Cable television systems are widely deployed for the distribution of television signals, and typically provide greater selection and quality of channel reception than can be received using traditional over-the-air broadcast antennas at the point-of-reception. The deployment of new cable technology, such as digital cable, provides more robust transmission and increased channel capacity, allows the offering of services such as selective subscription to premium channels and pay-per-view events. The offering of such services typically requires a set top box to decode and decrypt the digital signals, which are typically encoded using the MPEG-2 digital encoding standard. The cable operator typically provides the set top box to the cable subscriber for a monthly leasing fee.
The basic architecture for a cable system is illustrated in FIG. 1, which depicts the prior art and involves a cable headend 5 emanating multiplexed signals over a cable distribution network 6. The cable distribution network has evolved over time and was originally primarily a bifurcated tree architecture using coaxial cable (not shown). The cable distribution network has become more sophisticated, both in its architecture and technology, typically incorporating optical fiber transmission and multiplexing equipment based on an architecture involving interconnected ‘rings’ (not shown). Regardless of the architecture, the network can be logically depicted as providing connectivity between the cable headend where the signals originate and the cable set top box 7 where the signals are received.
The cable headend 5 contains various receivers, transmitters, optical terminations, multiplexing equipment, and transmission equipment. It also contains functions for encrypting signals, which will be discussed further. The cable headend is typically tightly ‘coupled’ with the provisioning/conditional access system 1b as represented by the dotted line 2. The provisioning/conditional access system functions closely with the cable headend in regard to enabling a particular subscriber to decode authorized channels. Thus, channel authorization for a subscriber requires coordination between the provisioning/conditional access system and the cable headend, specifically the integrated receiver transcoders (IRT) contained in the headend (not shown). The IRT is a component of the conditional access scheme and used to control dissemination of entitlement control messages (ECMs) which is a message conveying a key that authorizes access to a program. In some contexts, industry usage of the term “headend” encompasses both elements 1b, 5 indicated, but some distinction of functionality is maintained herein.
The cable set top box (“set top box” or “STB”) provides additional flexibility for the cable system operator to provide basic and premium services. For analog services, the STB may authorize access to, and descrambles, video programs. For basic and premium digital services, the STB decodes and decrypts the digital MPEG program signals that include encoded video and audio signals. The STB also provides a mechanism for the cable operator to selectively authorize reception of an individual channel (e.g., premium service) or a group of channels (e.g., basic service). The STB is used by the cable operator to selectively authorize other services, such as enabling the purchase of pay-per-view events or enabling an input/output port to connect to an external device. The STB typically incorporates specialized hardware and software employed for decrypting digital program data. The special hardware and software is typically embedded into the STB, but may be implemented on a removable circuit card. Once the program data is decrypted and decoded, it is then converted to a standard television signal that is typically transmitted over a coaxial cable 9 to a traditional analog television set 10 for viewing. With the advent of digital televisions, the decrypted data may be transmitted either in the clear or further encrypted in a digital format to the digital television or display monitor. The decryption techniques are typically based on sending periodic ECMs from the cable headend (specifically from the IRT) to the STB for decrypting digital video data. The keys are typically sent using another encryption key. As programs are broadcasted on channels over the cable distribution network 6, the STB can theoretically tune to any channel. However, by sending the entitlement management messages (EMMs) to a particular STB, the STB is able to decrypt the data only as authorized. Typically, a particular key authorizes viewing of only one channel. Other messages, containing channel maps, indicate how to locate a particular channel in the multiplexed data. Thus, without having the channel map or decryption key, a STB cannot effectively provide a program to the television. This is one embodiment of a common security scheme (a.k.a. conditional access scheme) to thwart theft of cable services (either basic or premium services) by the use of illegal set top boxes to receive services.
A cable subscriber may indicate their request to add service, such as a premium channel by telephoning a customer service representative (“agent”) 522 and verbally indicating their subscription request. The agent is in a call center and operates a computer 523 for provisioning the service. After obtaining the necessary information from the user, the agent 522 indicates the desired services 523 using a computer operatively connected to a billing system 1a and provisioning/conditional access system 1b. The billing system contains a database of ‘house records’, so called as the records are associated with a house or residential serving location. Each record includes the address, and information as to what services can be provided to that location. Typically, the cable network may have different service capabilities in different portions of the cable network, and thus not every serving location is able to receive the same services. For example, the cable network may serve several subdivisions of homes with a portion of the cable network that has been upgraded so as to provide additional channels to one subdivision, but not the other. If the house record indicates the location is currently receiving service, then the subscriber's name and service related information is provided. The records further indicate ‘outlet’ information that includes information as to how many and which type of set top boxes are present. Thus, any form of subscriber information or service related information is maintained by the billing system. This includes a subscriber's current service selections, past selections, payment related information, etc. Further, the billing system maintains information regarding various groupings of service offering (“service packages”) that are mapped to “billing codes.” The groupings of services associated with a service package are defined by various business rules by the cable operator. The business rules not only define which channels are associated with a service package, but information such as equipment requirements (e.g., required STB type or model number), billing aspects, and ancillary service aspects (e.g., use of a remote control, enabling a switched power outlet on the STB, enabling pay-per-view capabilities, etc.).
