Two themes are dominating the discussions at video service operators worldwide:
the evolution of security requirements for multi-network, multi-screen delivery systems and,
the impact of MPEG-DASH as a standardized streaming delivery protocol.
Solving thorny and complex content rights issues and implementing industry-wide standardized streaming protocols are essential for delivering high quality over-the-top and multi-network, multi-screen services. The discussions surrounding these issues are a positive sign that video service operators are poised to deploy more sophisticated and high quality services. Although consumers will not likely be aware of the changes in the back-end infrastructure this session will examine a range of solutions that will enable video service operators to offer consumers a winning combination of a less confusing and fragmented array of device capabilities, and a broader range of content choices.
2. 1. History of Pay-TV and Content Protection
2. Business Model and Release Window Evolution
3. Distribution Network Evolution &
4. New Device Emergence
5. OTT Disruption
6. Content Protection Challenges
7. Service Operator Desired Scenarios
8. Unified Solution
9. Standardization
3. • Analog Conditional Access Systems
• Digital Conditional Access Systems
• Embedded vs. Smart Card solutions
• Two-way IP Conditional Access
• Digital Rights Management
• Output protection and home networking
Increased contact value and quality => increased
security requirements
4. • Linear TV -> PPV -> DVR
• On-demand Services -> Network DVR -> Cloud
Content
• Electronic Sell-Through -> Rental -> Subscription VOD
• Day-and-date release -> Early Release/Premium VOD
Business models and user expectations are changing
rapidly
5. • One-way cable, satellite and terrestrial networks
• Two-way IPTV networks
• 3G/4G/LTE distribution
• Unmanaged OTT networks
The goal is to reach as many subscribers over any
network on any device
6. • Set-top box -> DVR -> Residential GW
– Custom built, single-purpose devices, integrated security
• PC/Mac -> Smart phone -> Tablet -> Game consoles
– Retail distribution, multi-purpose devices, limited security
• Connected TV and Connected Blu-ray players
– Retail, single-purpose moving to multi-purpose devices
Control over a device is shifting from the network
operator to the consumer
7. • Initial OTT services were underestimated
– Low-value content, low quality and resolution
– > limited security
• Consumer acceptance drives demand for high-value
content and higher quality (HD)
– > higher security requirements
Content value comparable to Pay-TV content demands
comparable content protection
8. What is Content Protection?
– Content encryption
– Authentication
– Secure key management
– Rights management
– Output control
– Link protection
– Forensic watermarking
9. 1. Premium VOD
– Strong encryption, robustness rules, protected outputs
(HDCP, no analog), forensic watermark
2. Home Entertainment/Electronic Sell-Through (EST)
– Strong encryption, AACS-like, analog sunset
3. PPV/Subscription VOD
– Strong transmission encryption, DRM for downloads, copy-
once outputs
4. Free-to-air
– DRM for downloads
12. • From a single-network solution:
– IPTV or DVB
– STB -> DVR -> Whole-Home DVR
• To a multi-network solution:
– DVB live services augmented by IPTV on-demand
• Augment managed network distribution with
unmanaged network/OTT distribution
– Reach mobile and tablet devices
– Reach beyond physical network boundaries
13. SMS / Middleware
Single Security Authority Linear
Content
Broadcast
Client Support
Bcast CSM Key &
(DVB one-way) control
data ViewRight
DVB One-way DVB STB
Multiplexers,
Scramblers,
OMI / Entitlement Interface
Modulators
Verimatrix
Entitlements
DB
14. SMS / Middleware
Single Security Authority Linear
Content
ViewRight
Client Support
Bcast CSM Key &
(DVB one-way) control
data ViewRight
DVB One-way DVB STB
Multiplexers,
CSM Scramblers,
(IPTV/Hybrid)
SEI / Entitlement Interface
Modulators
ViewRight
Hybtrid STB
IPTV &
Verimatrix
IP return path Hybrid
for ViewRight IPTV,
Hybrid clients ViewRight
PC / Mac
Encoders,
Encrypters,
Servers
Entitlements
DB
On-demand
Content
15. SMS / Middleware
Single Security Authority Linear
Content
ViewRight
Client Support
Bcast CSM Key &
(DVB one-way) control
data ViewRight
DVB One-way DVB STB
Multiplexers,
CSM Scramblers,
(IPTV/Hybrid)
SEI / Entitlement Interface
Modulators
ViewRight
Hybtrid STB
ACSM IPTV &
Verimatrix
Adaptive Streaming IP return path Hybrid
for ViewRight IPTV,
Hybrid, or OTT clients ViewRight
PC / Mac
Encoders, iPhone &
Encrypters, Mobile
Servers Internet &
OTT
Entitlements
DB
On-demand
Content
16. Video content distribution system must support:
1. Multiple networks: 1-way, 2-way,
managed/unmanaged
2. Multiple devices: STB, RGW, Hybrid STB, PC/Mac,
mobile/tablet, connected TV, game console
3. Multiple CAS and DRM solutions
4. Common Operator Interface
5. User domain management and common entitlements
17. • DECE/UltraViolet
– Common File Format
– Common Encryption
• MPEG-DASH
– Unified Adaptive Streaming Protocols
– Common Media Presentation Description
• HTML5
– Adding support for protected content
• DLNA
– Premium Video Profile
Help is on the way
18. Dynamic Adaptive Streaming over HTTP (DASH)
• Unified Media Presentation Descriptor (MPD)
• Supports several profiles:
– 3 ISO base media file format (MP4)
– 2 MPEG-2 TS profiles
W3C HTML5
• Encrypted Media Extension
• Need to indicate protection system and how to
request content keys (or a license)
19. <video width="320" height="240" controls="controls">
<source src="movie.mp4" type="video/mp4" />
<source src="movie.m3u8" type="video/hls" />
<source src="movie.mpd" type="video/dash" />
Fallback - Your browser does not support the video tag.
</video>
UI as HTML5 Web Page
Extended HTLM5 Browser Core
Key and
Adaptive Protocol
Stream
& Video Stack Security
20. Content Protection White Paper: Content Security
Requirements for Multi-Screen Video Services
• Bill Rosenblatt & Verimatrix
• http://copyrightandtechnology.com/2012/01/09/ne
w-white-paper-content-security-requirements-for-
multi-screen-video-services/
• http://www.verimatrix.com/multiscreensecurity/