Content Protection is one of the key success factors in the deployment of an OTT TV system.
To enable various sustainable business models, Service Providers need to securely and efficiently implement the interoperability of DRM-protected content across multiple devices.
Secured software client integration is needed at the device level for retrieving keys and decrypting content in a controlled environment.
There are many different implementation frameworks for executing this function, going from pure software to hardware-based solutions.
Secured integration is also needed at the streaming platform head-end, so that the DRM system core elements such as content keys, needed for encrypting content and also for generating content usage licenses, can be used at the right place and at the right moment in the head-end system.
One key aspect of the DRM ecosystem is that it encompasses multiple DRM vendors with specific implementations across a broad and growing pool of devices.
A service provider thus needs to ensure that the components in its head-end, often coming from multiple vendors, can also support multiple DRM vendors to ensure the interoperability of content across multiple devices.
To help address this challenge, DASH-IF has defined a set of supported use cases and a secure container for exchanging content keys between DRM systems and head-end components such as encoders and CMS systems.
This allows for the seamless exchange of content keys between all components in the head-end. Content Security remains in the hand of the operator, as such interfaces and key exchanges are secured.
Leveraging the DASH Common Encryption standard (CENC), the same piece of content is encrypted once and used on many different devices with the appropriate key.
The MPEG-DASH ecosystem is growing quickly, and a significant portion of the content being prepared and delivered is protected content.
DASH profiles that have been deployed use MPEG Common Encryption for content protection in order to allow a single encoded and encrypted Representation to be played on multiple device types using multiple Digital Rights Management (DRM) systems.
Common Encryption specifies standard content protection information in ISO Media Representations and DASH manifests such as key identifiers, DRM system identifiers, etc. that can be shared throughout the DASH ecosystem.
Preparation of protected media content for delivery may involve multiple entities and processing steps.
For example, a content owner may encrypt some premium content and deliver it to multiple content providers, which in turn may generate their own DASH Media Presentation Descriptions (MPDs), and make the media decryption keys available to end users via their DRM server(s).
Without a common interchange format for the copy protection information, each content owner, provider, and/or DRM system might specify their own, non-interoperable means of importing and exporting copy protection related data.
The Copy Protection Information Exchange Format (CPIXF) specification aims to provide interoperability for these functions by standardizing the way in which entities and media processors exchange content keys and associated copy protection metadata.
The following diagram illustrates the example described above:
The Copy Protection Information Format specification fulfills the following requirements:
• Interoperability. This is the main goal of the specification; to allow the exchange of copy protection related data using a well-defined, specified and public mechanism.
• Flexibility. The CPIXF documents may be used in simple one-to-one exchanges, or in more complex workflows.
• Security. All security-sensitive information in the exchange (e.g. content keys) is encrypted in a manner such that only the intended recipient can decrypt it.
CONTENT PREPARATION WORKFLOWS
Content keys and DRM signalization need to be created and exchanged between some system entities when preparing content.
The flows of information are of very different nature depending on where content keys are created and also depending on the type of content that can be either on-demand or live for example.
The following gives a general overview of the context in which content protection information made of keys and DRMs signalization needs to be exchanged between entities in the backend.