Digital conversion of broadcasting is made all over the world, and digital conversion of technology and systems related to broadcast production has already been completed.
Unlike analog contents, digital contents can be perfectly copied and easily edited and distributed in terms of characteristics of media. Hence, it is essential to limit access to contents and protect the contents.
For this reason, there are proposed a conditional access system (hereinafter, referred to as a ‘CAS’) and a digital rights management (DRM), which enable only legal subscribers to access a corresponding content.
The CAS enables, together with a subscriber management system (SMS), only permitted subscribers to receive and reproduce a specific program.
In a general CAS, a head-end of a broadcast provider scrambles a content by using a control word (CW). In this case, the CW is encrypted as an authentication key, and the authentication key is encrypted as a distribution key.
Subsequently, the CW, the authentication key, and the like are included in a predetermined message (e.g., a qualification control message or a qualification management message) to be transmitted to a broadcast receiver.
Here, the broadcast receiver may be an ordinary set-top box.
When a scrambled transmission stream (scrambled content) is received, the set-top box decrypts an authentication key as a distribution key, and acquires a CW with the decrypted authentication key. The set-top box descrambles the scrambled transmission stream through the acquired CW and outputs the descrambled transmission stream as a signal in a visible and audible form.
Conventionally, a module for supporting CAS functions was built in the set-top box in an embedded manner. However, a downloadable conditional access system (DCAS) for providing a CAS client from a sever in a download manner has recently been proposed.
Although the DCAS is applied, a module related to a certificate, etc. for a security framework should be built in the DCAS in a process of manufacturing the set-top box.
Broadcast services have recently been used through not only set-top boxes installed in homes but also mobile devices such as mobile communication terminals (smart phones) and tablet PCs.
In an N-screen environment, it is difficult to provide a security module in advance. Hence, it is required to provide the security module in the download manner.
However, when a security module for broadcast services, particularly paid broadcast services is provided in the download manner without any limitation, the security module may be illegally copied.
Particularly, open source based terminals have been generally provided in recent years. In this case, various licenses exist for an open source, but the basic concept of the open source is to freely publish and distribute a kind of design map referred when software is made.
However, when a security module for broadcast services is provided based on an open source, the security module may be illegally made and distributed with reference to its design map. Hence, it is required to prevent the security module and software for supporting thereto from being open.