FREQUENTLY ASKED QUESTIONS ABOUT THE BBTSolution™
Q: What's so unique, advanced or new about this BBT core Patent?
A: Until now, higher level, hardware-based security relied on an entity known as a "trusted authority" to store and authenticate secret keys before data could be accessed. That created a major vulnerability which resulted in expensive, proprietary, and usually single-use devices. This is the first patent for a hardware security design allowing secure transmission and downloadability that does not require any trusted authority for authentication. It also, importantly, creates ad hoc "private keys" that even the users cannot divulge since the keys are neither known nor stored by the security provider. This can allow diverse hardware manufacturers to create competitive, hardware secure consumer electronics devices such as, for instance, a tablet computer or "Smart TV" which could access multiple types of secure data from different providers using entirely unique access and encryption protocols selected exclusively by the information provider.
Q: What's the significance of hardware versus software based security?
A: The common software based security primarily used on the Internet today "hides" encrypted authentication and authorization security codes directly in the data being transmitted. Hackers essentially play a game of "where's Waldo" searching out the keys. They've gotten very good at it, thus we see almost daily reports of major hacks and data losses. Software security, while valuable, has to constantly be changed and updated to keep up with incessant security breaches.
Hardware security is much more difficult to breach, often requiring physical possession of the specific transmitting and receiving hardware, and specialized equipment such as electron microscopes and massive amounts of computer power to defeat. Even then, the BBTSolution™ is designed to automatically re-set and re-secure the system with new unique keys requiring an entirely new "hack" for each individually initiated secure communication. No system is foolproof, but an agile, easily reconfigured technology which can use multiple downloaded encryption and key security algorithms is by far more secure than most current approaches. Non-targeted unauthorized data collection will be far more difficult since each communication can use an individualized, unique private encryption key that is unknown, even to the security provider.
Q: Why hasn't a more efficient hardware approach been developed before?
A: Until now, no one realized such an approach would work. They expected to need a "trusted authority," never liked it, but accepted it anyway. High-value data has generally, therefore, been protected behind expensive, private, proprietary hardware security walls such as those used for bank transfers. Now, more and more valuable data and intellectual property is flowing over the open Internet. While software security is relatively inexpensive and easy to distribute, it is also more vulnerable. Software security companies are constantly having to change and charge for "updated" versions of their security after a breach. For individual secure transmission providers, the BBTSolution hardware approach, which is designed to be both non-proprietary and less expensive, offers a new, more secure alternative. As we move toward the "Internet of Things" the broader Internet device security problem will only become more pronounced. In industry-wide applications, such as television sets, hardware must be widely deployed and generally available for purchase. This is a more complicated, longer process, and one that entails cooperative industry use of the core hardware. One of the primary reasons, until now, that cooperative industry-wide use of high-level hardware security was limited is because all users had to rely on a single "trusted authority" and, usually, proprietary control of expensive hardware. Those hurdles can now be overcome with the development of the BBTSolution™.
Q: The BBT Patent has been described as unusual. Why?
A: We call this a "core," "deep," or "broad" patent because BBT's base claims are fundamental, and cover a broad variety of systems so it can be implemented in many ways. A significant number of sub-details are themselves also covered. Patent filings routinely have multiple, individual claims of unique, patentable design elements. A recent study indicated the average number of such claims in patent filings to number around 20. In the case of the BBTSolution™, after four years of processing and examination, all 202 individual claims submitted to the United States Patent Office were granted.
Q: Did you set out to discover a new way to secure electronic data and consumer electronics devices used for broadband and the Internet?
A: Actually, no. The principals in BBT are old hands in the cable television industry. The initial focus was to develop a new design for a cheaper cable television set top box for the industry that would be openly available to any manufacturer who could then build set top boxes for the retail market. That required a new type of security, since most current set top box security is closed and proprietary, forcing the use of expensive and now-obsolete "CableCARD" technology. As a result, BBT looked at the security issue with "new eyes," unlike the established security community, which has long been impaired by the notion that PKI, "Public/Private Key Infrastructure" required a "trusted authority". The proprietary design and trusted authority approach inhibited widespread use and any retail market for consumer devices. We thought "outside the box," and as with a lot of inventions, figured out a new way to do something we weren't initially looking for! While the effort was first triggered by a need in the cable television industry, we have long recognized and noted that the downloadable, no-trusted-authority design applies not only to cable set top boxes but to virtually any electronic communication. The Patent covering that base concept was granted (#8506375) just as the issue of Internet and broadband data security has come into national focus.
Q: Does BBT hold any other patents?
A: No. However Bill Bauer, BBT's CEO and Chief Technology Officer does. He has patents both in the area of the use of GPS for far more precise location applications and a patent in the area of IP telephony. Bauer was the Chair of the committee of the cable television industry's technical consortium, CableLabs, that first developed the now very successful and generally commercially available DOCSIS cable modem. The set top box project was modeled on that effort.
