Drm landscape and online streaming

3,658 views
3,305 views

Published on

What is DRM?
DRM standards
Microsoft Playready , Apple FairPlay , OMA DRM
DRM Techniques
Streaming standards
HTTP live stream, MPEG DASH etc.
DRM content playback
Silverlight, Flash, HTML5 Premium Video Extensions

Published in: Technology

Drm landscape and online streaming

  1. 1. DRM LANDSCAPE AND ONLINE STREAMING Jasmeet (Jas) Chhabra
  2. 2. Outline • What is DRM? • DRM standards • Microsoft Playready , Apple FairPlay , OMA DRM • DRM Techniques • Streaming standards • HTTP live stream, MPEG DASH etc. • DRM content playback • Silverlight, Flash, HTML5 Premium Video Extensions
  3. 3. DRM: what is it? • Digital rights management • Separates protected content and license rights. • DRM may be viewed as content owner’s effort to exert “remote control” over content after it is delivered to the recipient • Accomplished through cryptographic controls and controls on user platforms.
  4. 4. DRM : The reality • Cryptography is necessary but not sufficient for DRM • Cryptography was designed to deliver bits securely, not to protect them after they have been delivered. DRM is opposite of that. • DRM will always suffer from analog hole • For example you can record music being played by using a microphone
  5. 5. Basic Terms • Rights expression language: Defines rights and constraints on content • License server: issues licenses • License: Contains keys to access content and use REL to express rights and constraints • Secure player: Enforces the rules and constraints • Domain: Common group of devices that allow single domain license to be used. For example all of the devices in a household
  6. 6. Movie DRM standards for Disks • CSS (Content Scrambling System) • Used for DVD. • Advanced Access Content System (AACS) • Used for HD-DVD and blue Ray
  7. 7. Online Streaming services • Current • Microsoft PlayReady • Apple Fairplay • Future: • Lots of players planning to move to HTML5 DRM • HTML5 Premium Video Extensions This is our Focus
  8. 8. Other DRM technologies • OMA DRM: Used by operators for Ringtones, Music, Wallpapers etc.
  9. 9. Relationship of various pieces • DRM: Defines how to protect content • Streaming standards: Define how content can be streamed adaptively • Player: Implementations of content viewer that include many DRM technologies and streaming standards
  10. 10. DRM: MICROSOFT PLAYREADY
  11. 11. Microsoft PlayReady Packaging Server: Packages content for distribution
  12. 12. Microsoft PlayReady Send appropriate data to various servers
  13. 13. Microsoft PlayReady License Server: • Stores rights info for clients. • Provide content right licenses to the client
  14. 14. Quick Note: Domain • A set of devices that belong to the same user • They may share content based on the rights granted by the content owner. • User may add or remove devices to the domain
  15. 15. Microsoft PlayReady Domain Controller: Stores domain membership info
  16. 16. Microsoft PlayReady Distribution Server: Distribute the actual content files
  17. 17. Microsoft PlayReady PlayReady Clients: Clients that play the media
  18. 18. Microsoft PlayReady Metering Server: Device maintains info on playback count etc.
  19. 19. Microsoft PlayReady: Business Models • Subscription • Purchase • Pay per view • Rental : Time based • Gifting
  20. 20. Distribution options • Download • Progressive Download • Start playing when partially downloaded • Streaming • Sideloading content from PC to mobile phone • Sync PC content to mobile device • Over the air distribution • Direct delivery over wireless network rather than sideloading • Super Distribution • Send and share with other users over email, wireless etc.
  21. 21. DRM: APPLE FAIRPLAY
  22. 22. FairPlay Overview • Apple’s closed format • Files are MP4 containers with an encrypted content • MP4 can handle audio, video, images, text and other digital content • User keys decrypt the master key for the content • iTunes server keeps track of domain info and allows up to 5 machines to be authorized. • User keys are stored in key repository on the machine
  23. 23. DRM: OMA DRM
  24. 24. OMA DRM • OMA: Open Mobile Alliance: Consortium of various mobile communication companies. • OMA DRM 2.0 provides complete end-to-end protection system • Based on concept of separating the license and content • License is called Rights object (RO) • RO contains content encryption keys and basic usage rules. • License is generally created for a particular device
