1. Field
The present invention refers to the domain of the broadcasting of video content on request, in particular the domain of video servers.
2. Description of Related Art
The development of the request for the broadcasting of specific video products has opened a new market, thanks to the availability of increasingly larger bandwidths. Therefore, it is possible to broadcast a film to a user via his/her telephone line by using, for example, the DSL technique (Digital Subscriber Line). Today, speeds of approximately 2 to 3 Mbits/sec are possible.
With this aim in view, videos servers are capable of managing a large number of lines towards users, each line broadcasting a different content.
These servers have access to a lot of contents that represent huge storage capacities. These servers are managed by a management module that manage data relating to each user of the broadband lines and that processes authorization and invoicing data. This management module instructs the video server to inform it about which contents must be transmitted on each line.
Initially, these servers were designed for content in plaintext, that is to say not encrypted. Considering the addressee was clearly identified, the management of his/her account was carried out centrally by a management module and not locally on the user's decoder. The use of a broadcasted content is usually unique and copies are not authorized. The possibility of illicitly copying a content duly acquired by a user has forced the broadcasters to introduce a data protection layer using encryption.
As is well known, in order to be able to visualize content such as a film, a sports event or a game in particular, several streams are broadcasted that are destined for a multimedia unit, for example, a decoder. In particular, these streams are on one hand the file of the event in the form of an enciphered data stream and on the other hand a stream of control messages allowing the deciphering of the data stream. The content of the data stream is enciphered by “Control Words” (cw) that are renewed regularly. The second stream is called the ECM stream (Entitlement Control Message) and can be formed in two different ways. According to a first method, the control words are enciphered by a key, called a transmission key TK, that generally pertains to the transmission system between the management centre and a security module associated to the receiver/decoder. The control word is obtained by deciphering the control messages by means of the transmission key TK.
According to a second method, the ECM stream does not directly contain the enciphered control words, but rather contains the data allowing the determination of the control words. This determination of the control words can be carried out using different operations, in particular by means of deciphering, said deciphering being able to lead directly to the control word which corresponds to the first method described above, but said deciphering also being able to lead to data which contains the control word, the latter must also be extracted from the data. In particular, the data can contain the control word as well as a value associated to the content to be broadcasted and notably the access conditions to this content. Another operation allowing the determination of the control word can use, for example, a simplex hashing function of this information in particular.
In both cases, a date field allowing the management of the usage period of this content is added to the control message ECM.
In order to allow the broadcasting of an encrypted content, the content in plaintext is transmitted to an encryption module that will return two files, both encrypted content and a file containing the group of encryption keys (control words).
In order to transform a video server broadcasting the content in plaintext into a server broadcasting the encrypted content, it must carry out numerous operations as follows:                transmit the control words to an ECM generator, the latter will add the date and possibly the access conditions to the content,        receive the ECM in return,        synchronize the broadcasting of the ECM with the broadcasting of the content.        
These operations are certainly possible, but entail extensive development times and the particular behaviour of the video server, behaviour that can be specific to each operator responsible for security.
The documents EP 1 274 243 and US 2003/0140340 perfectly illustrate these problems. In fact, the content is pre-encrypted and broadcasted on request. During such a request, the ECM stream is prepared and transmitted at this moment. The server VOD is always associated to these operations and is responsible for broadcasting the ECM with the pre-encrypted content. The two streams, the ECM and the content, are independent from each other and are processed separately.
The aim of this invention is to propose a flexible and undemanding solution to secure the content transmitted by videos servers towards one or more users.