1、 ETSI TS 102 474 V1.2.1 (2009-11)Technical Specification Digital Video Broadcasting (DVB);IP Datacast over DVB-H: Service Purchase and ProtectionETSI ETSI TS 102 474 V1.2.1 (2009-11)2Reference RTS/JTC-DVB-259 Keywords broadcasting, data, digital, DVB, DVB-H, IP, video ETSI 650 Route des Lucioles F-0
2、6921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice Individual copies of the present document can be downloaded from: http:/www.et
3、si.org The present document may be made available in more than one electronic version or in print. In any case of existing or perceived difference in contents between such versions, the reference version is the Portable Document Format (PDF). In case of dispute, the reference shall be the printing o
4、n ETSI printers of the PDF version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at http:/portal
5、.etsi.org/tb/status/status.asp If you find errors in the present document, please send your comment to one of the following services: http:/portal.etsi.org/chaircor/ETSI_support.asp Copyright Notification No part may be reproduced except as authorized by written permission. The copyright and the for
6、egoing restriction extend to reproduction in all media. European Telecommunications Standards Institute 2009. European Broadcasting Union 2009. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTM, TIPHONTM, the TIPHON logo and the ETSI logo are Trade Marks of ETSI registered for the benefit of its Memb
7、ers. 3GPPTM is a Trade Mark of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. LTE is a Trade Mark of ETSI currently being registered for the benefit of its Members and of the 3GPP Organizational Partners. GSM and the GSM logo are Trade Marks registered and ow
8、ned by the GSM Association. ETSI ETSI TS 102 474 V1.2.1 (2009-11)3Contents Intellectual Property Rights 12g3Foreword . 12g3Introduction 12g31 Scope 13g32 References 13g32.1 Normative references . 13g32.2 Informative references 15g33 Definitions, symbols and abbreviations . 16g33.1 Definitions 16g33.
9、2 Symbols 19g33.3 Abbreviations . 19g34 System overview 22g34.1 Hierarchical Model for Content/Service Protection (informative) . 22g34.2 The three approaches (informative) 24g34.3 Use of the IP Datacast Specification for Service Purchase and Protection (normative) . 24g35 Signalling of Service Purc
10、hase and Protection System 25g35.1 ESG signalling 25g35.2 SDP signalling 25g36 Protection of content and media streams 26g36.1 IPsec . 26g36.1.1 Selectors 26g36.1.2 Encapsulation protocol and mode . 26g36.1.3 Encryption algorithm 26g36.1.4 Authentication algorithm 27g36.1.5 Security Association Mana
11、gement . 27g36.2 ISMA Encryption and authentication (ISMACryp) . 28g36.2.1 Streamed Content 28g36.2.2 Downloadable Audio/Visual content (stored in MP4 files) 28g36.3 SRTP 28g36.3.1 Key management 29g36.3.2 Encryption algorithm 29g36.3.3 Authentication algorithm 29g3Annex A (normative): IPDC SPP Open
