1、 ATIS-0800001.v003 IPTV DRM INTEROPERABILITY REQUIREMENTS ATIS is the leading technical planning and standards development organization committed to the rapid development of global, market-driven standards for the information, entertainment and communications industry. More than 200 companies active
2、ly formulate standards in ATIS Committees and Forums, covering issues including: IPTV, Cloud Services, Energy Efficiency, IP-Based and Wireless Technologies, Quality of Service, Billing and Operational Support, Emergency Services, Architectural Platforms and Emerging Networks. In addition, numerous
3、Incubators, Focus and Exploratory Groups address evolving industry priorities including Smart Grid, Machine-to-Machine, Connected Vehicle, IP Downloadable Security, Policy Management and Network Optimization. ATIS is the North American Organizational Partner for the 3rd Generation Partnership Projec
4、t (3GPP), a member and major U.S. contributor to the International Telecommunication Union (ITU) Radio and Telecommunications Sectors, and a member of the Inter-American Telecommunication Commission (CITEL). ATIS is accredited by the American National Standards Institute (ANSI). For more information
5、, please visit . Notice of Disclaimer it was extracted/derived from ATIS IPTV Exploratory Group Report and Recommendation to the TOPS Council, July 19, 2005: Lack of Consensus on Standards for DRM (Section 4.2.2) Today, the solutions offered for digital rights management are largely proprietary: som
6、e software from the DRM vendor must be integrated into the set-top-box (STB). The proprietary nature of such solutions was seen for example: 1. The ability of the service provider to select a desired STB; 2. The evolution of a retail market for a consumer electronics STB; and 3. Consumer access to ”
7、long tail” content. Going forward, it is expected that the existing DRM schemes would continue to be used, while at the same time, the IPTV standards work would focus on a next-generation service architecture that includes DRM and support for multiple-operator, multiple-content provider networks. It
8、 should be noted that DRM is a major issue in the industry, and possible solutions are being worked in multiple industry forums. The industry needs to synchronize the DRM requirements for IPTV with the efforts already underway to arrive at a single approach for DRM. Similarly the user profile, ident
9、ities, and mobility/nomadicity management capabilities of NGN should be considered for key enablers of a more open and user-friendly set of DRM schemes. 1.2 Goal The goal of a security solution for IPTV is to enable the widest range of IPTV business models, while keeping the IPTV content secure and
10、enabling security vendor competition and platform operator choice. IPTV service providers must have the flexibility to select, adopt, and deploy solutions according to their specific business needs. The IIF standards work will focus on a next-generation service architecture that includes IPTV DRM/se
11、curity and support for multiple-operator, multiple-content provider networks. The objective of this document is to produce relevant requirements in an evolving industry that are intended to be part of a suite of IPTV security standards that cover IPTV security requirements, analysis, detailed specif
12、ication, and/or implementation guidelines for IPTV deployment with special focus on the needs of North America. ATIS-0800001.v003 2 1.3 Scope This requirements document is limited to the storage, reception, manipulation, and display of contents on the primary IPTV Receiving Device (e.g., STB and mul
13、ti-room DVR), and will not include requirements for either content re-distribution to other devices in the home (e.g., portable devices, PCs) or DRM of the content on such other devices in the home. Also, this document will not include further distribution of the content to parties other than the or
14、iginal consumer. However, ATIS-0800055, DRM Interoperability Requirements for the Distribution of Content in the Subscribers Authorized Service Domain, will address content re-distribution to other devices in the home (e.g., portable devices, PCs) and DRM of the content on such other devices. 1.4 Ma
15、cro-Level IPTV Security Solution Objectives The IPTV DRM standards (and related IPTV interface specification standards) should provide for solutions consistent with the IPTV security solution objectives stated here. DRM systems are closely related to copyright laws/treaties and content protection an
16、d management, can impact the privacy interests of users/subscribers, and can impact usability by users/subscribers. Thus, the following high level objectives provide the context and framework for the IPTV security solution: 1. The IPTV security solution shall be consistent with all applicable laws a
17、nd treaties (e.g., DMCA). 2. The IPTV security solution shall provide for appropriate content usage controls (e.g., Copy Controls) by the service provider and content owner. 3. The IPTV security solution shall provide for appropriate content usage flexibility (e.g., private fair use) by the user/sub
18、scriber. 4. The IPTV security solution shall provide for a secure environment such that threats to content ownership and management (e.g., content theft or pirating) are eliminated or reasonably mitigated. 5. The IPTV security solution (in conjunction with other IPTV components) shall not compromise
