Content Creation : Cutting Edge Technology

[Pages:60]Session-5

Content Creation : Cutting Edge Technology

Mr. Dhruba Ray Doordarshan, India

Mr. Norman Lievaart, Irdeto, The Neatherlands

Mr. PH. Cheung Sony, Hongkong

Mr. Teo Gim Loo Panasonic, Singapore

Mr. Dhruba Ray Doordarshan, India

Dhruba Ray, Chief Engineer in Doordarshan is a distinguished engineer & familiar figure in the Broadcasting circles in India. After completing his Masters Degree in Electronics and Telecommunication, he joined the Indian Broadcasting Services (IBES) in 1971.

Initial grooming of Mr. Ray in Film & Television Institute Pune has made him not only exceptional in Television technologies but also more passionate towards the aesthetics & quality of TV production.

Mr. Ray has had an illustrious career of more than 3 decades in various fields of Radio & TV broadcasting encompassing, Installation, Operation & management, Planning & design and overall Project Management. He has been associated with the TV coverage of ASIAD-82, NAM and CHOGAM. His long association with Studio Planning & System design in DD headquarter in past decades has offered a focused vision leading present day Doordarshan production technology to a global broadcasting standards. Mr. Ray is also known for his meticulous planning, immaculate implementation and solution oriented approach.

Mr. Ray has been instrumental in conceptualizing & execution of Premier project for establishing the first ever Digital TV production facility in both the houses of the Indian Parliament, which is first of its kind in the country having Unmanned Robotic Camera System. The mega-Studio project Doordarshan Bhawan Phase-II at Delhi with six studios in the complex has also been completed under his valuable directions. As zonal engineering head in East & North East zones, Mr. Ray upheld the agenda of time bound project completion and quality operations.

Mr. Ray has also worked as ITU expert for Nepal TV and as ABU Technical Consultant in Bhutan, North Korea and Mauritius.

Presently as Chief Engineer in Doordarshan Directorate Mr. Ray is entrusted with significant responsibilities of Studio System Planning & design and Operation Maintenance & revenue generating services of Doordarshan Network.

Content protection/quality/assessment in digital era

Mr. Norman Lievaart Irdeto, The Neatherlands

Abstract

Ever-growing numbers of consumers are embracing the personal benefits of the digital media age. Following the mass-adoption of portable digital audio devices, such as the Apple iPod, many people are becoming aware that they can be liberated from the traditional constraints of consuming media content it can now be consumed at any time, any place and on a broad range of personal devices. Mobile phones and their new capabilities are leading this revolution, having evolved into multimedia devices in just a few years. New technologies and standards now permit the efficient delivery of rich multimedia content (from ring tones to live TV) to mobile handsets. The success of a mobile multimedia operation is critically dependant on the Return On Investment (ROI) of the project. Profitable operations can be realised by providing rich content to paying subscribers only. This requirement can be met by deploying a content protection system as part of the overall operation. In addition, content protection is often a contractual requirement from content providers who want to secure revenue streams by preventing theft of their broadcast content. The different business models and the nature of the content to be distributed, will dictate what type of content protection system is to be deployed. This paper outlines the two approaches that are currently available for protecting content in a mobile multimedia environment. It also provides an overview of the content protection issues associated with each variant and makes recommendations for specific deployments.

V-`

Content protection/quality/assessment in digital era

Introduction

With more than 4 billion TV users and more than 2 billion mobile phone users worldwide, the wireless and broadcast industries are seeing the business opportunities for generating new revenue streams by offering a variety of multimedia services to mobile devices.

To secure revenue streams, Service & Content protection solutions are available to mobile multimedia service providers. They fall into two categories:

? Content Protection Digital Rights Management (DRM) techniques are employed to control and protect the use and consumption of content, according to business rules, in the end-user device. Mobile DRM is primarily concerned with protecting digital content, such as ring tones, wallpaper/ screensavers, games, audio and video clips that can be downloaded to portable devices over the mobile network. Note however that DRM techniques are not suitable for protecting higher value content, such as broadcast TV.

? Service Protection Conditional Access (CA) is a technique that is employed to enable the access to broadcasting content for subscribing customers only. It is a good approach for operators who wish to offer high value audio and video services via a variety of business models, on a per-service basis i.e. monthly subscription, Pay Per View (PPV) etc.