12、 Security Framework . 30g3A.1 Introduction 30g3A.2 DVB IPDC over DVB-H System Architecture 33g3A.2.1 Overview 33g3A.2.2 Content and Service Protection Architecture . 34g3A.2.2.1 Key Management System (KMS) . 34g3A.2.2.1.1 Registration . 34g3A.2.2.1.2 Authorization and Rights Issuing 34g3A.2.2.1.3 Co
13、ntent/Service Protection 34g3A.2.2.1.4 Copy Protection . 35g3A.2.2.2 Scrambler 35g3A.2.2.3 Key Management System Device Agent (KDA) 35g3A.2.2.4 Descrambler 35g3A.2.2.5 UICC . 35g3A.2.2.6 Session Setup 36g3A.3 IPDC security mechanisms 36g3A.3.1 Entitlement Management Message (EMM) stream 36g3ETSI ETS
14、I TS 102 474 V1.2.1 (2009-11)4A.3.1.1 EMM stream transport and signalling . 36g3A.3.1.1.1 KMSType Syntax 37g3A.3.1.1.2 KMSType Semantics 37g3A.3.2 Entitlement Control Message (ECM) stream . 37g3A.3.2.1 ECM Stream transport and signalling . 38g3A.3.2.2 ECM stream binding . 38g3A.3.3 Key Management an
15、d IPsec . 38g3A.3.4 Key management and ISMACryp 39g3A.3.5 Key Management and SRTP 39g3A.4 SimulCrypt signalling for OMA-DCF files 40g3A.4.1 Overview 40g3A.4.2 Encryption and signalling . 40g3A.4.2.1 OMA DCF adaptation . 41g3A.5 Roaming . 42g3A.5.1 Roaming Overview. 42g3A.5.2 Security Architecture 43
16、g3A.5.2.1 Registration . 43g3A.5.2.2 Authorization 44g3A.5.2.3 Rights Management 44g3A.5.2.4 Key Stream . 44g3A.5.2.5 Content protection 44g3A.5.3 Key management and distribution 44g3A.5.3.1 Roaming PKI infrastructure 44g3A.5.3.2 Daily encryption keys . 45g3A.5.3.3 Service Encryption Keys 45g3A.5.3.
17、4 Traffic Encryption Keys . 45g3A.5.4 Key Generation and Validation at the Device 45g3A.5.5 Roaming messages . 46g3A.5.5.1 Device Roaming Request 46g3A.5.5.2 Roaming request . 47g3A.5.5.3 Roaming Request Response 48g3A.5.5.4 Roaming initial EMM . 49g3A.5.5.5 Roaming service EMM . 49g3A.5.5.6 Roaming
18、 Service ECM . 50g3A.6 UICC 52g3A.6.1 Application IDentifier (AID) 52g3A.6.2 KMS Application Selection 52g3A.7 Secure Authenticated Channel Protocol . 52g3A.7.1 High level description of the SAC 52g3A.7.2 The cryptographic keys and parameters . 53g3A.7.2.1 The Descramblers keys 53g3A.7.3 The SAC pro
19、tocol . 53g3A.7.3.1 Session key establishment 53g3A.7.3.2 Secure key exchange . 53g3A.8 Adaptation of DVB Simulcrypt interfaces to the DVB-H Environment 54g3A.8.1 Reference DVB-Headend Architecture 54g3A.8.2 DVB-H Headend Architecture and Interfaces 55g3A.8.3 DVB-H Headend Architecture for Roaming S
20、upport. 56g3A.8.3.1 Roaming ECMs 56g3A.8.3.2 Roaming EMMs 56g3A.9 Mobile Device Security Framework 57g3A.9.1 Key Management System Device Agent 57g3A.9.1.1 Overview 57g3A.9.1.2 J2ME Mobile Information Device Profile (MIDP) . 58g3A.9.2 KDA Platform 58g3A.9.2.1 Interactivity Channel. 59g3A.9.3 Securit
21、y Background 59g3A.9.4 KDA APIs 60g3ETSI ETSI TS 102 474 V1.2.1 (2009-11)5A.9.4.1 UICC . 60g3A.9.4.2 Generic Connection Framework . 60g3A.9.4.3 Descrambler 60g3A.9.4.3.1 Descrambler interface . 61g3A.9.4.3.2 DescramblerContext interface . 61g3A.9.5 The KDA Life Cycle 62g3A.9.5.1 Loading a new KDA .