19、 the appropriate privacy interests of users/subscribers. 6. The IPTV security solution functions should generally be transparent to the user, in that the user should generally be unaware of the DRM functions under normal situations; however, under user-observable restriction of rights instances (e.g
20、., a user attempt to make an inappropriate copy of content), the IPTV security solution and the DRM system functions (in conjunction with subscriber management system and user interface) shall provide for usability (e.g., notices, guidance, interactions, etc.) that has the following characteristics:
21、 a. DRM usability provided to the user/subscriber shall be generally user friendly and easy to understand and be characterized as simple, clear, direct, manageable, practical, and non-technical. b. DRM interactions with user/subscriber should not cause service-related misunderstandings and thus shou
22、ld not induce the user/subscriber to invoke follow up (service provider) customer care interactions. 2 Definitions, Acronyms, Server-Side DRM Interface; and IPTV Receiving Device DRM Interface. 3.1 Scrambling Algorithm(s) To provide for the highest levels of security and performance, encryption and
23、decryption are generally performed in hardware, so there are normally just a small number of scrambling algorithms deployed on a typical receivers hardware platform. To ensure compatibility between different IPTV Receiving Device hardware platforms on an operators network, and to minimize the implic
24、ation to the hardware, only a small number of scrambling algorithms will be utilized. The network operator will get maximum choice of IPTV Receiving Device platforms with the adoption and implementation of a standardized scrambling algorithm(s). ATIS-0800001.v003 6 3.2 Server-Side DRM Interface The
25、interface between the middleware of the network operators Subscriber/Service/Asset Management System (server-side middleware) and the DRM System is a good candidate for specification. The definition of a Server-Side DRM Interface will enable flexible choices for the practical deployment of server-si
26、de middleware and DRM systems. The proposed interfaces will update and query the DRM System concerning: 1. IPTV Receiving Devices; 2. Subscribers; 3. Entitlements/Rights; and 4. Services/Assets. 3.3 IPTV Receiving Device DRM Interface The interface specification for the DRM Component on the IPTV Rec
27、eiving Device will be a good candidate for specification. This will achieve the interoperability, interconnection, and implementation required on the IPTV Receiving Device side. The network operator will get maximum choice in supported receiver devices with the adoption and implementation of this sp
28、ecification. The definition of a simple interface between the IPTV Receiving Device and the DRM Component will simplify the interconnection and integration effort of the DRM Component on the IPTV Receiving Device. This will enable the network operator to confidently select an IPTV Receiving Device t
29、hat will be able to host the component of any DRM vendor complying with the specification. Aspects of the IPTV Receiving Device DRM Component may be downloadable from the DRM System Management server. In some instances, “smartcard” technology or other separable security technologies may be used as p
30、art of the IPTV Receiving Device DRM Component. If a smartcard or separable security element is part of a deployed IPTV Receiving Device DRM Component, it may be removable. In either case, aspects of the IPTV Receiving Device DRM Component may be tightly coupled to other aspects of the IPTV Receivin
31、g Device (for example, hardware or the presence of other software). ATIS-0800001.v003 7 3.4 Detail Block Diagram Server Side DRM SystemSubscriber / Service / Asset Management SystemServer MiddlewareOffline EncryptionBroadcastContentServerContent OnDemandContentIPTV Receiving Device Key ManagementIPT
32、VReceivingDeviceMiddlewareOutputportInputportCOD Servercontrol I/OServer Middleware Control I/OI/O to clientIPTV networkIPTVReceivingDeviceDRMportIPTVReceivingDevicemiddlewareportIPTV Receiving DevicetoIP networkportViewingDeviceReal-Time EncryptionContent On Demand ServerIPTVReceivingDevice other f
33、unctionsIPTVReceivingDeviceto viewing device portDRM System Management ServerIF 1a.IF 1b.IF 2b.IF 2a.IF 3.IF 4.IF 5. IF 6.IF 7.IF 8.IF 9.IF 10.ST 1.ST 2.ST 5.ST 4.IF 11.ST 3.IPTVDistributionNetworkIPTV Receiving Device DRM ComponentFigure 2: Detailed DRM Components Block Diagram The above detail blo
34、ck diagram uses certain conventions: The term element refers to a specific function that is required to be achieved. An element may be either hardware or software or some combination of hardware and software. An element may be comprised of other sub-elements, but these sub-elements are not necessari
35、ly shown in the figure (e.g., one function may be implemented using three chassis that are somehow connected to each other, but connect to the rest of the diagram through just one interface). The term port refers to a physical means by which data may be transported either into or out of an element.