Both technologies can be employed together to provide an even greater degree of control over consumed content. These techniques and other related issues are further explored in this paper.

CONTENT PROTECTION FOR MOBILE

Introduction DRM systems have been designed as a means for managing and controlling the consumption of digital files (e.g. games or multimedia content) delivered as a point-to-point service. They are based on enforcing rules of usage in the portable device itself (based on a counter e.g. play 3 times, or timer e.g. play for 5 days).

Several opportunities and business models are available to the operator for defining new ways of selling, distributing and consuming content for mobile end-users.

Standards In addition to proprietary standards (e.g. Apple iTunes, Microsoft DRM, Irdeto KeyDRM), an open standard for mobile applications also exists: the Open Mobile Alliance (OMA). This is an organisation of over 350 companies that has since 2002, defined the OMA Download, OMA DRM and other standards for the mobile device industry.

Standards, such as OMA, are important to mobile operators. They facilitate the availability of multivendor solutions, while promoting compatibility between the systems. Ultimately, it leads to reduced prices for all players in the value chain (manufacturers, network operators and consumers).

OMA DRM is based on a subset of the Open Digital Rights Language (ODRL). ODRL is an Extensible Markup Language (XML) based rights expression language, a mechanism for specifying rights independently of the content type and transport mechanism.

OMA members (mobile operators, handset manufacturers, equipment vendors, system integrators and other companies related to the wireless industry), have undertaken to ensure interoperability across all implementations.

Two versions of OMA DRM have been released to date:

? OMA DRM 1.0 (June 2004)

V-2

This first version provides basic DRM functionalities (forward lock, combined delivery and separate delivery).

? OMA DRM 2.0 (March 2006) The second release provides additional features for a more sophisticated DRM system, enhanced security, as well as distribution and payment business models.

OMA DRM System Overview A conceptual architecture of a Mobile DRM system is shown in the diagram below:

The diagram shows that the DRM agent is integrated into the handset, while at the head-end, one or two entities manage the "trust" within the system.

The trust created by the trust entity is used by the DRM server and the DRM agent to exchange (public/private cryptographic) keys, which are in turn used to implement a secure settlement/transaction of rights. The management of trust thus lies with an independent entity, with the merchants employing this trust in their business propositions to subscribers.

In a point-to-point environment, this DRM content protection approach is secure and works well. It is however cryptographically vulnerable when used in a "one-to-many" broadcasting environment (the "blowback attack"). In a DRM environment, one key common to all users, is used for a given piece of content. If this key is pirated, content is effectively available to all. This has serious implications for a mobile television operation based on DRM content protection.

In a Conditional Access-based broadcasting system on the other hand, unique keys are generated for each subscriber and for each piece of content. These keys also change at different rates, making this approach far more resilient to pirate attacks.

Overview of Irdeto's DRM Solution

Irdeto currently offers OMA DRM 1.0 and 2.0 compliant DRM clients. The Irdeto OMA DRM 1.0 client has been ported to several platforms, including Symbian, Windows Mobile, Linux, and Nucleus. It has also been deployed by some of the leading device manufacturers worldwide.

Architecture Irdeto OMA DRM clients are built on a progressive, cross-platform client architecture. They are designed to meet a range of device requirements, from less robust feature phones to the highest performance smart phones. The tiered architecture separates platform-specific components from platform-neutral components, promoting portability across hardware and software platforms. These DRM clients can be modified in both presentation and core functionality. Client Components A conceptual diagram of the client architecture of Irdeto's OMA 2.0 DRM solution is shown in the diagram below. As can be seen, the client consists of three main sections: ? The DRM Engine

The Engine contains the core DRM logic for managing OMA-protected media content

? The SPI Layer This layer abstracts platform-specific components that are used by the DRM Engine.

? The Application Interface The OMA DRM 2.0 Client solution provides a robust API that enables device applications to access DRM engine functionality.

V-3

SERVICE & CONTENT PROTECTION FOR MOBILE TELEVISION

Introduction In general, mobile media networks need to provide sufficient capacity for live audio and video streams, at a quality suitable for Personal Digital Assistant (PDA) type devices. Users expect a downstream data rate of approximately 200 400 kb/s, rather than the 64 kb/s that mobile phones currently provide.