Q: Who could potentially use the BBTSolution™?
A: Anyone wanting increased security of their electronically transmitted data, particularly those who have a "one-to-many" communications stream from a transmitter or server, as well as manufacturers creating devices to access that data. Streaming video over the broadband Internet is the most obvious example; general "Cloud Computing" is another. If inexpensive BBTSolution™ chips were included in televisions sets, or in devices such as Roku™, TiVo™, AppleTV™, Microsoft's Xbox™ or Google's Chromecast™, etc., then any "over the top" streaming video programmer could allow consumers to use those devices while maintaining full security of their programs and also assuring privacy and confidentiality of their customer lists. Individual programmers or aggregators could independently have control of their own encryption and conditional access. That secure control could also potentially allow far more accurate audience measurement of such video distribution, and new business models.
The same flexibility could be true for putting the chip in telephones, computer tablets or "outboard" USB or HDMI "dongles." Each owner of intellectual property, a company, the government, or a law firm, for instance, could utilize an inexpensive piece of hardware at their server to establish a unique individual secure communications path and then download a conditional access and key security protocol for their confidential data that was unique to them and could be changed only by them at any time. No one else would have any control or knowledge of the processes chosen. The same device, for instance a tablet, could be used for both secure "cloud-based" business data and then to watch a new movie just by connecting to, and downloading alternative data stream provider protocols following authentication. Each use would be separately secured.
Q: How could this apply to health records or government use?
A: The Veterans Administration, for example, could supply every vet with a simple "USB dongle" which could be used in any doctor's office computer to access a medical records data base once a unique secure communications path was established. Those records would only be available with the use of that individual's USB key, which could be configured as securely as the VA chose, with as many authentication and validation processes as it deemed necessary. The records would be encrypted. They could only be read while the secure communications path was intact. When the key was removed, or the link terminated, the secured records would be gone as well. Of course other conditions could be applied, from leaving the health records on the doctor's computer, but only in encrypted form, requiring the key for access, to choosing to decrypt the records at that location. This scenario could be applied to any government data and any government worker using or needing access to sensitive data, be they civilian or military. Each use and each encrypted data stream could be specifically limited in both time and access. The same could be true for any private or corporate data transmissions secured through the BBT method.
Q: You've said the BBTSolution™ chip is "inexpensive." Who makes it and how much does it cost?
A: The current chip was specifically manufactured for use in cable television set top boxes, but could be used in multiple other applications. It was made by one of the world's largest secure microchip manufacturers, ST Microelectronics. The current set top box chip is priced at $5.00 per chip, including the license fee for use of the patented technology. BBT has designed the technology to be openly available to qualified manufacturers. It can be licensed and manufactured in various forms, depending on the application. Different uses, such as in cell phones, would require different chip configurations, but the technology specifications can be broadly applied.
Q: What are the details about current deployment in cable set top boxes?
A: A secure, downloadable set top box made by Digital Freedom Technology (DFT) (www.DigitalFreedomTechnology.com) is currently in use in cable television systems and has successfully passed a security audit by Telcordia Technologies (formerly Bell Communications Research). DFT was founded by BBT's CEO/CTO Bill Bauer to assure that the technology was made available to all cable television operators, the initial objective when BBT was founded. A limited production standard set top box is already being used in several cable television systems. A much smaller device, about the size of a pack of cards, is entering the manufacturing phase. Other set-top manufacturers are currently exploring inclusion of the BBT secure microchip in their devices. Most cable television programming is already being distributed and available to cable operators nationwide via satellite (through Vubiquity™ satellite transport) encoded for use with the BBTSolution™ chip. The BBTSolution? was designed to be an open standard, thus other chips and devices in various formats are intended to be developed by other companies for multiple uses.
Q: Securing the power grid and other such infrastructures was mentioned, how would that work?
A: As with any other implementation, the underlying premise of the BBT technology is that once an independently secure communications path is established then totally separate data access, data encryption and data use limitations, etc., can be fully controlled and monitored by the secure transmission provider. In the case of the power grid, this could assure that only those with specifically authorized devices and multi-layered authentication could gain remote access to the network of critical equipment and controls. It could also allow for high-level secure data communication and control to both residential and commercial power meters. This, of course, could be true of any other networked industry or plant as well. Hackers cannot create havoc if they can't get in to the network in the first place. Internal communication can be restricted to the individual secure communications link and access or use restrictions imposed.
Q: When can we expect to see BBTSolution™ technology in the consumer marketplace?
A: As noted, it's already built into a limited number of cable television set top boxes. There are so many potential uses for this new approach to security technology that it's difficult to say what the next application will be. BBT has already had preliminary discussions with companies in the wireless, health care records and power industries. As is understandable with discussions about the adoption and implementation of security technology, those discussions are covered by "non-disclosure agreements." We are required to keep them confidential. We expect many more such discussions now that the core patent has been issued.
For More Information, please contact:
Beyond Broadband Technology, LLC