36、The term interface is used to indicate that two ports of different elements are directly connected. The term stream is used to indicate that two elements are connected, but not directly. A port or stream may be uni-directional or bi-directional, but it does not by implication mean that in the bi-dir
37、ectional case the data communicated is of a similar nature. Based on the above figure, the following elements are now defined: Real-Time Encryption: The purpose of this element is to ingest what could be a great amount of content, to encrypt that content in real time using keys that are provided by
38、the Key Management element, and to output a stream of that encrypted real-time content. Hence, there is: ATIS-0800001.v003 8 1. A stream from this element to the IPTV Receiving Device; 2. Interfaces from the content servers to this element; and 3. An interface amongst the elements that comprise the
39、Server-Side DRM System. Offline Encryption: The purpose of this element is to receive content destined to be stored on the Content on Demand (COD) Server for some period of time and to encrypt and process the content accordingly. Therefore, there are three interfaces on this element: 1. To the sourc
40、es of the content to this element; 2. From this element to the input port of the COD server; and 3. An interface amongst the elements that comprise the Server-Side DRM System. Key Management: The purpose of this element is to provide suitable encryption keys to: 1. The Real-Time Encryption element;
41、2. The Offline Encryption element; and 3. The IPTV Receiving Device. Thus, there is: 1. A stream from this element to the IPTV Receiving Device; and 2. An interface amongst the elements that comprise the Server-Side DRM System. DRM System Management Server: This element is to act as the central core
42、 of the DRM solution and to properly instruct the DRM System sub-elements: 1. Real-Time Encryption; 2. Key Management; and 3. Offline Encryption. The DRM System Management server gets told which subscriber can see what content and when, via instructions from the Middleware Server; hence, there is an
43、 interface between these two elements in addition to the interface amongst the elements that comprise the Server-Side DRM system. The second function of the DRM Server Management System is to provide security services to the various elements of the Server-Side DRM System and the IPTV Receiving Devic
44、e DRM Component, such as authentication. COD Server: The purpose of this element is to store encrypted content and to play out the requested encrypted content when the Server Middleware instructs the COD server, hence there is: 1. An interface to the Server Middleware; 2. A stream from the COD Serve
45、r to the IPTV Receiving Device when the subscriber requests and is granted access to the stored content; and 3. An interface from the COD Server to the DRM System Offline Encryption element. IPTV Distribution Network: The purpose of this element is to route the various packet streams properly accord
46、ing to their IP addresses. Typically, this IPTV Distribution Network will have multicast streaming capabilities. Security precautions may also require that this IPTV Distribution Network protects some of the ports of the Server-Side DRM System from various threats. IPTV Receiving Device: This is the
47、 element the subscriber has that enables the subscriber to see the content he has paid for and/or is entitled to on his Viewing Device. The IPTV Receiving Device has several sub-elements. There is a port to the IP network, a port to connect the subscribers Viewing Device, and several other interface
48、s internal to the receiving port that the subscriber does not have access to. The IPTV Receiving Device is often thought of as implemented in what is called a set-top box (STB), but it is not restricted to just STB physical implementation. Viewing Device: This is the element subscribers use to see t
49、he content they have paid for and/or are entitled to watch. A TV is an example of a viewing device. ATIS-0800001.v003 9 Based on Figure 2, the following interfaces are now identified: Interface 1a: Comprised of a connection from the Broadcast Content Server element to the DRM Server elements Real-Time Encryption input port. Interface 1b: Comprised of a connection from the Broadcast Content Server element to the DRM Server elements Offline Encryption input port. Interface 2a: Comprised of a connection from the COD Content element to the DRM Serve