Each cable service package is mapped to a billing code (a.k.a. ‘billing handle’) and then mapped by the provisioning/conditional access system to one or more service tiers. A service tier is typically associated with authorizing a STB to decode a particular channel. Thus, ‘basic digital cable’ may have a single billing code that corresponds to a plurality of service tiers, where each service tier results in sending the STB the appropriate EMMs that authorizes the STB to decrypt the channels defined comprising basic digital cable. The provisioning/conditional access system receives the billing code along with the host address. The provisioning/conditional access system maps the billing code to one or more service tiers and communicates the appropriate EMMs to the STB, which in turn, enables the STB to decrypt the program. Thus, the provisioning/conditional access system has limited knowledge of service related information and typically does not have any subscriber level information.
Provisioning a service frequently involves adding a channel to an existing subscriber's services and uses a similar scheme as described above. Adding a premium channel can be accomplished by instructing the billing system 1a to add a billing code to the subscriber's service profile, which updates the billing associated with the subscriber. The billing system communicates the billing code and STB address to the provisioning/conditional access system 1b. The provisioning/conditional access system then communicates the service tier by sending the appropriate decryption keys via an EMM to the STB.
In some cases, provisioning a service may result in authorizing a subscriber's STB to decode and decrypt multiple channels. A billing code corresponding to ‘basic cable service’ may comprise, for example, 40 channels. The billing system contains business rules that defines the channels associated with the basic service package with the billing code, which in turn is mapped to 40 service tiers by the provisioning/conditional access system.
However, provisioning a service may also involve authorizing or configuring other capabilities as part of the overall service that are not associated a STB to decoding and decrypting a program. For example, cable system operators typically provide the STB access to program guide information. This can be accomplished by using the same scheme of communicating a service tier code to the STB using the above mentioned process or sending a specific command message understood by the STB. In the case of the use of a service tier, the service tier is associated with an application in the STB that enables access to programming guide information. In this example, there are no ECM messages sent as there is no programming data to decrypt. In other examples, the cable system operator may enable the use of a remote controller with the STB. The STB can be configured to recognize a controller by sending the STB a service tier code or a specific message. Thus, in some instances, when a billing code is conveyed for a service, (e.g., ‘basic cable service’), the provisioning/conditional access system may map this billing code to several service tiers. For example, the ‘basic cable service’ billing code not only typically authorizes various channels, but may configure the STB for using a remote controller and configure the STB for receiving program guide information. In other circumstances, a billing code may be mapped to only a single service tier code (e.g., adding a premium channel).
In addition the billing system 1a can instruct the provisioning/conditional access system to perform other actions involving the STB. The billing system can send commands or billing codes to the provisioning/conditional access system to effect various functions, including installing a particular STB, resetting a particular STB, downloading software, or polling a particular STB. Installation of a STB involves the provisioning/conditional access system storing information about a newly deployed (or soon to be deployed) STB. Typically, the STB is identified by an address, such as a MAC level address used in conjunction with the serial number of the conditional access module. Resetting a target STB instructs the provisioning/conditional access system to re-initialize parameters in a particular STB and potentially re-send decryption keys to the STB to authorize decoding of the appropriate channels. Downloading software to a host can be accomplished by sending a service code to the host, where the service code indicates the host should monitor a channel for updated software, and download it if it is a newer version than contained in the host. Finally, polling a STB is used to periodically collect information from the target STB, such as pay-per-view ordering information maintained in the memory of the conditional access module.
However, each of these commands or service codes must be recognized by the conditional access module and either acted upon by the conditional access module or passed by the conditional access module to the host.
