1、 ETSI GR ECI 004 V1.1.1 (2018-03) Embedded Common Interface (ECI) for exchangeable CA/DRM solutions; Guidelines for the implementation of ECI Disclaimer The present document has been produced and approved by the Embedded Common Interface (ECI) for exchangeable CA/DRM solutions ETSI Industry Specific
2、ation Group (ISG) and represents the views of those members who participated in this ISG. It does not necessarily represent the views of the entire ETSI membership. GROUP REPORT ETSI ETSI GR ECI 004 V1.1.1 (2018-03)2Reference DGR/ECI-004 Keywords CA, DRM, security ETSI 650 Route des Lucioles F-06921
3、 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice The present document can be downloaded from: http:/www.etsi.org/standards-search T
4、he present document may be made available in electronic versions and/or in print. The content of any electronic and/or print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any existing or perceived difference in contents between suc
5、h versions and/or in print, the only prevailing document is the print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on
6、 the current status of this and other ETSI documents is available at https:/portal.etsi.org/TB/ETSIDeliverableStatus.aspx If you find errors in the present document, please send your comment to one of the following services: https:/portal.etsi.org/People/CommiteeSupportStaff.aspx Copyright Notificat
7、ion No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm except as authorized by written permission of ETSI. The content of the PDF version shall not be modified without the written authorization of ETSI. The copyright and
8、the foregoing restriction extend to reproduction in all media. ETSI 2018. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTMand the ETSI logo are trademarks of ETSI registered for the benefit of its Members. 3GPPTM and LTETMare trademarks of ETSI registered for the benefit of its Members and of the 3G
9、PP Organizational Partners. oneM2M logo is protected for the benefit of its Members. GSMand the GSM logo are trademarks registered and owned by the GSM Association. ETSI ETSI GR ECI 004 V1.1.1 (2018-03)3Contents Intellectual Property Rights 5g3Foreword . 5g3Modal verbs terminology 5g3Introduction 5g
10、31 Scope 7g32 References 7g32.1 Normative references . 7g32.2 Informative references 7g33 Definitions and abbreviations . 8g33.1 Definitions 8g33.2 Abbreviations . 9g34 Guidelines for the implementation of an ECI compliant CPE . 10g34.1 Introduction 10g34.2 The relevance of the ECI Implementation Gu
11、idelines for ECI Eco-Systems . 11g34.3 Performance requirements for ECI Clients and ECI Hosts 11g34.3.1 Introduction. 11g34.3.2 Execution time 11g34.3.3 NV file storage 11g34.3.4 Minimum storage resources provided by the ECI Host for storage of an ECI Client . 11g34.3.5 Minimum storage resources pro
12、vided by the ECI Host to an ECI Client for data storage . 11g34.3.6 Resources for storage of Root Certificate . 11g34.3.7 Minimum repetition rate for acquisition of different DVB SI tables 11g34.3.8 Performance requirements for Responsiveness Monitoring . 12g34.3.9 Performance requirements for the E
13、CI system software update policies 12g34.3.10 Performance requirements for the TCP server 12g34.3.11 Performance requirements for the HTTP(S) server 12g34.3.12 Performance requirements for timers 12g34.3.13 Performance requirements for power management 12g34.3.14 Buffering requirements for the reqEn
14、crTsData Message 12g34.3.15 Timing requirements for the reqEncrTsEcm Message 13g34.3.16 Timing requirements for the reqEncrMsgRecv Message 13g34.3.17 Buffering requirements for the reqParAuthCid Message 13g34.3.18 Timing requirements for the reqParAuthChk and the reqParAuthDel Message . 13g34.3.19 C
15、onstraints for the ECI Application container directory structure and files . 13g34.3.20 Constraints for the ECI Application container size . 13g34.3.21 Maximum time to cancel a Media Handle Session . 13g34.4 Performance requirements for the ECI Virtual Machine 13g34.4.1 Introduction. 13g34.4.2 Isola
16、tion of individual ECI Clients . 13g34.4.3 VM System Resources 14g34.5 Performance requirements for the Advanced Security System 14g34.5.1 Introduction. 14g34.5.2 Discrepancy between encryption parameters and imported Content Properties . 14g34.5.3 Time constraints for the performance of symmetrical
17、 cryptography functions 14g34.5.4 Time constraints for the performance of asymmetrical cryptography functions. 14g34.5.5 Content property change timing interface convention 15g35 Use cases and scenarios associated with an ECI Ecosystem 15g35.1 Introduction 15g35.2 Management of protected content 15g
18、35.2.1 Introduction. 15g35.2.2 Local storage of content within a CPE (PVR) 15g35.2.3 Replacement of a CPE by a new CPE. 15g35.2.4 Export from primary CPE to secondary ECI compliant CPE . 15g3ETSI ETSI GR ECI 004 V1.1.1 (2018-03)45.2.5 Export from primary CPE to secondary non-ECI compliant CPE 16g35.