22、62g3A.9.6 UICC - KMS Application Selection . 63g3Annex B (normative): 18Crypt . 64g3B.1 System Overview . 64g3B.1.1 General description of the system and elements . 64g3B.1.1.1 Selected technologies 64g3B.1.1.2 Overview of Operation . 66g3B.1.2 The End-to-End System . 68g3B.1.3 Modes of Operation an
23、d Types of Device 68g3B.1.3.1 Unconnected Devices . 69g3B.1.3.2 Scalability Considerations 70g3B.1.4 Purchase steps 71g3B.1.5 Consumption Steps . 74g3B.1.6 Service Protection vs. Content Protection 76g3B.2 Theory of operation 77g3B.2.1 End-to-end architecture 77g3B.2.1.1 Void 78g3B.2.1.2 Special cas
24、es . 78g3B.2.1.2.1 Free-To-Air Services . 78g3B.2.1.2.2 Free-To-View Services . 79g3B.2.2 Electronic Service Guide and Purchase 79g3B.2.3 Registration 80g3B.2.3.1 Concept of the RI context . 80g3B.2.3.2 Registration for interactive mode of operation . 80g3B.2.3.3 Registration for broadcast (only) mo
25、de of operation 80g3B.2.3.4 Mixed-mode registration for interactive and broadcast modes of operation . 82g3B.2.4 The Four Layer Model . 83g3B.2.4.1 Key Hierarchy . 83g3B.2.4.1.1 Keys on the Traffic Layer . 83g3B.2.4.1.2 Keys on the Key Stream Layer . 83g3B.2.4.1.2.1 Service based subscription. 83g3B
26、.2.4.1.2.2 Pay-per view based and service based subscription 84g3B.2.4.1.2.3 Pay-per view based consumption 85g3B.2.4.1.3 Keys on the Rights Management Layer (Broadcast mode) . 85g3B.2.4.1.4 Keys on the Rights Management Layer (Interactive mode) 86g3B.2.4.1.5 Keys on the Registration Layer (Broadcas
27、t mode) 86g3B.2.4.1.6 Authentication overview . 88g3B.2.4.1.6.1 Authentication keys on traffic layer 88g3B.2.4.1.6.2 Authentication keys on key stream layer . 89g3B.2.4.1.6.3 Authentication keys on rights management layer (broadcast mode) . 89g3B.2.4.1.6.4 Authentication keys on registration layer (
28、broadcast mode) . 89g3B.2.5 Deployment for interactive mode of operation . 89g3B.2.5.1 Concept of Domains - OMA DRM 2.0 Domains . 89g3B.2.6 Deployment for broadcast mode of operation 89g3B.2.6.1 Concept of Domains - broadcast domains 89g3B.2.6.2 Addressing (group / subset / device / domain) 90g3B.2.
29、6.2.1 Addressing the unique group. 91g3B.2.6.2.2 Addressing a subscriber group 91g3B.2.6.2.3 Addressing a unique device. 92g3B.2.6.2.4 Addressing a broadcast domain. 92g3B.2.6.3 Zero Message Broadcast Encryption scheme . 93g3B.2.7 Interoperability with Alternative Implementations of the Functionalit
30、y of Rights Management Layer and Registration Layer 94g3ETSI ETSI TS 102 474 V1.2.1 (2009-11)6B.3 The Four-Layer Model for Service and Content Protection . 95g3B.3.1 Traffic Layer 95g3B.3.1.1 IPsec 96g3B.3.1.2 ISMACryp 97g3B.3.1.3 SRTP . 98g3B.3.2 Key Stream Layer . 99g3B.3.2.1 Key Stream Message (K