In summary, provisioning existing cable services (‘legacy’ services) typically involves an agent interacting with the billing system to create or modify a subscriber's record to add or delete a billing code associated with an existing subscriber's billing record. The billing system maintains subscriber and service related information and sends a series of billing codes as appropriate along with the subscriber's host address to the provisioning/conditional access system. The provisioning/conditional access system is aware of whether a billing code is associated with authorizing a STB to receive a channel. The provisioning/conditional access system sends the service tier contained in an EMM to the STB via the cable headend. In this manner, the subscriber is provisioned for service. Other service related provisioning aspects may also require sending potentially proprietary commands to the STB. Thus, provisioning a cable subscriber in a legacy system typically involves sending a combination of proprietary messages to authorize, configure, and command the host.
In the previous example, the cable distribution network 6 provides a method for communicating messages to the STB, but not necessarily in the reverse direction. If there is no reverse channel communication, then this type of cable distribution network is called a one-way network. Users desiring to communicate with the network (e.g., requesting a service to be added) typically initiate communication with the network via a telephone call to a network agent. The agent then performs the appropriate provisioning actions. In other networks, a reverse communication path is provided for communicating information from the STB to the headend. Such two-way cable networks allow data conveyed from the STB to the cable headend, such as acknowledging receipt of data. Since the STB can signal to the cable headend using the cable distribution plant 6, two-way networks also allow greater flexibility in service offering. For example, early deployments of pay-per-view services on one-way networks relied on the telephone network for reporting subscriber usage data to the cable network to calculate the subscriber's billing charges. With deployment of two-way networks, pay-per-view subscribers with a configured STB can use the reverse path on the cable system to report monthly viewing usage data.
A STB that can signal in the reverse path on a two-way cable network is different than a STB designed for one-way communication. FIG. 2 illustrates one embodiment of the functional components in a prior art one-way STB 7. A tuner 20 receives the signal from the cable distribution network 3 and then a demodulator 22 provides the multiplexed digital video information. The signal is also processed by receiver 23 isolating out-of-band information, such as control messages or decryption keys. Both the out-of-band messages and the video information are sent to a Point of Deployment (“POD”) module 27 that may be implemented on a removable circuit board for processing incoming data. The POD module also performs decryption of the data. Alternatively, the POD functionality is implemented on circuitry embedded with other functionality in the STB. This is sometimes referred to as ‘embedded security.’ After decryption, the video information is demultiplexed by the demultiplexor 25, decoded, and then provided as an output signal to a television. This could be in a PAL format (common in Europe), NTSC format (common in the U.S.), or in a digital format, either encrypted or not (suitable for newer digital televisions or display monitors).
The POD 27 functionality interworks with the Host 8, and the two sets of functions together embody a typical STB 7. The POD-to-Host interface 21 is defined by an industry standard published by the Society of Cable Telecommunications Engineers in a document referenced as SCTE 28 2003 (formerly DVS 295). A standard POD-to-Host interface facilitates different host manufacturers developing host units. Heretofore, the STB has been referred to in a broad sense, but it is necessary to reference the host functionality distinct from the POD functionality.
The POD module contains security (encryption) related algorithms and decryption keys. Its distribution is carefully controlled by the manufacturer and cable system operator. These security techniques are called ‘conditional access’ schemes and are designed to deter theft of cable services as well as use of unauthorized STB units. Thus, the POD functionality is generically referred to as a ‘conditional access module’ herein. Other common industry terms for the POD include “CableCARD™” or “removable security module.” The host is typically considered the remaining functionality in the STB including the CPU, but excluding the conditional access module. Other possible implementations integrate the host functionality into a consumer electronics device (e.g., digital television) and use a removable conditional access module. A removable conditional access module is typically inserted into a slot on the consumer electronics device or STB.
FIG. 3 illustrates the prior art of a STB capable of two-way communication and is largely distinguished from the one-way STB in that the two-way STB incorporates a transmitter 28 for sending information back to the headend. In both FIGS. 2 and 3, the STB comprises a host 7 and a conditional access module 27. In both figures, the messages may be filtered by the conditional access module. The conditional access module determines whether the message is passed to the host CPU 26 or processed by the conditional access module. This is true regardless of whether the messages are sent inband (involving the tuner 20 or the demodulator 22) or whether the messages are sent out-of-band (involving receiver 23). Consequently, the provision of new or enhanced services may involve passing new messages in the existing architecture between the cable headend and the host. This may require reprogramming or replacing conditional access modules and requires the coordination and cooperation of the conditional access module manufacturer, host manufacturer, as well as the headend equipment provider, to recognize and process the new messages. In all cases, the authorization and command messages emanate from the cable headend are directed to a specific conditional access module, which then processes or forwards the message over the POD-host interface.
