ImageVerifierCode 换一换
格式:PDF , 页数:30 ,大小:789.41KB ,
资源ID:733250      下载积分:10000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-733250.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(ETSI GS ECI 002-2018 Embedded Common Interface (ECI) for exchangeable CA DRM solutions System validation (V1 1 1 Includes Diskette).pdf)为本站会员(eveningprove235)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

ETSI GS ECI 002-2018 Embedded Common Interface (ECI) for exchangeable CA DRM solutions System validation (V1 1 1 Includes Diskette).pdf

1、 ETSI GS ECI 002 V1.1.1 (2018-04) Embedded Common Interface (ECI) for exchangeable CA/DRM solutions; System validation floppy3Disclaimer The present document has been produced and approved by the Embedded Common Interface (ECI) for exchangeable CA/DRM solutions ETSI Industry Specification Group (ISG

2、) and represents the views of those members who participated in this ISG. It does not necessarily represent the views of the entire ETSI membership. GROUP SPECIFICATION ETSI ETSI GS ECI 002 V1.1.1 (2018-04) 2 Reference DGS/ECI-002 Keywords CA, DRM, validation ETSI 650 Route des Lucioles F-06921 Soph

3、ia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice The present document can be downloaded from: http:/www.etsi.org/standards-search The pr

4、esent document may be made available in electronic versions and/or in print. The content of any electronic and/or print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any existing or perceived difference in contents between such ver

5、sions and/or in print, the only prevailing document is the print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the

6、current status of this and other ETSI documents is available at https:/portal.etsi.org/TB/ETSIDeliverableStatus.aspx If you find errors in the present document, please send your comment to one of the following services: https:/portal.etsi.org/People/CommiteeSupportStaff.aspx Copyright Notification N

7、o part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm except as authorized by written permission of ETSI. The content of the PDF version shall not be modified without the written authorization of ETSI. The copyright and the f

8、oregoing restriction extend to reproduction in all media. ETSI 2018. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTMand the ETSI logo are trademarks of ETSI registered for the benefit of its Members. 3GPPTM and LTETMare trademarks of ETSI registered for the benefit of its Members and of the 3GPP Or

9、ganizational Partners. oneM2M logo is protected for the benefit of its Members. GSMand the GSM logo are trademarks registered and owned by the GSM Association. ETSI ETSI GS ECI 002 V1.1.1 (2018-04) 3 Contents Intellectual Property Rights 5g3Foreword . 5g3Modal verbs terminology 5g31 Scope 6g32 Refer

10、ences 6g32.1 Normative references . 6g32.2 Informative references 7g33 Definitions and abbreviations . 7g33.1 Definitions 7g33.2 Abbreviations . 9g34 Characteristics of ECI interfaces 10g34.1 General remarks . 10g34.2 General ECI Host resources . 10g34.3 ECI specific ECI Host resources 10g34.4 ECI H

11、ost decryption resources . 11g34.5 ECI re-encryption resources . 11g34.6 Content protection related resources 11g34.7 ECI Client Communication related resources 11g35 Installation of an ECI Host . 11g36 Installation of an ECI Client . 13g37 Installation of a 2nd ECI Client on the same device 14g38 D

12、ecryption of protected content . 15g39 Re-encryption of content 17g310 Play-out to an external device 19g311 Security aspects 21g311.1 Introduction 21g311.2 General description of an ECI Certificate Chain 23g311.3 Trust provisioning for an ECI Host 24g311.4 Trust Provisioning for an ECI Client 26g3H

13、istory 30g3ETSI ETSI GS ECI 002 V1.1.1 (2018-04) 4 List of Figures Figure 4-1: API classification of the ECI architecture 10g3Figure 5-1: Flow diagram for the installation of an ECI Host .12g3Figure 6-1: Flow diagram for the installation of an ECI Client.13g3Figure 7-1: Flow diagram for the installa

14、tion of a second ECI Client 15g3Figure 8-1: Flow diagram for the decryption of content .16g3Figure 9-1: Flow diagram for the re-encryption of content .18g3Figure 10-1: Flow diagram for the play-out of content .20g3Figure 11-1: Example for a chain of trust in an ECI environment 22g3Figure 11-2: Signi

15、ng and verification of ECI Certificates .23g3Figure 11-3: Creation of certificates for an ECI Host image .24g3Figure 11-4: Activities for the publication of Revocation Lists for an ECI Host 25g3Figure 11-5: Verification of certificates for an ECI Host image .26g3Figure 11-6: Creation of certificates

