Method, apparatus and medium for video processing
US-2024364898-A1 · Oct 31, 2024 · US
Secure transcoding of video data
US9445112B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9445112-B2 |
| Application number | US-201213707579-A |
| Country | US |
| Kind code | B2 |
| Filing date | Dec 6, 2012 |
| Priority date | Dec 6, 2012 |
| Publication date | Sep 13, 2016 |
| Grant date | Sep 13, 2016 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A secure transcoder assembly features a secure data path where the related crypting and coding functions are secured in the secure data path. More specifically, during transcoding the ingress (received) encrypted video data is decrypted and copied from application memory (that is accessible to the application processor) to secure memory (that is inaccessible to the application processor) by security processor(s). Once in the secured memory, this video data is transcoded. The video data, now in its transcoded form, is re-encrypted by the security processor(s) during the transfer back to application memory for egress (continued transmission). The mode for the re-encrypting may be managed by the application processor via a crypto API, and the application processor may further feature an opaque handle on the data when it is passed to the secure region.
First claim
Opening claim text (preview).
What is claimed: 1. A device configured to securely transcode video data, the device comprising: an application region configured to: ingress encrypted video data in a first encoded format, and egress encrypted video data in a second encoded format, wherein the video data comprises a plurality of video data regions; and a secure region inaccessible from the application region, the secure region configured to: receive the encrypted video data in the first encoded format from the application region, decrypt the video data in the first encoded format, transcode the video data to the second encoded format resulting in a transcoded sample, wherein the transcoded sample comprises the video data transcoded to the second encoded format, a list comprising, for each video data region of the plurality of video data regions, an indicator of whether that video data region is to be encrypted or unencrypted, and an index table comprising at least one index and at least one subsample of video data comprising a header and a content, re-encrypt the video data in the second encoded format in accordance with the list of the transcoded sample, wherein re-encrypting the video data in the second encoded format in the secure region results in a re-encrypted sample, the re-encrypted sample comprising at least one encrypted video data region of the plurality of video data regions, and send the encrypted video data in the second encoded format to the application region. 2. The device of claim 1 , wherein the application region comprises at least one application processor, and wherein the secure region comprises at least one secure processor. 3. The device of claim 2 , wherein the at least one secure processor comprises a transcode processor and a crypto processor. 4. The device of claim 2 , wherein the application region further comprises a transcoder application programming interface (API) configured to cause the encrypted video data in the first encoded format residing in an application memory of the application region to be copied to a secured memory of the secured region that is not accessible to the application region. 5. The device of claim 2 , wherein the application region further comprises a crypto application programming interface (API) configured to determine a mode corresponding to the second encoded format which the encrypted video data in the first video format will be re-encrypted into by the secure region. 6. The device of claim 1 , wherein the application region further comprises an opaque handle corresponding to the video data while the video data is being processed in the secured region. 7. The device of claim 1 , wherein the secure region performs a decryption process for forming a decrypted sample from the encrypted video data, and a re-encryption process for forming the re-encrypted sample from the transcoded sample. 8. A method for securely transcoding video data, the method comprising: ingressing encrypted video data in a first encoded format to an application region of a transcoder assembly, wherein the video data comprises a plurality of video data regions; passing a mode indicator from the application region to a secure region of the transcoder assembly, the secure region inaccessible from the application region; passing the encrypted video data in the first encoded format from the application region to the secure region; decrypting the encrypted video data in the first encoded format based at least on the mode indicator; transcoding the video data from the first encoded format to a second encoded format in the secure region resulting in a transcoded sample, wherein the transcoded sample comprises the video data transcoded to the second encoded format, a list comprising, for each video data region of the plurality of video data regions, an indicator of whether that video data region is to be encrypted or unencrypted, and an index table comprising at least one index and at least one subsample of video data comprising a header and a content; re-encrypting the video data in the second encoded format based at least on the mode indicator in accordance with the list of the transcoded sample, wherein re-encrypting the video data in the second encoded format in the secure region results in a re-encrypted sample, the re-encrypted sample comprising at least one encrypted video data region of the plurality of video data regions; passing the re-encrypted video data in the second encoded format from the secure region to the application region; and egressing the encrypted video data in the second encoded format. 9. The device of claim 8 , wherein passing the encrypted video data from the application region to the secure region and decrypting the encrypted video data comprises a secure processor of the secure region inputting the encrypted video data from an application memory of the application region and outputting decrypted video data to a secured memory of the secured region. 10. The device of claim 8 , wherein passing the re-encrypted video data from the secure region to the application region and re-encrypting the video data comprises a secure processor of the secure region inputting the decrypted video data from a secured memory of the secure region and outputting re-encrypted video data to an application memory of the application region. 11. The method of claim 8 , wherein decrypting the video data in the first encoded format in the secure region results in a decrypted sample. 12. The method of claim 8 , wherein the encrypted video data was formed using a symmetric key, and wherein an initialization vector for decrypting and subsequently re-encrypting the video data is selected in the secure region and is not accessible to the application region. 13. The method of claim 8 , wherein the video data is maintained in a first sandbox of secure memory in the secure region separate from a second sandbox of memory in the secure region in which different video data to be encrypted is maintained. 14. A computer-readable storage device comprising computer-readable instructions for securely processing video data in a transcoder assembly, the computer-readable instructions comprising instructions that cause a first processor operating in an application region of the transcoder assembly to: ingress encrypted video data encoded in a first format, wherein the video data comprises a plurality of video data regions; pass the encrypted video data to a secure region of the transcoder assembly to which the first processor does not have access; maintain an opaque handle on the encrypted video data passed to the secure region; and egress the encrypted video data encoded in a second format after it has been returned by the secured region, wherein the computer-readable storage device further comprises instructions for causing a second processor in the secure region to: decrypt the encrypted video data encoded in the first format; transcode the video data in the secure region from the first format to the second format to generate a transcoded sample, wherein the transcoded sample comprises the video data transcoded to the second encoded format, a list comprising, for each video data region of the plurality of video data regions, an indicator of whether that video data region is to be encrypted or unencrypted, and an index table comprising at least one index and at least one subsample of video data comprising a header and a content; re-encrypt the video data in the second format in accordance with the list of the transcoded sample, wherein re-encrypting the video data in the second encoded format in the secure region results in a re-encrypted sample, t
Assignees
Inventors
Classifications
by transcoding between formats or standards, e.g. from MPEG-2 to MPEG-4 (conversion of standards in analogue television systems H04N7/01) · CPC title
involving video stream encryption, e.g. re-encrypting a decrypted video stream for redistribution in a home network · CPC title
- H04N19/40Primary
using video transcoding, i.e. partial or full decoding of a coded input stream followed by re-encoding of the decoded output stream · CPC title
involving video stream encryption · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9445112B2 cover?
- A secure transcoder assembly features a secure data path where the related crypting and coding functions are secured in the secure data path. More specifically, during transcoding the ingress (received) encrypted video data is decrypted and copied from application memory (that is accessible to the application processor) to secure memory (that is inaccessible to the application processor) by sec…
- Who is the assignee on this patent?
- Microsoft Corp, Microsoft Technology Licensing Llc
- What technology area does this patent fall under?
- Primary CPC classification H04N19/40. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Sep 13 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).