Television-style (non-broadcast) content has been available to mobile phone users since early-2005 via 2.5G and 3G networks. Although these mobile networks are optimised for the point-to-point delivery of content, they are not suitable for the mass distribution of the same content, because each mobile receiver must be provided with its own receive bandwidth. In a situation where many users try to simultaneously consume the same data at the same location, a provider could run out of bandwidth. In a Universal Mobile Telecommunications System (UMTS) cell for example, the maximum data rate for all users combined is approximately 2 Mb/s. This means that a cell's serving capacity is exhausted when more than 31 services at 64 kb/s, or 15 services at 128 kb/s, or 7 services at 256 kb/s are simultaneously demanded.

New mobile broadcasting technologies, on the other hand, provide solutions to alleviate these bandwidth restrictions on content delivery. It is now possible to broadcast real-time TV content to mobile devices through a separate and dedicated network. Transmission technologies have been specifically designed to ensure quality and reliability, while addressing issues such as mobility and the limited battery life of mobile devices. Among these new mobile broadcasting technologies currently available, DVB-H is forecast to be the dominant one.

Regardless of the network technology employed, Mobile Broadcasting Services or Mobile TV promises new revenue opportunities. These services however, require a more robust and sophisticated content protection system than for DRM because of the "one-to-many" nature of broadcasting.

Conditional Access (CA) technology has been successful at securing the revenue streams of content providers for many years in the traditional Pay-TV industry (terrestrial, cable or satellite). A CA system aims at enabling access to a service for paying viewers only. Content can be purchased in packages, a la carte or on a Pay Per View (PPV) basis.

Standards Broadcasting Technology

The two most popular industry standards in the mobile broadcasting field are:

? Digital Mobile Broadcasting (T-DMB & SDMB)

DMB is a video and audio broadcasting technology that provides broadcasting services to portable devices and mobile phones via terrestrial transmitters (T-DMB). It is based on the Eureka 147 Digital Audio Broadcasting (DAB) standard (also known as ITU-R Digital System A). T-DMB adds video support and text broadcasting to the DAB standard.

Satellite DMB (S-DMB) is based on the ITU-R Digital System E technical specification. It uses a satellite, together with terrestrial repeaters, to achieve wide-area coverage for mobile TV.

? Digital Video Broadcasting Handhelds (DVB-H)

DVB-H is a global standard based on the DVBT (Terrestrial) broadcasting standard, with an extension to provide support for mobile devices. It delivers content in broadcast mode using IP Datacasting (IPDC). DVB-T frequencies (VHF and UHF TV) are used for this service.

A major challenge today is the availability of spectrum. T-DMB networks can be deployed on frequencies reserved for Digital Audio Broadcasting (DAB) services. For DVB-H networks, there is a very complex situation where, in many countries, spectrum earmarked for DVB-H services has to first be cleared of existing services e.g. analogue TV, before DVB-H services can be launched. This may delay the "roll-out" of DVB-H and give T-DMB networks an advantage.

Service & Content Protection for DVB-H

V-4

The DVB ad hoc group Convergence of Broadcast and Mobile Services (CBMS), defines the specifications for the delivery of IP-based services over DVB-H networks. It specifies coding formats, Electronic Service Guide (ESG) creation, multicast file delivery and service purchase & protection.

? OSF provides the ability to replace the secure components of the device if the system is successfully attacked (in the form of either a downloadable replacement applet, or a replacement SIM card). This is less expensive than replacing the whole handset (for 18Crypt).

There are currently two approaches to securing DVB mobile broadcasting services. Both are part of the ETSI TS 102 474 v1.1.1 specification (also referred as the DVB Bluebook A100, Dec. 2005).

? OSF offers flexibility and differentiation. The OSF model allows regionalisation of Key Management System (KMS) implementations and it supports customisable business models.

? Open Security Framework (OSF)

? It is more widely supported by operators,

This standard is based on Conditional Access

broadcasters and the device manufacturers.

technology and is tailored for mobile

Content providers are familiar and comfortable

environments. It uses a secure hardware client

with CA technology. Obtaining premium

component, which can be the mobile operator's

content is easier for CA-based operators,

(U)SIM card.

compared to DRM-based broadcasting

? 18Crypt

deployments.