16、 for an ECI Client .27g3Figure 11-7 Activities for the publication of Revocation Lists for an ECI Client .28g3Figure 11-8: Verification of certificates for the operation of an ECI Client .29g3ETSI ETSI GS ECI 002 V1.1.1 (2018-04) 5 Intellectual Property Rights Essential patents IPRs essential or pot

17、entially essential to normative deliverables may have been declared to ETSI. The information pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essent

18、ial, IPRs notified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (https:/ipr.etsi.org/). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee ca

19、n be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the present document. Trademarks The present document may include trademarks and/or tradenames which are asserted and/or registered

20、 by their owners. ETSI claims no ownership of these except for any which are indicated as being the property of ETSI, and conveys no right to use or reproduce any trademark and/or tradename. Mention of those trademarks in the present document does not constitute an endorsement by ETSI of products, s

21、ervices or organizations associated with those trademarks. Foreword This Group Specification (GS) has been produced by ETSI Industry Specification Group (ISG) Embedded Common Interface (ECI) for exchangeable CA/DRM solutions. The present document describes the validation of the ECI architecture that

22、 is specified in parts 1 to 6 of the ISG ECI multi-part document ETSI GS ECI 001 “Embedded Common Interface (ECI) for exchangeable CA/DRM solutions“. The titles of these parts are listed below: Part 1: “Architecture, Definitions and Overview“; Part 2: “Use cases and requirements“; Part 3: “CA/DRM Co

23、ntainer, Loader, Interfaces, Revocation“; Part 4: “The Virtual Machine“; Part 5-1: “The Advanced Security System; ECI specific functionalities“; Part 5-2: “The Advanced Security System; Key Ladder Block“; Part 6: “Trust Environment“. Modal verbs terminology In the present document “shall“, “shall no

24、t“, “should“, “should not“, “may“, “need not“, “will“, “will not“, “can“ and “cannot“ are to be interpreted as described in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of provisions). “must“ and “must not“ are NOT allowed in ETSI deliverables except when used in direct cit

25、ation. ETSI ETSI GS ECI 002 V1.1.1 (2018-04) 6 1 Scope For implementations of an ECI Ecosystem as described in ETSI GS ECI 001-1 1 the evaluation of the system architecture is of high importance with respect to verifying the correctness of the features described in the multi-part standard. The requi

26、rements for such a system are given in ETSI GS ECI 001-2 2. The present document contains a set of life-cycle oriented use cases reflecting the usage of components of an ECI system from its installation via its usage for content-protected media up to playout to an external device. The ECI system aim

27、s at exchangeability of CA and DRM systems in the users end device by defining appropriate interfaces between such systems and the device. End-users are enabled to install security clients on their devices to ensure interoperability with the services and devices of their choice. The platform operato

28、r, in collaboration with the content provider, can select the most suitable technology for a chosen application and can offer the corresponding application to his customers for download. The following features are supported by an ECI system: Provisioning of a software container for a CA respectively

29、 DRM kernel, called an ECI Client Implementation of multiple software containers in a device for the support of more than one protection scheme Installation of ECI Clients is separated from the installation of other CPE software Support for smartcard-less or smartcard-based protection systems Suppor

30、t for the user to discover and download the appropriate kernel Support for chip-set security, also known as Advanced Security Applicable to classical digital broadcasting, IPTV and OTT services The fulfilment of these features is done via defined interfaces that are available for an ECI Client. The

31、characteristics of these interfaces are described in clause 4 of the present document. Afterwards, several test cases are described in order to show the correctness and the completeness of the ECI architecture as described in ETSI GS ECI 001-3 3, ETSI GS ECI 001-4 4, ETSI GS ECI 001-5.1 5, ETSI GS E

32、CI 001-5.2 6 and ETSI GS ECI 001-6 7. Test cases described in clauses 5 to 8 include the installation of ECI Host and ECI Client, the installation of a second ECI Client and the decryption of protected content. Clause 9 shows the processing steps for a re-encryption of content whereas clause 10 desc

33、ribes the play-out of content to an external device. Besides these technically oriented tests cases the handling of security aspects and the provisioning of trust within an ECI Ecosystem is described in clause 11. 2 References 2.1 Normative references References are either specific (identified by da

34、te of publication and/or edition number or version number) or non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the reference document (including any amendments) applies. Referenced documents which are not found to be publicly a

35、vailable in the expected location might be found at https:/docbox.etsi.org/Reference/. NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee their long term validity. The following referenced documents are necessary for the application of the

36、 present document. 1 ETSI GS ECI 001-1 (V1.2.1): “Embedded Common Interface (ECI) for exchangeable CA/DRM solutions; Part 1: Architecture, Definitions and Overview“. 2 ETSI GS ECI 001-2 (V1.2.1): “Embedded Common Interface (ECI) for exchangeable CA/DR solutions; Part 2: Use cases and requirements“.

