ATIS 0800060-2013 Report on DECE Specifications Compatibility with ATIS IIF Specifications.pdf

1、 ATIS-0800060 REPORT ON DECE SPECIFICATIONS COMPATIBILITY WITH ATIS IIF SPECIFICATIONS As a leading technology and solutions development organization, ATIS brings together the top global ICT companies to advance the industrys most-pressing business priorities. Through ATIS committees and forums, nea

2、rly 200 companies address cloud services, device solutions, emergency services, M2M communications, cyber security, ehealth, network evolution, quality of service, billing support, operations, and more. These priorities follow a fast-track development lifecycle from design and innovation through sol

3、utions that include standards, specifications, requirements, business use cases, software toolkits, and interoperability testing. ATIS is accredited by the American National Standards Institute (ANSI). ATIS is the North American Organizational Partner for the 3rd Generation Partnership Project (3GPP

4、), a founding Partner of oneM2M, a member and major U.S. contributor to the International Telecommunication Union (ITU) Radio and Telecommunications sectors, and a member of the Inter-American Telecommunication Commission (CITEL). For more information, visit . Notice of Disclaimer see for further de

5、tails. ATIS-0800060 3 Conclusion and recommendations on further actionable specification development work by ATIS is covered in section 8. . 5 Analysis of DECE Specifications Compatibility with ATIS IIF Architecture The purpose of DECE is to allow users to buy content from multiple content providers

6、, while also sharing it among all members of the DECE account regardless of the device they are authorized to use. The concept is to reproduce what has been successfully done with physical media (DVD and Blu-Ray) for multimedia content download and streaming. Another important aspect, although trans

7、parent to users, is to minimize the impact on how content owners and companies are currently selling downloadable and streamable multimedia content to end users. This section reviews the currently-published UltraVioletTMspecifications. A subsection is dedicated to each specification in order to dete

8、rmine its possible relevance to the ATIS IIF architecture. 5.1 DECE System Specification The DECE System Specification 8 is a high-level overview of the DECE environment. It covers the architecture, the various components involved, and how they interact to provide content to devices for consumption

9、by a user in a secure way. DECE is involved in managing the content deliverys customer experience (account/user, device, DRM/rights, content database), although not the content delivery itself3. To achieve this, DECE has developed a DECE account. This account holds all the relevant information assoc

10、iated with what DECE calls a household. A DECE household is not limited to the home environment, and DECE-based content can be delivered to any devices (mobile or fixed) authorized within the DECE account. The DECE account may support territorial content licensing and distribution restrictions (e.g.

11、, national markets). The DECE account manages three main categories of information: 1. Rights locker: Storage of all content purchase records, allowing all the users of the household/DECE account to consume any content bought, even the ones purchased by other members of the household/DECE account. 2

12、. DECE domain: Storage of information about authorized DECE devices and the DRM they support. 3. Household: A unique identification of the users of the account, including parameters defining supported services. To fulfill this concept, DECE has developed an architecture, reproduced below in Figure 1

13、, showing the various components and their relationships. 3As indicated in the section 5 introduction, one of DECEs goals is to minimize impacts to the existing processes and procedures of content owners and companies selling content who would join this organization. Therefore, the DECE architecture

14、 is designed as a coordination layer of those companies service offerings. ATIS-0800060 4 Figure 1: DECE Architecture4The eight components of the DECE environment are: 1. Coordinator Maintains a content information database, manages all the accounts and their associated users and devices, runs domai

15、n management for all DECE-approved DRMs, and stores proof of purchases for each account. Responsible for secure access of its information by other components and users, as well as policing use of the environment. 2. Content Publisher Source for adding and modifying DECE-based content. Once publishin

16、g is completed, provides the contents metadata information to the Coordinator. NOTE DECE does not specify how content is provided to the retailer, Download Service Provider (DSP), and Locker Access Streaming Provider (LASP) for delivery to the end users device. 3. Retailer The component that provide