Because of the compatibility required between the cable headend and the STB, cable operators typically carefully control the connection and use of STBs to the network. Typically, different conditional access schemes are not compatible with each other. For example, two main vendors of cable network equipment include Motorola® and Scientific-Atlanta®. The conditional access schemes and messaging for each are not compatible with each other. Thus, a STB with an embedded conditional access module functioning on one network will not operate on the other network. To minimize interoperability problems and maintain customer satisfaction, the cable operator typically provides the STB to the cable subscriber, often on a leased basis. Hence, the cable subscriber typically is limited in their choice of STB brands and models. For a variety of reasons, many host manufacturers do not introduce innovative service capabilities in the host application software because the new capabilities would have to be supported by potentially the cable headend, conditional access module and billing and provisioning/conditional access system. If the vendor of the conditional access module does not recognize or pass information to a host CPU, or does not pass it in a defined manner, then that host capability cannot be configured by the cable network. Further, the coordination of development and deployment of new capabilities in these various legacy systems is difficult and competing business interests limit any coordination and cooperation. As evident, the development of a new host application executed by the CPU in the current architecture requires coordination of the development and deployment of a defined capability in the host with the conditional access module. Since current cable networks maintain only a limited ability to discriminate between different host capabilities and cannot accommodate different conditional access implementations, any deviation in the host's legacy based signaling capabilities results in host incompatibility. It is not economically feasible, nor practical, for a cable system operator to replace a conditional access module every time an upgrade is required due to a new messaging capability.
It is desirable that systems and methods be designed to allow various host manufacturers the ability to implement new service capabilities using new messages and minimize the coordinated development of new capabilities in the conditional access module and cable headend. Rather than require coordinated development in these legacy systems for each new capability introduced by a host, it would be desirable to utilize existing capabilities to work around limitations in the legacy system. By minimizing developing new functionality in legacy systems for each new host, greater flexibility would be provided to host manufacturers for developing new host capabilities. A scheme for enabling new services should allow use of existing conditional access modules for existing (‘legacy’) capabilities, such as authorizing premium channel viewing and pay-per-movie viewing. Thus, existing mechanisms used for message decoding, decryption, and authentication should be retained for controlling existing digital video, premium, and pay-per-view services. Further, these existing mechanisms should be allowed, if desired, as a step or component in configuring an enhanced service. Enhanced (non-legacy) capabilities and services may be offered using the principles of the present invention. It is expected that hosts implementing new capabilities will typically incorporating existing conditional access schemes and capabilities, but new capabilities typically will require use of new messages and parameters for controlling and configuring these new capabilities. Since the new messages for a given host may not be common among other host manufacturers, it is desirable that host-specific messages be accommodated for a plurality of hosts connected to a cable network without requiring modification of the existing infrastructure. This requires the cable system to be able to identify and use the appropriate messaging protocol for configuring an enhanced service capability in a specific host.
Further, while the current video encoding and security schemes are retained as a ‘minimal subset’ to ensure compatibility with legacy systems, it is anticipated that future video coding and alternative security schemes may be developed. For example, hosts may be developed with more advanced video codecs, such as those based on the newer MPEG 4 standard. Alternatively, newer or different conditional access schemes may be developed. A mechanism to allow introduction of these new capabilities in cable networks should be developed. Thus, a mechanism for allowing ‘legacy’ capabilities to be augmented should be accommodated as well. This allows, for example, new conditional access schemes and video coding technologies to augment existing schemes.
Further, the implementation of new cable network services operating in conjunction with new capabilities in the host may require appropriate changes to the cable network billing and provisioning/conditional access systems. It is desirable that changes to these legacy systems be minimized as well. It is further desirable that more flexible and accessible service provisioning capabilities are afforded to subscribers as well as third parties. Thus, a flexible provisioning architecture is required.
The ability to accommodate different host capabilities provides the opportunity for the host manufacturer to market new hosts in innovative ways. Host manufacturers will offer differing host functionality to meet customer needs not yet determined. Thus, support systems must be created to minimize customer dissatisfaction that may occur when a customer purchases a host that may be incompatible with their service needs or cable operator service offerings.
Further, a variety of brands and models of set top boxes may be made available to the cable subscriber through a variety of distribution channels, and a cable subscriber's choice should not be limited to those solely offered by the cable system operator. Each of the various brands and models of STBs should interwork with the cable headend, and should be easily configurable. Further, the conditional access module and host may be embodied in different forms with consumer electronics devices and should not be limited to a separate physical electronics device (e.g., ‘box’) connected to a television.
The present invention not only solves these problems, but also provides other benefits that will become apparent.