John I Okimoto

US Patent:

7080397, Jul 18, 2006

Filed:

Jul 3, 2001

Appl. No.:

09/898172

Inventors:

Keith R. Cochran - San Diego CA, US
John Okimoto - San Diego CA, US

Assignee:

General Instrument Corporation - Horsham PA

International Classification:

H04N 7/173

US Classification:

725 87, 725 31, 380200

Abstract:

A transaction protocol for communicating between an encryption renewal system communicably coupled to one or more video on demand systems via a communication network. The encryption renewal system permits pre-encrypted content to be accessed by clients of the video on demand systems. The protocol comprises, receiving, by the encryption renewal system, a request transaction document having a first format from the video on demand system; parsing the request transaction document to retrieve data from the request transaction document; generating a request object code in a second format for processing by encryption renewal system, the request object code based on the data in the request transaction document; responsive to processing of the request object code, generating a response object code having the second format; converting the response object code to a response transaction document having the first format; and forwarding the response transaction document to the video on demand system.

US Patent:

7305555, Dec 4, 2007

Filed:

Mar 27, 2002

Appl. No.:

10/109111

Inventors:

John I. Okimoto - San Diego CA, US
Eric J. Sprunk - Carlsbad CA, US
Lawrence W. Tang - San Diego CA, US
Annie On-yee Chen - Del Mar CA, US
Bridget Kimball - Encinitas CA, US
Douglas Petty - San Diego CA, US

Assignee:

General Instrument Corporation - Horsham PA

International Classification:

H04L 9/00
H04K 1/00
G06F 11/30
G06F 12/14
G06Q 40/00
H04L 9/32
H04N 7/167
H04N 1/44
H04K 1/02

US Classification:

713168, 713177, 713181, 713170, 713189, 713165, 713176, 713169, 705 51, 705 52, 705 53, 705 54, 705 55, 705 56, 705 57, 380232, 380278, 380281

Abstract:

A system is described for uniquely mating components of a communication network such as a smartcard and a set-top box. When mated, the smartcard and set-top box are tied together and have a single identity. Further, the smartcard operates properly only when inserted into an authorized set-top box. Exchanges of information between both components are secured by encryption and authentication to guard against piracy of the exchanged information. The system provides the same authentication key to the set-top box and the smartcard. This key is used for authenticating communication between the set-top box and the smartcard. First, the authentication key is encrypted by a set-top box mating key. The set-top box employs this mating key to decrypt the authentication key. After it is derived, the authentication key is stored in the set-top box's memory. Further, the same authentication key is encrypted by a smartcard mating key.

US Patent:

7765600, Jul 27, 2010

Filed:

May 4, 2004

Appl. No.:

10/838413

Inventors:

Jeri L. Saunders - Encinitas CA, US
Annie O. Chen - Del Mar CA, US
Erik J. Elstermann - Carlsbad CA, US
John I. Okimoto - San Diego CA, US

Assignee:

General Instrument Corporation - Horsham PA

International Classification:

G06F 7/04
G06F 12/14
H04N 7/167
G06F 21/00

US Classification:

726 27, 726 28, 726 29, 726 30, 726 31, 713187, 713189, 380201, 380203, 380229, 380230, 380239, 705 51, 705 57, 705 59

Abstract:

A method for authorizing a computer program having a number of features for use with a product includes: receiving license data generated using a first key, the license data specifying a unique identifier associated with the product and specifying at least one feature authorized for use with the product; using a second key associated with the first key, obtaining the unique identifier from the license data; retrieving a product identifier from the product; determining whether the unique identifier corresponds to the product identifier; and based on the determination, authorizing use of the at least one feature with the product.

US Patent:

7929483, Apr 19, 2011

Filed:

Dec 30, 2004

Appl. No.:

11/026413

Inventors:

Bridget D. Kimball - Encinitas CA, US
Michael T. Habrat - San Diego CA, US
John I. Okimoto - San Diego CA, US
Douglas M. Petty - San Diego CA, US
Eric J. Sprunk - Carlsbad CA, US
Lawrence W. Tang - San Diego CA, US

Assignee:

General Instrument Corporation - Horsham PA

International Classification:

H04B 7/212

US Classification:

370324, 370350, 370509, 713155, 713165

Abstract:

The present invention discloses a system and method for providing a secured system time reference to a subscriber device, e. g. , a set top box or a receiver. In one embodiment, the system time reference is provided in a secure system time message that is broadcasted to a plurality of subscriber devices. Each subscriber device has a security device or software application that is capable of determining whether the received system time reference is legitimate. If the system time reference is determined to be legitimate, a local time reference is synchronized with said received system time reference.