31、SM) 99g3B.3.2.1.1 Descriptors for access_criteria_descriptor_loop . 100g3B.3.2.1.2 Constants . 102g3B.3.2.1.3 Coding and Semantics of Attributes 102g3B.3.2.2 Key Stream Discovery 107g3B.3.2.3 Multiple Key Streams . 108g3B.3.3 Rights Management Layer . 108g3B.3.3.1 Requirements for Service ROs 109g3B
32、.3.3.2 Requirements for Programme ROs . 109g3B.3.3.3 Delivery of ICROs over Interactivity Channel . 110g3B.3.3.4 Delivery of BCROs over Broadcast Channel . 110g3B.3.3.4.1 Broadcast of BCRO Objects . 110g3B.3.3.4.2 Format of a Broadcast Rights Object (BCRO) 110g3B.3.3.4.2.1 Format of the asset object
33、 113g3B.3.3.4.2.2 Format of the permission object 115g3B.3.3.4.2.3 Format of the action object 115g3B.3.3.4.2.4 Format of the constraint object 116g3B.3.4 Registration Layer 121g3B.3.4.1 RI Context . 121g3B.3.4.2 Interactive mode of operation . 121g3B.3.4.3 Broadcast mode of operation 121g3B.3.4.3.1
34、 Protocol overview . 121g3B.3.4.3.2 Offline Notification of Detailed Devicedata protocol . 122g3B.3.4.3.3 offline Notification of Short Devicedata protocol . 123g3B.3.4.3.3.1 Request re-registration (only at same RI) 124g3B.3.4.3.3.2 Request join domain 125g3B.3.4.3.3.3 Request leave domain 125g3B.3
35、.4.3.3.4 Token consumption report . 125g3B.3.4.3.3.5 Notify DRM time drift . 126g3B.3.4.3.3.6 Token request 126g3B.3.4.3.4 1-pass binary Push Device Registration Protocol . 126g3B.3.4.3.5 1-pass binary Inform Registered Device Protocol. 127g3B.3.4.3.5.1 Force re-registration 127g3B.3.4.3.5.2 Update
36、RI certificate 128g3B.3.4.3.5.3 Update DRM_Time . 128g3B.3.4.3.5.4 Update contact number 128g3B.3.4.3.5.5 Force to join a domain . 129g3B.3.4.3.5.6 Force to leave a domain . 129g3B.3.4.3.5.7 update a domain . 129g3B.3.4.3.6 Unique Device Number (UDN) protocol 129g3B.3.4.3.6.1 Message syntax 130g3B.3
37、.4.3.7 Binary messages 131g3B.3.4.3.7.1 Device data - device_data_inform() message 131g3B.3.4.3.7.2 Registration data - device_registration_response() message . 131g3B.3.4.3.7.3 (Force to) Re-register - re_register_msg() message. 141g3B.3.4.3.7.4 Update RI certificate - update_ri_certificate_msg() m
38、essage 144g3B.3.4.3.7.5 Updating the DRM time - update_drmtime_msg() message . 145g3B.3.4.3.7.6 Update the contact number - update_contact_number_msg() message . 147g3B.3.4.4 Domain joining and leaving 151g3B.3.4.4.1 Protocol overview . 151g3B.3.4.4.2 offline Domain Join Request . 152g3B.3.4.4.3 off
39、line Domain Leave Request 152g3B.3.4.4.4 Binary messages 152g3B.3.4.4.4.1 Domain data - domain_registration_response() message 152g3B.3.4.4.4.2 Updating a domain - domain_update_response() message 159g3B.3.4.4.4.3 (Force to) Join a domain - join_domain_msg() message . 162g3ETSI ETSI TS 102 474 V1.2.
