1. Field of the Invention
The present invention relates generally to systems and methods for securely providing media programs to consumers, and in particular to a system and method for providing such media programs using multiple, customizable and field alterable security profiles for use with hardware constrained devices.
2. Description of the Related Art
The provisioning of information such as media programs to remote consumers is well known in the art. Such provision may be accomplished via terrestrial or satellite broadcast, cable, closed circuit, or Internet transmission to consumer electronics (CE) devices at the consumer's home or office.
A common problem associated with such transmission is assuring that the reception and decryption of such information is limited to authorized end-users. This problem can be solved via the use of encryption and decryption operations performed by devices with appropriate security functionality. For example, it is well known to encrypt media programs before transmission to CE devices with electronics and processing that permits the encrypted media programs to be decrypted and presented to only authorized users.
To implement this functionality, the CE products typically include keys, software, and other data. Since such data is of value to unauthorized users as well, CE companies and content providers need a way to protect this valuable information.
Typically, this has required the production of CE devices with special integrated circuits, such as System on Chips (SoC), with security features enabled and information needed to perform the security functions loaded into SoC memory. Such SoCs also comprise the primary Central Processing Unit (CPU) of the CE device (which may also include secondary processors, security processors, custom ASICSs, etc.), Trusted Execution Environments (TEEs), or other SoC devices that perform the processing of commands within a CE device such as a set top box (STB), integrated receiver/decoder (IRD) or a smart television.
Conditional Access System (CAS) and Digital Rights Management (DRM) providers provide content protection schemes to secure broadcast and broadband content. Problems may occur when the new services are offered by content providers or alternate distribution mechanisms are utilized, because the fielded CE devices may not have sufficient hardware resources (e.g. memory, processing speed or functionality) to support the desired CAS/DRM system, particularly if the CE device is asked to support multiple independent CAS/DRM systems.
SoCs may be programmed with data or instructions on a “one time” basis. So programmed, such data (known as one time programmed (OTP) data) cannot be altered or changed. While it is possible to OTP program a SoC to support an adequate hardware root of trust for tens, hundreds or thousands of independent CAS/DRM systems that must reside in the CE device at one time, this would make any such SoC less cost competitive to manufacture when compared to other designs. Further, it is extremely expensive to design, manufacturer and distribute such CE devices, even without such expanded OTP programmable capabilities. Significant savings can be achieved if a content provider, CE device manufacturer or broadcaster can extend the use of existing CE devices and their SoCs by adding and/or replacing the CAS/DRM providers used with fielded CE devices (e.g. CE devices that are distributed to or in use by customers).
What is needed is a system and method for providing a security infrastructure that permits the programming of limited hardware resources that can accept newly downloaded applications and securely support a very large number of services offered by content providers each have the potential to utilize their own independent CAS/DRM system. Such a device would permit the CE device owner to consume content from a variety of sources and enable switching among different and existing CAS/DRM security profiles as required by the content provider applications loaded in CE devices. A system and method satisfying that need is presented below.