Download presentation
Presentation is loading. Please wait.
Published byHarvey Mathews Modified over 9 years ago
1
CPTWG Jan. 2002 MacroSafe TM System A Solution for Secure Digital Media Distribution Presentation to the CPTWG Jan. 15, 2002
2
CPTWG Jan. 2002 2 Problem Statement The lack of a highly secure, flexible and easy to use system to protect, consume and distribute high value content via the Internet is one factor that has limited the distribution of high value content and the associated revenue opportunities
3
CPTWG Jan. 2002 3 Customer Requirements Highly secure, end-to-end solution Seamless interface with existing e-Commerce infrastructures Scalable architecture to cost effectively support growing demand No change to existing content authoring workflows Media agnostic – usable with any type of compression or file format Support for different means of distribution Support for flexible business models Able to be ported to other devices: STBs, PVR, HMS High quality user experience Highly secure, end-to-end solution Seamless interface with existing e-Commerce infrastructures Scalable architecture to cost effectively support growing demand No change to existing content authoring workflows Media agnostic – usable with any type of compression or file format Support for different means of distribution Support for flexible business models Able to be ported to other devices: STBs, PVR, HMS High quality user experience
4
CPTWG Jan. 2002 4 Macrovision’s Strategy Leverage its “best in class” security technologies and products to develop a highly secure, end-to- end solution Analog Copy Protection –Customers: Content Owners, HW Man., IC Man. –Technology: Patented, analog-centric SafeWrap/SafeCast/SafeDisc consumer software copy protection and DRM –Customers: Microsoft, EA, Digital River, Borland –Technology: Tamper Hardening, Tamper Evidence, DRM Flexlm, GTlicensing business software license management –Customers: Sun, Cadence, SGI, AutoDesk, ReleaseNow –Technology: License Generation, DRM SafeAudio audio CD copy protection –Currently in trials Leverage its “best in class” security technologies and products to develop a highly secure, end-to- end solution Analog Copy Protection –Customers: Content Owners, HW Man., IC Man. –Technology: Patented, analog-centric SafeWrap/SafeCast/SafeDisc consumer software copy protection and DRM –Customers: Microsoft, EA, Digital River, Borland –Technology: Tamper Hardening, Tamper Evidence, DRM Flexlm, GTlicensing business software license management –Customers: Sun, Cadence, SGI, AutoDesk, ReleaseNow –Technology: License Generation, DRM SafeAudio audio CD copy protection –Currently in trials
5
CPTWG Jan. 2002 5 Macrovision’s Strategy (cont.) Acquire new technology Investments in companies –Digimarc - watermarking –NTRU - encryption –RioPort – media distribution –Command Audio – media distribution –Widevine – encryption and tamper evidence –iVAST – MPEG-4 and media distribution –Digital Fountain – media distribution Purchase IP and patents –AudioSoft –MediaDNA –Others Acquire new technology Investments in companies –Digimarc - watermarking –NTRU - encryption –RioPort – media distribution –Command Audio – media distribution –Widevine – encryption and tamper evidence –iVAST – MPEG-4 and media distribution –Digital Fountain – media distribution Purchase IP and patents –AudioSoft –MediaDNA –Others
6
CPTWG Jan. 2002 6 MacroSafe System Architecture Analog Video Out Digital Video Out Analog Copy Protection Digital Copy Protection
7
CPTWG Jan. 2002 7 MacroSafe System Architecture Analog Video Out Digital Video Out Analog Copy Protection Digital Copy Protection
8
CPTWG Jan. 2002 8 Server-Side Components Publisher Rights and encryption strategy defined IPMP placeholders added to content stream –During encryption, the placeholders are replaced with encrypted “content decryption keys” Metafile generated Cypher Service 192-bit, AES encryption Content is encrypted before being stored in the content repository Manages the Key Escrow Content Repository Series of one or more network disk volumes Stores encrypted content and metafile Publisher Rights and encryption strategy defined IPMP placeholders added to content stream –During encryption, the placeholders are replaced with encrypted “content decryption keys” Metafile generated Cypher Service 192-bit, AES encryption Content is encrypted before being stored in the content repository Manages the Key Escrow Content Repository Series of one or more network disk volumes Stores encrypted content and metafile
9