This standard is based on OMA DRM 2.0 with ? OSF offers the possibility to SimulCrypt. This

extensions to support broadcasting. It is purely

technique allows different operators the

a device software based solution.

freedom to select different CA systems for a

Irdeto believes that the OSF approach is superior for the following reasons:

? It provides robust security as a result of the features built into its Java SIM platforms. It is a proven approach and implements the security

common broadcasting platform. SimulCrypt allows Mobile Network Operators (MNOs) in this situation to deploy their own CA system, without having to share this core component with their competitors.

techniques developed in

combating piracy in PayTV applications. The OSF

SCRAM BLER

MU LTIPLEXER

DE-M ULTIPLEXER

DE-SCRAM BLER

solution is ported onto a (U)SIM to carry the security applet. The

EN CRY P TION SYSTEM

ECM S EM M S

ECM S EM M S

CW RECOVERY SYSTEM

(U)SIM is owned and controlled by the mobile

CALL CEN TRE AGEN T

SU B S CRIB ER A U TH ORIS ATION SYSTEM ( SA S)

M OBILE DEVICE

SIM / SM D

operator, ensuring that his

revenue stream is protected.

PERSON ALIZ ATION SYSTEM

SM A RT CA RD S IM SM D

? It provides a single entity that is responsible for system security. This entity will investigate piracy attacks and restore system security in the event that a breach occurs. In 18Crypt (and in OMA DRM in general), the response to a security breach is to revoke the entire population of devices in which a security breach occurs; this is commercially infeasible once a large number of devices has been deployed.

Conditional Access Technology for Mobile

The basis of a CA system relies on the digital television stream being scrambled with a secret key. The secret key is then protected and transmitted along with the scrambled signal. In the receiver, the secret key is retrieved only if the user's accessgranting criteria are met. This method is a secure and proven technology, as it has been deployed and

V-5

refined in Pay-TV CA systems for many years. The CA system offers a broad range of subscription models to meet operators' requirements and business models.

The diagram below shows how the CA system elements are integrated into a typical mobile broadcasting chain:

The CA system provides control of access to the mobile broadcasting service. It interfaces with subscriber management and service management systems. It also provides encryption keys to the scramblers, enabling the scrambling of content prior to its play-out as a broadcast stream. Irdeto has developed and patented CA system techniques that not only reduce bandwidth consumption but also improve security integrity, while managing several million mobile subscribers.

The following diagram provides a conceptual overview of the scrambling and descrambling process:

(U)SIM can be used (as an alternative to a separate SMD).

The (U)SIM is a tamper-resistant device that provides all security related processing. It offers the following benefits to operators:

? A high degree of control over access to the mobile broadcast services. The mobile operator retains full ownership of his subscriber base.

? An easy-to-manage customer relationship. Customer management and service provisioning can be provided by the Over The Air (OTA) server. In addition, security upgrades can be managed without swapping terminals or causing customer inconvenience.

? Shorter handset integration times.

Typical Head-end Architectures

DVB-H

Content is conveyed to the end-user via the network, after scrambling at the head-end. The keys used to scramble the content (Control Words) are encrypted and embedded within the transmitted stream in the form of Entitlement Control Messages (ECMs). Encrypted end-user authorisations (entitlements) are conveyed to the device in the form of Entitlement Management Messages (EMMs). These EMMs can be conveyed to the end-user either in-band (IB) in the DVB-H signal, or out-of-band (OOB) SMSs (Short Message Services) via the 3G/GSM network.

The use of a secure hardware client component is critical to achieve a high level of security in the client. In a typical situation, the mobile operator's

The live TV content is first encoded in H.264/AAC format. It is then scrambled by using the ISMACryp scrambling algorithm. The scrambled content and the encrypted messages (ECMs and EMMs) are encapsulated into MPEG-2 transport packets by the IP Encapsulator before transmission over the DVB-H network.

In the receiver, all security-related computations are performed by the Irdeto applet running in the multi-application Java (U)SIM card. For devices that do not support a (U)SIM (e.g. CDMA phones, PDAs or Portable Multimedia Players), Irdeto can supply a dedicated Surface Mount Device (SMD) to phone manufacturers. Irdeto's solution does not require return path support in the device.

V-6

 ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download