17、s an interface to allow the purchase of DECE-based content, support payment capability, and manage the users retail account. Upon purchase, sends the content purchase details to the Coordinator to insert into the accounts rights locker. 4. Download Service Provider (DSP) 4This figure is taken from s

18、ection 3.1 of 8. ATIS-0800060 5 The component that delivers the encrypted content to the customer. o A commercial entity that performed the Retailer function (i.e., sold the content) can also perform the DSP function itself or via a third party. Verifies device credentials before requesting the end

19、users account DRM credentials. Download to the end user device is conditioned on authorization by local management at the DSP of the end users account DRM credentials received from the Coordinator. 5. Locker Access Streaming Provider (LASP) The component that delivers streaming service to DECE-autho

20、rized devices. Verifies device credentials before requesting the end users account DRM credentials. Supports either streaming to DECE-authorized devices associated with an account (linked) or with any DECE-authorized devices not linked to an account, although the latter case would require one-time a

21、uthorization each time it connects to the service for a transaction (dynamic). Streaming to an end user device is conditioned on authorization by local management at the LASP of the end users account DRM credentials received from the Coordinator, unless this is a one-time authorization transaction.

22、6. Device For DECE purposes, a device can be a hardware component, a software component, or a combination of both. DECE calls it a physical device. o As shown in Figure 1 above, DECE supports the use of “connected devices” (devices having an Internet connection to DECE components), “tethered hosts”

23、devices requiring another device under the control of the user to communicate with DECE components (e.g., a computer), and “proxied device” (devices using a server to communicate with DECE components). In order to get access to content through a DSP, the device must be defined in the DECE account an

24、d therefore must support at least one DECE-approved DRM client, have a DECE-approved client, and comply with the DECE media format (CFF). In practice, this restricts the category of devices that can be registered with the account to DECE-licensed device types5. o To make the content available to the

25、 user, the devices media player interacts with the DRM client, the DECE license application, or both. The device has to be declared as being either SD (playing only SD content) or HD (playing both SD and HD content). Finally, the device should have a REST client to communicate with the DECE portal.

26、NOTE Although not mandatory, a DECE-capable device can also have other applications, such as a browser, streaming client, discrete media client, or access portal client (see item 8 below). 7. Device Portal This component provides secured web access for managing an accounts authorized devices and acc

27、ess to previously-purchased content. 8. Access Portal 5The DECE license application is required for any device wanting to receive DECE-based content (see section 8 below for more details). ATIS-0800060 6 The Access Portal interfaces with non-DECE applications to provide access to the Coordinator. An

28、 application or service allowed by DECE to provide programmatic access to information similar to that available to the Retailer, LASP, or device web portal. Communication between the Coordinator and the other DECE components is performed via an API defined by DECE.65.2 Common File Format (2) providi

29、ng it in the DECE CFF format (including encryption); and (3) delivering that DECE-formatted content along with the metadata and keys. That being said, the only output of a Content Provider component defined in DECE specifications is what it provides to the Coordinator (all Content ID and the related

30、 metadata sold to retailers). The interface between the two is defined in the DECE Coordinator API Specifications, which are not publicly available. Each content provider also sends what is called “products” to each retailer it does business with. A product is composed of one or multiple content IDs

31、, metadata, media profiles (HD and/or SD), and encryption keys. However, the exchange of this product information8from content providers to the retailers (metadata), the DSP (content, metadata, and encryption keys), and LASP (content and metadata) is out of scope in DECE specifications. The Content

32、Publishing Specification also includes a description of the relation between a piece of content and the rights required for a customer to view it, as well as guidelines on how to use the metadata structure described in the Content Metadata Specification 2. 5.5 Device Specification The DECE Device Sp

33、ecification 4 goes into more detail about the functions involving the devices interaction with the DECE ecosystem. 7The reader is encouraged to consult section 3 of 3 for more details. 8Refer to Figure 1. ATIS-0800060 9 From a DECE point of view, a device could be a hardware or software product, as

