Content transmission security protection device system and method

摘要

The invention relates to information security technologies, provides a content security transmission device and a content security transmission system which separate data transmission function of a digital interface from data management and processing function thereof, and provides a content security transmission method based on the device and the system. The content security transmission protection device comprises digital interfaces and a management/processing unit, the management/processing unit is configured in a specific chip in the device, used for updating a revocation list stored therein and collecting information from downstream devices. A transmitting device and a forwarding device in the content security transmission protection system comprise digital interfaces and management/processing units. The invention employs software in the specific chip CPU to implement data management and processing function without increasing cost, thus being capable of increasing any functions, improving flexibility and expansibility of the system, and greatly reducing size and cost of digital interface chips, namely reducing the development difficulty. The digital interfaces only implement simple data transmission function at fast processing speed.

主权项

1. A content transmission security protection device, comprising memory, a digital interface, and characterized by further comprising a management/processing engine, the management/processing engine being configured in a specific chip in the content transmission security protection device;
the digital interface being used for performing an authentication between the management/processing engine and the digital interface at the request of the management/processing engine in the content transmission security protection device; performing an authentication between the digital interface of the content transmission security protection device and a digital interface of a downstream receiver device; performing a key activation between the content transmission security protection device and the downstream receiver device to obtain an encryption key, wherein the encryption key is used as an initial key to encrypt content data to be transmitted by the digital interface; the management/processing engine being used for initiating an authentication between the management/processing engine and the digital interface in the content transmission security protection device; performing an authentication between the management/processing engine of the content transmission security protection device and a management/processing engine of a downstream receiver device; updating a revocation list stored in a local management/processing engine of the content transmission security protection device; and collecting communication link data from said downstream receiver devices.