  25. 25. OMA DRM Architecture / Operation Rights issuer (RI) DRM Agent on Device Content issuer Usage rules + CEK Rights object (RO) Rights object acquisition protocol (ROAP) HTTP, … Protected Content 1 1. DRM client requests protected content 2. Rights issuer handles generation and delivery of rights object. • Rights object includes usage rules and a CEK. • If this is the first time RI and the device are communicating, RI also performs an enrollment process. 3. DRM agent on device decrypts CEK and enforces usage rules 2 3
  26. 26. Other OMA DRM Concept • Domain: Set of devices where content can be shared • Super-distribution: separation of license and content allows content to be distributed through any channel. • Subscription: Enables business models based on subscriptions service. • Backup: Allows backup to external storage • Export: Enables export of OMA DRM content and rights to devices using other DRM protection.
  27. 27. DRM IMPLEMENTATION TECHNIQUES
  28. 28. DRM Techniques: Software Defense • Goal: Make it harder to reverse engineer • Common Techniques • Anti-Debug • Anti-Disassembly • Obfuscation • Guards: Tamper check parts of code • Combining proprietary crypto with the standard crypto algorithm • Using a combination of above is generally good. • Arxan is one company that employs many of these techniques
  29. 29. DRM Technique: BOBE-Resistance • Personalize each copy of software • Metamorphic software like Viruses • Functionally equivalent software with different internal structure on each machine • Update software in Real time
  30. 30. DRM Techniques: Hardware assisted • ARM TrustZone • Discretix
  31. 31. ONLINE STREAMING
  32. 32. HTTP Live Streaming(HLS) • Created by Apple • Used to distribute both live and on-demand files • Used to adaptively stream • Widely supported : Microsoft, RealNetworks, Wowza, Akamai • Exclusive way to deliver video in the apple ecosystem
  33. 33. HLS Overview • Server: • Encode source into multiple files at different data rate • Each chunk should be short: 5-10 seconds • Load on http server with text based manifest fil3 (.m3u8) • Manifest directs the player to additional manifest files for each of the encoded streams. • Client: • Player adaptively selects the content chunks at different bitrates depending on the bandwidth/network quality, buffer status, CPU utilization etc.
  34. 34. HLS server side : One Video file Index File.m3u8 Alt Low index Alt Med index Alt High index Low_01.ts Low_02.ts Low_03.ts Med_01.ts Med_02.ts Med_03.ts Hi_01.ts Hi_02.ts Hi_03.ts
  35. 35. MPEG DASH • DASH: Dynamic adaptive streaming over HTTP • Codec agnostic • Core adaptive streaming similar to HLS • Manifest files and alternate stream urls. • ISO standard • Not as well supported as HLS
  36. 36. Other online streaming standards • HDS: HTTP Dynamic streaming • Used for Flash video • HSS: HTTP smooth streaming • Microsoft standard • Part of IIS media server • Enables streaming media to Silverlight
  37. 37. PLAYERS
  38. 38. Silverlight & Flash • Application frameworks for writing and running rich internet applications. • Similar to each other • Silverlight : Microsoft • Flash: Adobe • Used to deliver video : • SilverLight: Netflix, Amazon • Flash : Youtube
  39. 39. HTTP Premium Video Extensions • Media Source extensions • Encrypted Media Extensions • Web Cryptography API (WebCrypto)
  40. 40. HTTP Premium Video Extensions : Media Source extensions • Extends HTMLMediaElement to allow JavaScript to generate media streams for playback • Allows streaming service to use CDN to download content and feed to video tag for playback • Allows customized adaptive streaming
  41. 41. HTTP Premium Video Extensions : Encrypted Media Extensions • Extends HTMLMediaElement providing APIs to control playback of protected content • Provides standardized way from DRM systems to be used in browser • DRM standard agnostic
  42. 42. HTTP Premium Video Extensions : Web Cryptography API (WebCrypto) • Defines an API for "basic cryptographic operations in web applications, such as hashing, signature generation and verification, and encryption and decryption.” • Allows Server to encrypt and decrypt communication between javascript and itself • Protects user data from inspection and tampring
  43. 43. Summary: Relationship of various pieces • DRM: Defines how to protect content • Streaming standards: Define how content can be streamed adaptively • Player: Implementations of content viewer that include many DRM technologies and streaming standards

×