In secure systems, data often needs to be encrypted to prevent unauthorised access to it, and then decrypted when needed. For example, in pay-television systems, data encryption prevents hackers from gaining access to broadcast services without making the appropriate payment to the service provider. However, not all data within the system may be of a confidential nature. Confidential data may be referred to as being privileged, and the term privilege is known to those skilled in the art as meaning rights of access. Some prior systems indiscriminately encrypt all data, regardless of the privilege status of the data, or whether the devices handling the data are secure. A secure device is one which has a low susceptibility to hacking, and therefore has a low probability of containing illegitimate data. This approach is inefficient and increases processing overhead. One particular problem in the field of pay-television systems is that privileged data from a first secure device may need to be temporarily stored in an insecure external memory before being written into a second secure device. The data may be vulnerable to hacking while being stored in the external memory.
We have appreciated that only privileged data needs to be encrypted. We have further appreciated that a means to identify privileged data is required so that data may be selectively encrypted and decrypted.