Industry standards provide the necessary protocols and infrastructure that may be used for delivering digital television or DVD content with audio, video and data signals. These streams may be processed by various functions and operations within broadband networks, head-end and terminal devices such as set-top boxes (STB), and media devices such as DVD. These various functions and operations may for example involve access to sensitive areas of the device such as scan access, system buses and system interfaces and may benefit from some form of security or user authentication mechanism.
Passwords are the most popular authentication mechanism. They make use of knowledge a user has. The user supplies a password and a security system validates it. If the password is verified to be associated with a user, the user's identity is authenticated. If not, the password is rejected and authentication fails.
Passwords have the fundamental problem that they are reused on multiple devices. If an unauthorized user discovers a password on one device, it may be used to gain access to another device that authenticates with the same password. In this case, a device such as an STB cannot distinguish between the unauthorized user and a legitimate user.
For many applications, such as a secure download operation, a password may be discovered by an unauthorized user during an operation and may then be utilized for gaining access during subsequent operations of the same type.
In order to ensure secure communication, transmitted streams may need to be protected during transmission to devices such as STB. Upon receipt of the transmitted steams, one or more devices within the STB may need to provide secure access for the streams.
Further limitations and disadvantages of conventional and traditional approaches will become apparent to one of skill in the art, through comparison of such systems with the present invention as set forth in the remainder of the present application with reference to the drawings.