19、3 Implementation of a Secure Authenticated Channel (SAC) between two ECI Clients 16g35.4 Mechanism for future update or extension of API messages . 16g35.5 Mechanism for future extension of content properties . 17g35.6 Watermarking . 17g35.7 Update mechanism for RL 17g35.8 Uninstallation of an ECI C
20、lient 17g3Annex A: General VM computing performance . 19g3Annex B: Authors Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (https:/ipr.etsi.org/). Pursuant to t
21、he ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the present document. Tr
22、ademarks The present document may include trademarks and/or tradenames which are asserted and/or registered by their owners. ETSI claims no ownership of these except for any which are indicated as being the property of ETSI, and conveys no right to use or reproduce any trademark and/or tradename. Me
23、ntion of those trademarks in the present document does not constitute an endorsement by ETSI of products, services or organizations associated with those trademarks. Foreword This Group Report (GR) has been produced by ETSI Industry Specification Group (ISG) Embedded Common Interface (ECI) for excha
24、ngeable CA/DRM solutions. The present document on Guidelines for the implementation of ECI complements ETSI GS ECI 001 (all parts), i.1 to i.7 for the Embedded Common Interface for exchangeable CA/DRM solutions Group Specification (GS). NOTE: The use of terms in bold and starting with capital charac
25、ters in the present document shows that those terms are defined with an ECI specific meaning, which may deviate from the common use of those terms. Modal verbs terminology In the present document “should“, “should not“, “may“, “need not“, “will“, “will not“, “can“ and “cannot“ are to be interpreted
26、as described in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of provisions). “must“ and “must not“ are NOT allowed in ETSI deliverables except when used in direct citation. Introduction Service and content protection realized by Conditional Access (CA) and Digital Rights Ma
27、nagement (DRM) are essential in the rapidly developing area of digital Broadcast and Broadband services. This includes the distribution of HD and UHD content to various types of customer premises equipment (CPE) in order to protect business models of content owners and Service providers, including B
28、roadcasters and PayTV operators. Existing CA/DRM technologies limit the freedom of many players in digital multimedia content markets. Due to technological progress, innovative, software-based CA/DRM solutions become feasible. Maximizing interoperability while maintaining a high level of security, t
29、hese solutions promise to meet upcoming demands in the market, allow for new businesses, and broaden consumer choice with respect to content consumption via broadcast and broadband connections. ETSI ETSI GR ECI 004 V1.1.1 (2018-03)6An ECI Ecosystem, compliant with ETSI GS ECI 001 (all parts) i.1 to
30、i.7, addresses important attributes, such as enabling a high level of system security, flexibility and scalability due to software-based implementation, as well as exchangeability fostering a future-proof solution and enabling innovation. Further aspects are applicability to content distributed via
31、different types of networks, including classical digital broadcasting, IPTV and OTT Services. The ECI system specification of an open eco-system, fostering market development, provides the basis for exchangeability of CA and DRM systems in CPEs, at lowest possible costs for the consumers and with mi
32、nimal restrictions for CA or DRM vendors to develop their target products for the PayTV market. Complementing ETSI GS ECI 001 (all parts) i.1 to i.7, the present document gives further guidance and addresses beside necessary performance requirements a number of use cases and scenarios, which on one
33、side make use of the ECI Ecosystem and on the other extend its possibilities. ETSI ETSI GR ECI 004 V1.1.1 (2018-03)71 Scope The present document serves as a guidance document for the ECI Ecosystem as specified in ETSI GS ECI 001 (all parts) i.1 to i.7, including specification of the architecture of
34、the ECI system as defined in ETSI GS ECI 001-1 i.1 and specification of the requirements as defined in ECI Group Specification ETSI GS ECI 001-2 i.2. A major advantage and innovation of the ECI Ecosystem, compared with currently deployed systems, is a fully software-based client container architectu
