The inventors have developed a map-based graphical user interface that allows an operator to specify access control rules for broadcasting content to subscribers in mobile settings by defining geographic regions on the map and associating individual receivers with these regions, among other conditions. The interface allows the operator to define and save different access control rules for different types of missions, and to automatically enforce a particular set of rules during the mission.
Once such access rules are defined using the intuitive user interface described above, they are enforced via cryptographic means. A recently developed technology called Dynamic Group Keying (DGK) allows one to change the data encryption key at any time and to securely and efficiently distribute the new key to authorized receivers. The distribution of keys to the receivers is accomplished using an Over-TheAir Keying (OTAK) protocol. Only authorized receivers possess the correct key, meaning no other receivers can decrypt the data feed. The monitoring and rekeying may occur in parallel with the broadcast, and the rekeying can be made completely transparent to the subscribers unless the subscriber's access status has changed.