US Patent:

8156560, Apr 10, 2012

Filed:

Dec 30, 2004

Appl. No.:

11/027206

Inventors:

John I. Okimoto - San Diego CA, US
Bridget D. Kimball - Encinitas CA, US
Annie O. Chen - Del Mar CA, US
Michael T. Habrat - San Diego CA, US
Douglas M. Petty - San Diego CA, US
Eric Sprunk - Carlsbad CA, US
Lawrence W. Tang - San Diego CA, US

Assignee:

General Instrument Corporation - Horsham PA

International Classification:

H04N 7/16

US Classification:

726 26, 726 5, 726 7, 726 8, 726 10, 726 14, 726 28, 726 30, 713168, 713170, 713185, 709217, 709225, 709227, 709228, 709248, 380277, 380278, 380283, 348 E5007, 348 E7056

Abstract:

The present invention discloses an apparatus and method for defining and enforcing rules of transition between two security domains, e. g. , a transport domain and a persistent security domain. In turn, a border guard, e. g. , a security device, is provided between these two domains that enforce rules for transition between the two security domains. This novel approach of defining a transport domain and a persistent security domain simplifies the classification of the digital content and its movement through the system. Namely, the border guard once established between the two systems can enforce DRM rules associated with how contents are moved between the two domains.

US Patent:

20020051539, May 2, 2002

Filed:

Jul 3, 2001

Appl. No.:

09/898168

Inventors:

John Okimoto - San Diego CA, US
Lawrence Tang - San Diego CA, US

International Classification:

H04N007/167

US Classification:

380/211000, 725/031000

Abstract:

An encryption renewal system for generating entitlement control messages, the system being secured by physical separation of components. The encryption renewal system has a first computing platform for performing non-secure tasks associated with one or more control messages that transmit one or more keys to a subscriber; and a second computing platform physically separate from the first computing platform containing one or more application specific integrated circuit chip for generating the one or more control messages. In addition, a method by the encryption renewal system is used to register an off-line encryption device in order to begin encrypting clear content. The method includes generating data for registering the off-line encryption device; encrypting the data with one or more cryptographic keys to form encrypted data; forwarding the encrypted data to the off-line encryption device; and retrieving the data from the encrypted data, wherein the off-line encryption device begins to encrypt clear content only after the data is retrieved.

US Patent:

20020083438, Jun 27, 2002

Filed:

Jul 3, 2001

Appl. No.:

09/898184

Inventors:

Nicol Chung So - Bensalem PA, US
John Okimoto - San Diego CA, US
Annie Chen - Del Mar CA, US
Lawrence Tang - San Diego CA, US
Akiko Wakabayashi - San Diego CA, US
Keith Cochran - San Diego CA, US

International Classification:

H04N007/167
H04N007/00
H04N011/00

US Classification:

725/031000, 348/460000, 380/210000, 380/277000

Abstract:

A method of delivering content from a head end to subscriber terminals within one or more cable systems. Such content may be video, audio or the like. The method includes the step of encrypting the content offline to form pre-encrypted content, generating an encryption record containing parameters employed for encrypting the content. Based on the encryption record, a control message for permitting access to the pre-encrypted content is generated using a periodical key provided by the first cable system. The pre-encrypted content and associated control message is thereafter forwarded to the first subscriber terminal for decryption of the content. For a second subscriber terminal within a second cable system, the pre-encrypted content is retrofitted with a second control message permitting the pre-encrypted content to be decrypted by the second subscriber terminal. Further, multiple versions of a control message for multiple service tiers within a cable system may be generated, each version for permitting access to a particular service tier within the system.

US Patent:

20020112175, Aug 15, 2002

Filed:

Dec 13, 2000

Appl. No.:

09/736617

Inventors:

Douglas Makofka - Willow Grove PA, US
John Okimoto - San Diego CA, US

International Classification:

H04L009/32

US Classification:

713/200000

Abstract:

The invention relates to controlling functional units within a conditional access system. In one embodiment, a method for controlling access to a functional unit within a set top box is described. In one step, first information comprising a plurality of functional unit identifiers and one or more tier requirements respectively related to each functional unit identifier is received. Second information comprising tier rights is also received. The functional unit identifiers are correlated to their respective tier requirements. The functional unit is interacted with. It is determined if the respective tier requirements are satisfied by the tier rights. Further interaction with the functional unit is authorized.