CPTWG Jan. 2002 9 Server-Side Components (cont.) DRM Server Slave to the E-commerce system, but master to the DRM system –Coordinates all activities in the DRM system –Controls key generation, content encryption, content and certificate delivery Streaming Server Streams encrypted content to the client Download Server Transfers encrypted content files to the client DRM Server Slave to the E-commerce system, but master to the DRM system –Coordinates all activities in the DRM system –Controls key generation, content encryption, content and certificate delivery Streaming Server Streams encrypted content to the client Download Server Transfers encrypted content files to the client
10
CPTWG Jan. 2002 10 Client Components DRM Validation Determines if the client has the rights to do the requested action, with the selected content Compares the requested action vs. the rights given to the client in the certificates stored in the Secured Registry Decryption Engine Decrypts content keys Decrypts content using decrypted content keys and enables viewing of content by authorized users DRM Control Manages and controls all access to the Secured Registry DRM Validation Determines if the client has the rights to do the requested action, with the selected content Compares the requested action vs. the rights given to the client in the certificates stored in the Secured Registry Decryption Engine Decrypts content keys Decrypts content using decrypted content keys and enables viewing of content by authorized users DRM Control Manages and controls all access to the Secured Registry
11
CPTWG Jan. 2002 11 Client Components (cont.) Secured Registry A secure container to store: –Component Signatures used to detect tampering –Client’s certificates (ie. the user’s rights) Locked to a specific computer The only access to the Secured Registry is by using trust authenticated controls Quality of Service Validates that content has been received so that the E-Commerce system can complete the payment transaction Secured Registry A secure container to store: –Component Signatures used to detect tampering –Client’s certificates (ie. the user’s rights) Locked to a specific computer The only access to the Secured Registry is by using trust authenticated controls Quality of Service Validates that content has been received so that the E-Commerce system can complete the payment transaction
12
CPTWG Jan. 2002 12 Macrovision’s Solution - MacroSafe Highly secure, end-to-end solution Frame-based deep encryption, 192-bit AES Multi-layer encryption, similar to CA –Content key –License key –Signing and authentication Ability to revoke compromised clients Client to Server communication uses signatures for authentication Highly secure, end-to-end solution Frame-based deep encryption, 192-bit AES Multi-layer encryption, similar to CA –Content key –License key –Signing and authentication Ability to revoke compromised clients Client to Server communication uses signatures for authentication
13
CPTWG Jan. 2002 13 Macrovision’s Solution - MacroSafe Highly secure, end-to-end solution (cont.) Multiple layers of client security –Tamper Hardening – obfuscation, debugger detection, encryption, etc. –Tamper Evidence – Module signatures compared to signatures stored in Secure Registry –Tamper Detection – Self-revocation if tampering is detected, requiring renewal –Secure registry – contains module signatures and certificates –Trust authentication - During runtime, module-to- module communication checked for man-in-the- middles attacks –Client locked to a specific computer –Continuous security updates to code Highly secure, end-to-end solution (cont.) Multiple layers of client security –Tamper Hardening – obfuscation, debugger detection, encryption, etc. –Tamper Evidence – Module signatures compared to signatures stored in Secure Registry –Tamper Detection – Self-revocation if tampering is detected, requiring renewal –Secure registry – contains module signatures and certificates –Trust authentication - During runtime, module-to- module communication checked for man-in-the- middles attacks –Client locked to a specific computer –Continuous security updates to code
14
CPTWG Jan. 2002 14 Macrovision’s Solution - MacroSafe Seamless interface with existing e-Commerce infrastructures MacroSafe is a subsystem to the e-commerce system or SMS Interfaces to e-commerce using industry standards –SOAP, RMI, TCP/IP, CORBA Certificates generated using industry standards –XML, XrML, XMCL, ORDL Seamless interface with existing e-Commerce infrastructures MacroSafe is a subsystem to the e-commerce system or SMS Interfaces to e-commerce using industry standards –SOAP, RMI, TCP/IP, CORBA Certificates generated using industry standards –XML, XrML, XMCL, ORDL
15
CPTWG Jan. 2002 15 Macrovision’s Solution - MacroSafe Scalable architecture to cost effectively support growing demand Distributed architecture allows servers operating in parallel Java-based server applications run on Unix, Linux and Windows platforms Scalable architecture to cost effectively support growing demand Distributed architecture allows servers operating in parallel Java-based server applications run on Unix, Linux and Windows platforms