34、well as a combination of the two. To be DECE-compliant, the device implementing the IPTV Terminal Function (ITF) should include, at a minimum, an approved DRM client, the DECE license application, a REST client, and a DECE Media Player. Therefore, it seems possible for an ITF to also be part of a DE

35、CE-compliant device. DECE defines the following interactions between a DECE device and the rest of the DECE ecosystem as shown in Figure 1 of section 5.1: It communicates with the DSP to get content and acquires a DRM license to consume the content. The DECE device license application connects with

36、the DECE portal (which is under the control of the Coordinator) for the following management functions: o Adding/removing a device in the DECE account9. This allows the device to share DRM licenses and rights to consume content with other devices in the account. o Managing account users data. o View

37、ing content rights in the account. NOTE The communication between the DECE device license application and the Coordinator is defined in an API specification requiring an NDA (called DCoord). The following interfaces are not currently specified by DECE: Interaction with the company selling the DECE c

38、ontent, including content purchase procedure (the only mandated requirement is to provide purchased content right to the Coordinator). The method of delivery for streaming content from the LASP to the end user device. Access to DECE-related authorized management information by means other than using

39、 a REST client to connect with the DECE portal.10 The interface between the Retailer and the end user device. 5.6 Discrete Media Specification The Discrete Media Specification 5 covers the delivery of DECE-based content to users on a physical media (e.g., optical disk or memory device) called discre

40、te media. This is an alternative to the one-time consumption of content directly to a DECE device11through the DSP entity as described in section 5.1. With discrete media, the user has the ability to view the content more than once. This is an optional form of providing content to the users and DECE

41、 entities are not mandated to support it. However, if supported, three models are proposed: 1. The retailer or content provider delivers discrete media with pre-recorded content to the user, either at the time of initial purchase or later (when the user requests a discrete media version of the conte

42、nt he already purchased). 2. The retailer or DSP records the content providers content on a discrete media using a discrete media client12and provides it to the user. 9There is currently a maximum of 12 devices which can join a DECE account and share content acquired by any of the accounts devices.

43、From a DECE management perspective, a device with 2 different DRM clients is counted as 2 DECE devices. 10The DECE device can access information using HTML and user/password authentication or a 3rdparty portal using proprietary interfaces. In that case, DECE defines an interface between the Coordina

44、tor and the 3rdparty portal. 11A DECE device is different than a discrete media device, although a DECE device can incorporate discrete device functionality. 12An application that can record content to a discrete media device, using a DECE-approved method. ATIS-0800060 10 3. The user connects to a D

45、SP and downloads an approved file, allowing the recording of the content on an approved discrete media using a discrete media client. NOTE In this case, the discrete media client is provided to a user by the DSP or a DECE licensee. The only interfaces defined by DECE are the ones between the coordin

46、ator, DSP, and retailer, which are used to manage the use of discrete media within the DECE environment. 5.7 Geographies Specification The Geographies Specification 6 addresses mandatory and optional policies associated with the delivery of content to customers. The goal is to comply with legal requ

47、irements (such as parental controls) as well as any practice or custom applicable to a specific region. This is achieved by managing the DECE account and users features in two ways: Addressing the age of the DECE accounts user (child, youth, adult, or legal guardian). Taking into consideration the “

48、geographical territories” where the content is being delivered (usually countries, although nothing prevents applying it to other geographical subdivisions). These mechanisms are used primarily by Retailers, LASPs, and companies providing Access Portal service (see Figure 1) that interact with custo

49、mers and the Coordinator. Although many parameters involved in this activity are based on standards (either ISO or IETF), the interfaces between the above-mentioned DECE components and the customer are not based on any standard. 5.8 Message Security Mechanisms Specification The Message Security Mechanisms Specification 7 details the requirements for secured communication between the Coordinator and other components of the DECE ecosystem, as well as between the DECE devices media clients a