1. Field of the Invention
This invention relates generally to the field of video distribution networks. In particular, this invention relates to secure video distribution networks.
2. Description of the Background Art
Security is an important issue for video distribution networks. Issues of security are particularly important with regards to the distribution of digital video.
Distribution of digital cable television channels currently follows a broadcast model in that the digital cable television channels are broadcast from the broadcast source to many subscriber stations at once. Security for the distribution of digital cable television channels also follows a broadcast model. A digital cable television channel is fully encrypted in real-time at the time of the broadcast from the broadcast source. Authorization keys allow subscribing users to decrypt and view the broadcast content. Such authorization keys must somehow, at sometime, be delivered to the subscribing users. It is not practical to deliver authorization keys at the same time that encrypted content is broadcast because verification of the delivery is difficult to do immediately and interactively using current cable television networks. Hence, delivery of the authorization keys occurs periodically on a time-based schedule, where the periodicity of the delivery is known as a time quantum or time epoch. The time epoch is typically related to the billing cycle (for example, monthly) for the cable television service.
Unlike distribution of digital cable television channels, distribution of digital video on-demand (VOD) follows a pointcast model in that the content is transmitted from a video server to each individual viewer. Due to the nature of pointcasting, a security scheme for digital VOD which is based on the model provided by security for cable television broadcasts would be impractical and expensive. First, fully encrypting the digital VOD in real-time every time the digital video is transmitted from the server to an individual viewer is quite expensive in both cost and space usage for encryption equipment. Second, having a time epoch correlated to the billing cycle of the digital VOD service (for example, monthly) is a scheduling scheme that may create security risks which inhibits optimal protection of the content.
The present invention solves the problems discussed above by selective and renewable encryption for secure distribution of digital video on-demand. Selective encryption is provided in a process which includes: determining whether a predetermined criterion is satisfied; setting a selective encryption status field if the predetermined criterion is satisfied; and encrypting an unencrypted payload to generate an encrypted payload, and constructing a packet with the encrypted payload, if the predetermined criterion is satisfied. The predetermined criterion may be one of several criteria, each of which reduce the required amount of encryption and decryption while maintaining a high level of security. Renewable encryption is provided in a process which includes: copying a first encrypted digital video program from a remote server to a video source; decrypting the first encrypted digital video program using a first key to generate an unencrypted digital video program; encrypting the unencrypted digital video program using a second key to generate a second encrypted digital video program; transmitting the second encrypted digital video program from the video source to the remote server; and deleting the first encrypted digital video program from the remote server.