16
CPTWG Jan. 2002 16 Macrovision’s Solution - MacroSafe No change to existing content authoring workflows Separate authoring and publishing Author once for multiple distribution methods Pricing, usage rules and content package are independent No change to existing content authoring workflows Separate authoring and publishing Author once for multiple distribution methods Pricing, usage rules and content package are independent
17
CPTWG Jan. 2002 17 Macrovision’s Solution - MacroSafe Media agnostic – usable with any type of compression or file format Audio, Video, Software, Text,.pdf MPEG-1, MPEG-2, MPEG-4 AAC, MP3, WMA, others Real, Microsoft, QuickTime Media agnostic – usable with any type of compression or file format Audio, Video, Software, Text,.pdf MPEG-1, MPEG-2, MPEG-4 AAC, MP3, WMA, others Real, Microsoft, QuickTime
18
CPTWG Jan. 2002 18 Macrovision’s Solution - MacroSafe Support for different means of distribution: Download, streaming, pre-packaged “Push” and “Pull” business models supported –Download or stream to a specific consumer –Datacast to a large audience Peer-to-Peer super-distribution supported Support for different means of distribution: Download, streaming, pre-packaged “Push” and “Pull” business models supported –Download or stream to a specific consumer –Datacast to a large audience Peer-to-Peer super-distribution supported
19
CPTWG Jan. 2002 19 Macrovision’s Solution - MacroSafe Support for flexible business models Rental Purchase Subscription Time restricted playback Number restricted playback PPV VOD Super Distribution Support for flexible business models Rental Purchase Subscription Time restricted playback Number restricted playback PPV VOD Super Distribution
20
CPTWG Jan. 2002 20 Macrovision’s Solution - MacroSafe Able to be migrated to other devices: STB, PVR, HMS Complements CA and other copy management schemes Java-based client compatible with Windows, Linux and STBs running DVB-J Client’s skin can be easily customized for branding or specific applications Rights definitions map into CCI states Able to be migrated to other devices: STB, PVR, HMS Complements CA and other copy management schemes Java-based client compatible with Windows, Linux and STBs running DVB-J Client’s skin can be easily customized for branding or specific applications Rights definitions map into CCI states
21
CPTWG Jan. 2002 21 Macrovision’s Solution - MacroSafe High Quality User Experience Security is transparent to the user DVD-like video and audio quality and user controls Frame-based encryption enables trick-play of encrypted media Java-based client compatible with –Win98, WinMe, WinNT, Win2K, WinXP –Linux –Mac OSX QoS feedback loop signals e-commerce system when media has been successfully transferred Supports “fair use” High Quality User Experience Security is transparent to the user DVD-like video and audio quality and user controls Frame-based encryption enables trick-play of encrypted media Java-based client compatible with –Win98, WinMe, WinNT, Win2K, WinXP –Linux –Mac OSX QoS feedback loop signals e-commerce system when media has been successfully transferred Supports “fair use”
22
CPTWG Jan. 2002 22 Schedule Content Download to PC Client Customer Trials – 3Q2002 Production Release – 4Q2002 Streaming to PC Client Customer Trials – 4Q2002 Production Release – 1Q2003 Content Download to PC Client Customer Trials – 3Q2002 Production Release – 4Q2002 Streaming to PC Client Customer Trials – 4Q2002 Production Release – 1Q2003
23
CPTWG Jan. 2002 23 Summary - MacroSafe Highly secure, end-to-end solution Seamless interface with existing e-Commerce infrastructures Scalable architecture to cost effectively support growing demand No change to existing content authoring workflows Media agnostic – usable with any type of compression or file format Support for different means of distribution Support for flexible business models Able to be ported to other devices: STBs, PVR, HMS High quality user experience Highly secure, end-to-end solution Seamless interface with existing e-Commerce infrastructures Scalable architecture to cost effectively support growing demand No change to existing content authoring workflows Media agnostic – usable with any type of compression or file format Support for different means of distribution Support for flexible business models Able to be ported to other devices: STBs, PVR, HMS High quality user experience
24
CPTWG Jan. 2002 24 For more information, contact: Kirby J. Kish Macrovision 408-743-8510 kkish@macrovision.com Kirby J. Kish Macrovision 408-743-8510 kkish@macrovision.com
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.