Upload
jasmeet-chhabra
View
1.536
Download
6
Tags:
Embed Size (px)
DESCRIPTION
What is DRM? DRM standards Microsoft Playready , Apple FairPlay , OMA DRM DRM Techniques Streaming standards HTTP live stream, MPEG DASH etc. DRM content playback Silverlight, Flash, HTML5 Premium Video Extensions
Citation preview
DRM LANDSCAPE AND ONLINE STREAMINGJasmeet (Jas) Chhabra
Outline• What is DRM?• DRM standards
• Microsoft Playready , Apple FairPlay , OMA DRM
• DRM Techniques• Streaming standards
• HTTP live stream, MPEG DASH etc.
• DRM content playback• Silverlight, Flash, HTML5 Premium Video Extensions
DRM: what is it?
• Digital rights management• Separates protected content and license rights.
• DRM may be viewed as content owner’s effort to exert “remote control” over content after it is delivered to the recipient
• Accomplished through cryptographic controls and controls on user platforms.
DRM : The reality
• Cryptography is necessary but not sufficient for DRM
• Cryptography was designed to deliver bits securely, not to protect them after they have been delivered. DRM is opposite of that.
• DRM will always suffer from analog hole• For example you can record music being played by using a microphone
Basic Terms
• Rights expression language: Defines rights and constraints on content
• License server: issues licenses• License: Contains keys to access content and use REL to express rights and constraints
• Secure player: Enforces the rules and constraints• Domain: Common group of devices that allow single domain license to be used. For example all of the devices in a household
Movie DRM standards for Disks• CSS (Content Scrambling System)
• Used for DVD.
• Advanced Access Content System (AACS)• Used for HD-DVD and blue Ray
Online Streaming services• Current
• Microsoft PlayReady• Apple Fairplay
• Future:• Lots of players planning to move to HTML5 DRM
• HTML5 Premium Video Extensions
This is our Focus
Other DRM technologies• OMA DRM: Used by operators for Ringtones, Music,
Wallpapers etc.
Relationship of various pieces
• DRM: Defines how to protect content• Streaming standards: Define how content can be streamed adaptively
• Player: Implementations of content viewer that include many DRM technologies and streaming standards
DRM: MICROSOFT PLAYREADY
Microsoft PlayReady
Packaging Server:Packages content for distribution
Microsoft PlayReady
Send appropriate data to various servers
Microsoft PlayReady
License Server:
• Stores rights info for clients.
• Provide content right licenses to the client
Quick Note: Domain
• A set of devices that belong to the same user
• They may share content based on the rights granted by the content owner.
• User may add or remove devices to the domain
Microsoft PlayReady
Domain Controller:Stores domain membership info
Microsoft PlayReady
Distribution Server:Distribute the actual content files
Microsoft PlayReady
PlayReady Clients:Clients that play the media
Microsoft PlayReady
Metering Server:Device maintains info on playback count etc.
Microsoft PlayReady: Business Models
• Subscription• Purchase• Pay per view• Rental : Time based• Gifting
Distribution options
• Download• Progressive Download
• Start playing when partially downloaded
• Streaming• Sideloading content from PC to mobile phone
• Sync PC content to mobile device
• Over the air distribution• Direct delivery over wireless network rather than sideloading
• Super Distribution• Send and share with other users over email, wireless etc.
DRM: APPLE FAIRPLAY
FairPlay Overview
• Apple’s closed format• Files are MP4 containers with an encrypted content• MP4 can handle audio, video, images, text and other
digital content
• User keys decrypt the master key for the content• iTunes server keeps track of domain info and allows up to 5 machines to be authorized.
