ITU-R REPORT BT 2052-2005 Protection of end-users privacy in interactive broadcasting systems《在交互式广播系统的终端用户隐私保护》.pdf
《ITU-R REPORT BT 2052-2005 Protection of end-users privacy in interactive broadcasting systems《在交互式广播系统的终端用户隐私保护》.pdf》由会员分享,可在线阅读,更多相关《ITU-R REPORT BT 2052-2005 Protection of end-users privacy in interactive broadcasting systems《在交互式广播系统的终端用户隐私保护》.pdf(9页珍藏版)》请在麦多课文档分享上搜索。
1、 Rep. ITU-R BT.2052 1 REPORT ITU-R BT.2052*Protection of end-users privacy in interactive broadcasting systems (Question ITU-R 111/6) (2005) 1 Introduction Interactive broadcasting systems enable attractive services to end-users. On the other hand, the system offers the opportunity to collect inform
2、ation related to the end-user to the service provider or the other third party or parties, and to send a malicious program code to the receiver to malicious party or parties. To protect end-users privacy from potential threat, information to be protected and potential attack points in the interactiv
3、e broadcast chain should be clarified. In this Report, a detailed analysis of interactive broadcast systems is discussed with two principles below to clarify the problem of protection of end-users privacy: Free-to-air broadcasting services, even when including interactive elements, should be availab
4、le to the end-users without any need for a return channel connection. Any information of a personal nature is, by default, considered private. A privacy threat to a broadcast receiver with a return channel can potentially materialize as soon as a connection to a remote computer is established over t
5、he return channel. 2 Information to be protected Considering the second principle in the previous section, all data related to the user should be regarded as potentially sensitive. There are different kinds of user data such as: personal data, e.g. name, date of birth, personal profiles and preferen
6、ces; link data, e.g. address and telephone number, bank account or credit card number; data stored within the broadcast receiver, e.g. zapping history, return/interaction channel usage history, ID number; data stored outside the broadcast receiver, for a static receiver, e.g. return/interaction chan
7、nel usage history, for a mobile receiver, e.g. location data. This tells that protection of the end-users privacy can be achieved when all the elements affecting it in the interactive broadcast chain work properly. 3 Interactive broadcast system model In order to approach these questions, an analysi
8、s of threat to privacy infliction should be undertaken. Typical models for the interactive broadcast chain, with a unidirectional and bidirectional return channel, as illustrated in Figs. 1 and 2 respectively, are used for this analysis. *This Report is brought to the attention of ITU-T SG 9, ITU-T
9、SG 17 and ITU-D SG 2. 2 Rep. ITU-R BT.2052 FIGURE 1 Model for an interactive broadcast chain with a unidirectional return channel The receiver in Fig. 1 comprises the following components: (A) DeMUX/broadcast channel decrypter This is to descramble a broadcast signal that has been encrypted for cert
10、ain purposes such as pay-service or copy control of the broadcast content. Rep. ITU-R BT.2052 3 (B) Protocol handler/AV decoder This is to handle various broadcast protocols such as transport stream and carousel, etc. in a receiver and audio/video decoding. Data or messages other than audio/video si
11、gnals taken out of the received signal by this are passed to an appropriate part of subsequent processes. (C) Secure device This stores an end-users authorization information, including identification of the user and key(s) for descramble. Certification authority can track the end-users name, addres
12、s and telephone number, etc., through the identification number. (D) Processor/renderer This controls receiver behaviour instructed by both a broadcast content and a system program. (E) Storage This keeps information provided by the broadcast content, initial set-up, or user. Information provided by
13、 a user includes user profile such as name, age, sex, address, genre of interest of contents, etc. (F) Return channel encrypter This enciphers message(s) sent through a return channel. This could be optional. (G) Access point A point to connect a receiver to a communication network for return channe
14、l. To access the network, a receiver may require information to logon the network, e.g. user-id and password, or number to dial. A broadcast station provides the following components: (H) Multiplexer This combines broadcast services into a single stream and provides signalling information such as PS
15、I/SI. Service_id of each service is included in SI. (I) Broadcast channel encrypter This enciphers broadcast contents and provides key(s) information and control message(s) for a descrambler in a receiver. (J) Broadcast content server This feeds broadcast contents to a broadcast channel encrypter (I
16、). (K) Authoring system Interactive contents are authored by this system. Some contents may be renewed frequently to reflect end-user response derived from a communication server to the content. (L) Communication server This gathers responses of end-users. One possible use of these responses is to u
17、pdate the content. Gathered information or communication log may be stored if needed. (M) Return channel decrypter This deciphers incoming encrypted messages from receivers through return channel. This is a counterpart of encrypter provided in a receiver. 4 Rep. ITU-R BT.2052 FIGURE 2 Model for an i
18、nteractive broadcast chain with a bidirectional return channel NOTE 1 Multiple content providers using content server (K), authoring system (L), communication server (M) and encrypter/decrypter (N) or part of them may take part in establishing the interactive broadcast service. For example, addition
19、al audio/visual component fed through interaction channel is provided by a different provider from broadcaster. The actual structure of these components above depends upon the service. NOTE 2 The destination at provider side, i.e. broadcaster side, of the interaction channel depends upon the structu
20、re described in Note 1. A receiver in Fig. 2 comprises the following components: (A) Descrambler This is to descramble a signal that has been encrypted. In some cases, an encrypted signal may come from the interaction channel in addition to the broadcast channel. (B) Protocol stack No. 1 This is to
21、handle various broadcast protocols such as transport stream and carousel, etc. in a receiver. Data or messages taken out of a received signal by this are passed to an appropriate part of subsequent processes. Rep. ITU-R BT.2052 5 (C) Secure device This stores information regarding legality of an end
22、-user to enjoy the services, including identification of the user and key(s) for descramble. Certification authority can track the end-users name, address, and telephone number, etc. through the identification number. (D) Processor/renderer This controls receiver behaviour instructed by both a conte
23、nt and a system program. (E) Storage This keeps information provided by the broadcast content, initial set-up, or user. Information provided by a user includes user profile such as name, age, sex, address, genre of interest of contents, etc. Information provided by the content may be some tags to ho
24、ld a state of the content, or to distinguish each receiver or user. (F) Encrypter/decrypter This enciphers and deciphers a signal sent and received through the interaction channel. This may not always be employed to all kinds of interaction channel. Authentication of the content from interaction cha
- 1.请仔细阅读文档,确保文档完整性,对于不预览、不比对内容而直接下载带来的问题本站不予受理。
- 2.下载的文档,不会出现我们的网址水印。
- 3、该文档所得收入(下载+内容+预览)归上传者、原创作者;如果您是本文档原作者,请点此认领!既往收益都归您。
下载文档到电脑,查找使用更方便
10000 积分 0人已下载
下载 | 加入VIP,交流精品资源 |
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- ITURREPORTBT20522005PROTECTIONOFENDUSERSPRIVACYININTERACTIVEBROADCASTINGSYSTEMS 交互式 广播 系统 终端 用户 隐私 保护

链接地址:http://www.mydoc123.com/p-792892.html