Protecting and Authorizing Multiscreen Content

Cable operators have always worked hard at securing content and ensuring that it is sent only to the devices for which it is intended. That task is far more complex in the multiscreen environment. Indeed, the concept of digital rights management (DRM) – which includes security, conditional access (CA) and the Digital Living Network Alliance (DLNA) protocol -- is among the most complex issues with which operators must deal.The confusion around the topic -- the subject of the third and final installment of BTR's Summer of Multiscreen -- isn't because any of these tasks are overly complex on its own, at least conceptually. It's that they overlap and change each others' mandates in an environment that is radically more complex than in the past.It will be a long time before the dust settles. "It is not a 'one solution for everyone' type environment," said Fred Ellis, the COO of SecureMedia, a Motorola company. "We used to be a DRM provider. Now we look at each other as an advanced security and DRM provider."It starts and ends in the home, where DLNA rules. DLNA is set of protocols that enable consumer electronics and related devices, such as set-top boxes, to securely and seamlessly exchange content between devices from different vendors on home networks and, in limited cases, beyond. A key member of the family of protocols is DLNA Protected Streaming. It ensures that the network devices are located on the same physical LAN, authenticates that the devices indeed are using the protocol, encrypts the content and delivers the data irrespective of what physical layer connection is in use.The DLNA server sits at the confluence of the home and access networks, and talks to both. It trades information with the CA system -- which is part of the outside network -- about what devices are present on the network, which are entitled to get the various pieces of programming and a variety of other things, said Stephen Palm, senior technical director for Broadcom and a DLNA board member.Beyond the HomeUsing the in-home STB or gateway as the vantage point, those seeking to understand the growing complexity of managing content should do an imaginary about-face and look away from the DLNA-controlled home network and toward the broader access network outside. This network connects to the headend -- and eventually to the content rights owner.The management of the relationship between the content owner and the operator is handled via policy engines in the conditional access system that enforce complex business rules.There are two things at play: The data on what programming can be sent to which device and the way in which that content is secured. The enforcement side in many cases is a sophisticated key-based encryption algorithm called the 128-bit Advanced Encryption Standard (AES), Ellis said. The decryption key -- the only way to unlock the content -- only is sent to the devices that the CA system authorizes.It can be complicated: A studio may demand different levels of protection for different types of content sent to the devices. "Disney may say, 'We are going to allow standard definition content to be delivered to that device under the security it uses today, but in order for high definition to be allowed, we want [this level of] additional security,'" Ellis said.Ellis said studios demand a second layer of protection to be on mobile devices themselves. It makes sense, since an iPad or Xoom carrying valuable content is an inviting target to crackers and hackers. He said device-level protection is less uniform across the industry than the security that is an inherent element of the DRM platform.At this point, IP and legacy DRM stacks are not organically linked -- but they certainly have a lot to tell each other. These conversations in many cases occur at the billing level, said Steve Oetegenn, the chief sales and marketing officer for Verimatrix. In the future, he said, the decision operators must make is whether to maintain the two stacks or converge them as operators move away from traditional networks. "We bet the farm on that happening," he said. "We see a clear trend in the U.S. to IP-centric networks," which would allow the seamless melding of CA and DRM stacks.Robin Wilson, the vice president of business development for Nagra, said he sees only a few limited trials of true multiscreen. The level of integration between stacks -- and the development path of multiscreen in general -- is far from determined, he said. Carl Weinschenk is the Senior Editor for Broadband Technology Report. Contact him at [email protected]