• User keys are stored in key repository on the machine
DRM: OMA DRM
OMA DRM• OMA: Open Mobile Alliance: Consortium of various mobile
communication companies.• OMA DRM 2.0 provides complete end-to-end protection
system • Based on concept of separating the license and content• License is called Rights object (RO)• RO contains content encryption keys and basic usage
rules.• License is generally created for a particular device
OMA DRM Architecture / OperationRights
issuer (RI)
DRM Agent on Device
Content issuer
Usage rules +CEK
Rights object (RO)
Rights object acquisition protocol (ROAP)
HTTP,…
Protected Content
1
1. DRM client requests protected content2. Rights issuer handles generation and delivery of rights object.
• Rights object includes usage rules and a CEK.• If this is the first time RI and the device are communicating, RI also
performs an enrollment process.3. DRM agent on device decrypts CEK and enforces usage rules
2
3
Other OMA DRM Concept• Domain: Set of devices where content can be shared
• Super-distribution: separation of license and content allows content to be distributed through any channel.
• Subscription: Enables business models based on subscriptions service.
• Backup: Allows backup to external storage• Export: Enables export of OMA DRM content and rights to devices using other DRM protection.
DRM IMPLEMENTATION TECHNIQUES
DRM Techniques: Software Defense
• Goal: Make it harder to reverse engineer• Common Techniques
• Anti-Debug • Anti-Disassembly• Obfuscation• Guards: Tamper check parts of code• Combining proprietary crypto with the standard crypto algorithm • Using a combination of above is generally good.
• Arxan is one company that employs many of these techniques
DRM Technique: BOBE-Resistance
• Personalize each copy of software• Metamorphic software like Viruses
• Functionally equivalent software with different internal structure on each machine
• Update software in Real time
DRM Techniques: Hardware assisted
• ARM TrustZone• Discretix
ONLINE STREAMING
HTTP Live Streaming(HLS)
• Created by Apple• Used to distribute both live and on-demand files
• Used to adaptively stream • Widely supported : Microsoft, RealNetworks, Wowza, Akamai
• Exclusive way to deliver video in the apple ecosystem
HLS Overview
• Server: • Encode source into multiple files at different data rate• Each chunk should be short: 5-10 seconds• Load on http server with text based manifest fil3
(.m3u8)• Manifest directs the player to additional manifest files
for each of the encoded streams.
• Client:• Player adaptively selects the content chunks at different
bitrates depending on the bandwidth/network quality, buffer status, CPU utilization etc.
HLS server side : One Video file
IndexFile.m3u8
Alt Low index
Alt Med index
Alt High index
Low_01.ts
Low_02.ts
Low_03.ts
Med_01.ts
Med_02.ts
Med_03.ts
Hi_01.ts
Hi_02.ts
Hi_03.ts
MPEG DASH
• DASH: Dynamic adaptive streaming over HTTP
• Codec agnostic• Core adaptive streaming similar to HLS
• Manifest files and alternate stream urls.
• ISO standard• Not as well supported as HLS
Other online streaming standards
• HDS: HTTP Dynamic streaming• Used for Flash video
• HSS: HTTP smooth streaming• Microsoft standard• Part of IIS media server• Enables streaming media to Silverlight
PLAYERS
Silverlight & Flash
• Application frameworks for writing and running rich internet applications.
• Similar to each other• Silverlight : Microsoft• Flash: Adobe• Used to deliver video :
• SilverLight: Netflix, Amazon• Flash : Youtube
HTTP Premium Video Extensions
• Media Source extensions• Encrypted Media Extensions• Web Cryptography API (WebCrypto)
HTTP Premium Video Extensions :Media Source extensions
• Extends HTMLMediaElement to allow JavaScript to generate media streams for playback
• Allows streaming service to use CDN to download content and feed to video tag for playback
• Allows customized adaptive streaming
HTTP Premium Video Extensions :Encrypted Media Extensions
• Extends HTMLMediaElement providing APIs to control playback of protected content
• Provides standardized way from DRM systems to be used in browser• DRM standard agnostic
HTTP Premium Video Extensions :Web Cryptography API (WebCrypto)
• Defines an API for "basic cryptographic operations in web applications, such as hashing, signature generation and verification, and encryption and decryption.”
• Allows Server to encrypt and decrypt communication between javascript and itself
• Protects user data from inspection and tampring
Summary: Relationship of various pieces
• DRM: Defines how to protect content• Streaming standards: Define how content can be streamed adaptively
• Player: Implementations of content viewer that include many DRM technologies and streaming standards