35、re, backed by a standardized advanced security hardware and secure software functionality for the loading and exchanging of CA/DRM client systems in CPEs. ECI compliant solutions do not require any detachable hardware modules in CPEs. Software containers provide a secure (“Sandbox“) environment for
36、either CA or DRM kernels, hereafter named as ECI Clients, together with their individual Virtual Machine Instances. The download process is embedded in a secure and trusted environment, providing a trust hierarchy for installation and exchange of ECI Host and ECI Clients and thus enabling an efficie
37、nt protection against integrity- and substitution attacks. For this reason, the ECI Ecosystem integrates an advanced security mechanism. The present document covers implementation guidance details in the following clauses: Clause 4 contains performance requirements and parameters for the ECI Host, t
38、he ECI Client, the Virtual Machine and for the Advanced Security System. Clause 5 deals with use cases and applications based on the ECI Ecosystem, which either complement the ECI multi-part Group Specification or address given scenarios in more detail. The present document has the objective to make
39、 available to ECI implementers as much as possible of the common understanding captured during the work of the ISG ECI developing the ECI specification series i.1 to i.8. The present document was prepared with the intention to provide know-how complementary to the content of the ECI specifications i
40、.1 to i.8 itself and about the environment in which an ECI Ecosystem will be operated. It is planned to extend this guideline by further guidance and background information gained during the implementation and operation of ECI compliant ecosystems. 2 References 2.1 Normative references Normative ref
41、erences are not applicable in the present document. 2.2 Informative references References are either specific (identified by date of publication and/or edition number or version number) or non-specific. For specific references, only the cited version applies. For non-specific references, the latest
42、version of the referenced document (including any amendments) applies. NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee their long term validity. The following referenced documents are not necessary for the application of the present doc
43、ument but they assist the user with regard to a particular subject area. i.1 ETSI GS ECI 001-1 (V1.2.1): “Embedded Common Interface (ECI) for exchangeable CA/DRM solutions; Part 1: Architecture, Definitions and Overview“. i.2 ETSI GS ECI 001-2 (V1.2.1): “Embedded Common Interface (ECI) for exchangea
44、ble CA/DRM solutions; Part 2: Use cases and requirements“. i.3 ETSI GS ECI 001-3: “Embedded Common Interface (ECI) for exchangeable CA/DRM solutions; Part 3: CA/DRM Container, Loader, Interfaces, Revocation“. i.4 ETSI GS ECI 001-4: “Embedded Common Interface (ECI) for exchangeable CA/DRM solutions;
45、Part 4: The Virtual Machine“. ETSI ETSI GR ECI 004 V1.1.1 (2018-03)8i.5 ETSI GS ECI 001-5-1: “Embedded Common Interface (ECI) for exchangeable CA/DRM solutions; Part 5: The Advanced Security System; Sub-part 1: ECI specific functionalities“. i.6 ETSI GS ECI 001-5-2: “Embedded Common Interface (ECI)
46、for exchangeable CA/DRM solutions; Part 5: The Advanced Security System; Sub-part 2: Key Ladder Block“. i.7 ETSI GS ECI 001-6: “Embedded Common Interface (ECI) for exchangeable CA/DRM solutions; Part 6: Trust Environment“. i.8 ETSI GS ECI 002: “Embedded Common Interface (ECI) for exchangeable CA/DRM
47、 solutions; System Validation“. i.9 ISO/IEC 23001-12:2015: “Information technology - MPEG systems technologies - Part 12: Sample Variants in the ISO base media file format“. 3 Definitions and abbreviations 3.1 Definitions For the purposes of the present document, the following terms and definitions
48、apply: Advanced Security System (AS System): function of an ECI compliant CPE, which provides enhanced security functions (hardware and software) for an ECI Client NOTE: The details are specified in i.5 and i.6. AS slot: resources of the Advanced Security block provided exclusively to an ECI Client
49、by the ECI Host AS slot session: resources and computing in an AS slot related to the de-cryption or re-encryption of a content element Certificate: data structure as defined in clause 5 of i.3 with a complementary secure digital signature that identifies an Entity NOTE: The holder of the secret key of the signature attests to the correctness of the data - authenticates it - by signing it with its secret key. Its public key can be used to verify the data. CPE: ECI compliant customer premises equipment NOTE: A CPE can be