40、1 (2009-11)7B.3.4.4.4.4 (Force to) Leave a domain - leave_domain_msg() message . 162g3B.3.4.5 Token handling . 163g3B.3.4.5.1 Protocol overview . 163g3B.3.4.5.2 token request protocol . 164g3B.3.4.5.3 token reporting protocol 164g3B.3.4.5.4 Binary messages 164g3B.3.4.5.4.1 delivering tokens - token_
41、delivery_response() message . 164g3B.4 Rights Issuer Services 170g3B.4.1 Expected Mode of Operation 171g3B.4.2 Scheduled RI Stream 172g3B.4.3 Ad-hoc RI Stream . 172g3B.4.4 In-Band RI Streams within a Media Service 172g3B.4.5 Broadcast Format of RI Streams 172g3B.4.5.1 IP Characteristics 173g3B.4.5.2
42、 RI Stream Packet Format 173g3B.4.5.3 Implementation notes 174g3B.4.5.3.1 Unreliable delivery 174g3B.4.5.3.2 Changes in packet order 175g3B.4.5.3.3 Addressing of objects 175g3B.4.6 Mapping of messages to RI services and streams 175g3B.4.6.1 Rights issuer services with complete schedule information 1
43、75g3B.4.6.2 Rights issuer services without complete schedule information 176g3B.4.7 Discovery of RI services, streams and schedule information . 176g3B.4.8 Certificate Chain Updates 176g3B.4.9 Resending of BCROs . 177g3B.4.9.1 Resending of BCROs to interactive devices . 177g3B.4.9.2 Resending of BCR
44、Os to broadcast devices . 177g3B.4.10 Summary of requirements for Rights Issuers . 177g3B.4.11 Summary of Requirements for Devices 178g3B.5 Service Subscription and Purchase . 179g3B.5.1 Purchase over the interactivity channel 181g3B.5.1.1 Typical purchase sequences 181g3B.5.1.1.1 Bulk download of s
45、ervice and program keys 181g3B.5.1.1.2 Bulk download of purchase information . 182g3B.5.1.1.3 Announcement of Purchase Items in Service Guide . 183g3B.5.1.1.4 Pricing inquiry . 184g3B.5.1.1.5 Unsuccessful purchase 185g3B.5.1.1.6 Successful purchase 188g3B.5.1.1.7 Subscription RO Renewal and Asynchro
46、nous Charging . 191g3B.5.1.1.8 Asynchronous Charging and Cancellation of Open-Ended Subscriptions 194g3B.5.1.1.9 Purchase of Tokens for Consumption-based Charging . 194g3B.5.1.2 Protocol . 196g3B.5.1.2.1 HTTP headers . 197g3B.5.1.2.2 Signatures 197g3B.5.1.3 XML Schemas for Request and Response Messa
47、ges . 197g3B.5.1.3.1 Basic Types . 197g3B.5.1.3.1.1 User Data Type 197g3B.5.1.3.1.2 Device Data Type 197g3B.5.1.3.1.3 Domain Type . 198g3B.5.1.3.1.4 ServiceOperatorCentreType 198g3B.5.1.3.1.5 PriceType . 199g3B.5.1.3.1.6 Purchase Item Type . 199g3B.5.1.3.1.7 Request Type . 199g3B.5.1.3.1.8 Response
48、Type 200g3B.5.1.3.2 Error Codes . 200g3B.5.1.3.3 Pricing Request . 202g3B.5.1.3.3.1 XML Schema 202g3B.5.1.3.3.2 Example . 202g3B.5.1.3.4 Pricing Response . 202g3B.5.1.3.4.1 XML Schema 203g3ETSI ETSI TS 102 474 V1.2.1 (2009-11)8B.5.1.3.4.2 Example: Successful Pricing Response . 204g3B.5.1.3.5 Purchas
49、e Request 204g3B.5.1.3.5.1 Schema 204g3B.5.1.3.5.2 Example . 205g3B.5.1.3.6 Purchase Response 205g3B.5.1.3.6.1 XML Schema 205g3B.5.1.3.6.2 Example: Successful Purchase Response with RO Acquisition Trigger . 206g3B.5.1.3.6.3 Example: Unsuccessful Purchase Response with Registration Trigger . 206g3B.5.1.3.6.4 Example: Unsuccessful Purchase Response with Purchase-Item-specific Error . 206g3B.5.1.3.7 Subscription RO Renewal Request . 206g3B.5.1.3.7.1 XML Schema 206g3B.5.1.3.7.2 Example. 207g3B.5.1.3.8 Subscription RO Renewal Response . 207g3B.5.1.3.8.1 Schema 207g3B.5.1.3.8.2 Ex