37、ETSI ETSI GS ECI 002 V1.1.1 (2018-04) 7 3 ETSI GS ECI 001-3: “Embedded Common Interface (ECI) for exchangeable CA/DRM solutions; Part 3: CA/DRM Container, Loader, Interfaces, Revocation“. 4 ETSI GS ECI 001-4: “Embedded Common Interface (ECI) for exchangeable CA/DRM solutions; Part 4: The Virtual Mac

38、hine“. 5 ETSI GS ECI 001-5-1: “Embedded Common Interface (ECI) for exchangeable CA/DRM solutions; Part 5: The Advanced Security System; Sub-part 1: ECI specific functionalities“. 6 ETSI GS ECI 001-5-2: “Embedded Common Interface (ECI) for exchangeable CA/DRM solutions; Part 5: The Advanced Security

39、System; Sub-part 2: Key Ladder Block“. 7 ETSI GS ECI 001-6: “Embedded Common Interface (ECI) for exchangeable CA/DRM solutions; Part 6: Trust Environment“. 2.2 Informative references References are either specific (identified by date of publication and/or edition number or version number) or non-spe

40、cific. For specific references, only the cited version applies. For non-specific references, the latest version of the reference document (including any amendments) applies. NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee their long ter

41、m validity. The following referenced documents are not necessary for the application of the present document but they assist the user with regard to a particular subject area. i.1 ISO/IEC 13818-1: “Information technology - Generic coding of moving pictures and associated audio information - Part 1:

42、Systems“. 3 Definitions and abbreviations 3.1 Definitions For the purposes of the present document, the following terms and definitions apply: Advanced Security System: function of an ECI compliant CPE, which provides enhanced security functions (hardware and software) for an ECI Client NOTE: The de

43、tails are specified in ETSI GS ECI 001-5-1 5. AS Slot: resources of the Advanced Security System provided exclusively to an ECI Client by the ECI Host Chipset-ID: non-secret number that is used to identify a chipset Child, Children: entity (entities) referred to by a Certificate signed by a (common)

44、 Father NOTE: Father, Children, Brother are referring to entities that manage Certificates: initialization data and software that is used to start the SoC of a CPE. Certificate: data with a complementary secure digital signature that identifies an Entity NOTE: The holder of the secret key of the sig

45、nature attests to the correctness of the data - authenticates it - by signing it with its secret key. Its public key can be used to verify the data. Certificate Chain: list of certificates that authenticate each other including a Root Revocation List Certificate Processing Subsystem: subsystem of th

46、e ECI Host that provides certificate verification processing and providing additional robustness against tampering Control Word: secret key used to encrypt and decrypt content ETSI ETSI GS ECI 002 V1.1.1 (2018-04) 8 CPE Manufacturer: company that manufactures ECI compliant CPEs ECI (Embedded CI): ar

47、chitecture and the system specified in the ETSI ISG “Embedded CI“, which allows the development and implementation of software-based swappable ECI Clients in customer premises equipment (CPE) and thus provides interoperability of CPE devices with respect to ECI ECI Client (Embedded CI Client): imple

48、mentation of a CA/DRM client which is compliant with the Embedded CI specifications NOTE: It is the software module in a CPE which provides all means to receive, in a protected manner, and to control execution of a consumers entitlements and rights concerning the content that is distributed by a con

49、tent distributor or Operator. It also receives the conditions under which a right or an entitlement can be used by the consumer, and the keys to decrypt the various messages and content. ECI Client Image: file with software as VM code, and initialization data required by the ECI Client Loader ECI Client Loader: software module part of the ECI Host which allows to download, verify and install new ECI Client software in an ECI Container of the ECI Host ECI Ecosystem: real-world instantiation of a Trust Environment consisting of a

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1