized receiver nodes.
For example, a news delivery service might wish to deliver news headlines on a periodic basis to authorized receiver nodes who have negotiated a subscription. In this case, the news delivery service (or source of the data) would encrypt the data so that interpretation of the data is limited to those receiver nodes who have negotiated a subscription (and therefore have been provided with the key to the data). When additional receiver nodes acquire a subscription, these nodes must be provided access to the data (or decryption key) without disturbing the access of other receiver nodes. Also, when a receiver nodes' subscription is no longer valid, the capability must exist to discontinue the receiver nodes' access to the data (or decryption key) without disturbing the access of other receiver nodes.
Thus, there is a need to provide a bandwidth efficient distribution technique for a source of material to manage the broadcast of said material over a network to multiple users in a secure manner.