INTEROPERABILITY OF CA & DRM Dr.Klaus Illgner, Rapporteur MCD/CA-DRM-Interop 1 © ETSI 2011. All rights reserved Summary The presentation aims to • Explain the terms „CA“ and „DRM“ in a non-technical way • Outline the current market situation and challenge • Identify desirable goals for future (technical) developments • Advertise the work in MCD on CA/DRM-Interoperability 2 © ETSI 2011. All rights reserved What are we talking about? Borrow card 24h Borrow card 3 days • access control • allowance to enter requires to control the access • allowance to access particular content areas • usage rights 3 © ETSI 2011. All rights reserved Core Functionality of CA/DRM-Systems Provide technical means for control: For the access by means of a user device to • a pysical network • a service provider • particular services of a service provider For ensuring that the granted usage rights are obeyed • Type and extend of usage of content 4 © ETSI 2011. All rights reserved Systemizing the Security Systems Business Layer Technical Layer Content provisioning DRM systems „usage control“ content (as service) Content aggregation: contentusage Platform service access Content distribution: networks network access Content präsenation: End device End customer © ETSI 2011. All rights reserved CA systems „access control“ content access Core Elements and Process Steps of CA/DRM-Systems Ensuring the trustability of the end device • authorized typ • authentication via device -ID Control of the entitlement of the user • Verifying the access rights • Verifying of usage rights und usage conditions for the respective content Clearance and Provisioning of the key to decrypt the content These elements are components of every CA/DRM-Systems possibility to develop a generic harmonized architecture model? Different and partially proprietary implementations market fragmentation and limited (if at all) interoperability 6 © ETSI 2011. All rights reserved What do consumers expect? Access to content & services • With an existing (owned) end device • To all services and content within a specific network independent from the network operator (contract and rights assumed) Change of network operator within a network type • By re-using the end device Possibility to change between different types of networks is intuitively expected. Using bought content on any of his devices Consumers expect interoperability of content and service usage from a broad range of sources on his device 7 © ETSI 2011. All rights reserved What is the issue? Current situation Access and usage control systems (Conditional Access – CA & Digital Rights Management -- DRM) play a fundamental role CA systems include DRM while DRM is used also for CA „Interoperability“ only very limited established • In almost every environment a different CA/DRM system (regime) is being applied • Often a CA /DRM system is bound to a specific device • security anchors built into the devices are typically known are only to individual security system providers 8 © ETSI 2011. All rights reserved Interoperability and CA/DRM No contradiction No sorcery Similarities known from other living situations 9 © ETSI 2011. All rights reserved Control Mechanism in Road Traffic Usage rights Trusted device device-ID general Registration (authorization) Specific ones „Unrestricted“ driving experience Approach worldwide identical 10 © ETSI 2011. All rights reserved Market Situation in CA/DRM Quite a few different systems are on the market Quite a few organization are developing & standardizing CA/DRM under different perspectives All kinds of consumer devices can be used for media consumption Hybrid receivers (broadcast / broadband) must be able to handle both worlds Growing demand for connectivity & mobility Observation No common concepts No common standards Several approaches exist from different industry driven organizations 11 © ETSI 2011. All rights reserved MCD – Work Item Developing a Technical Report Architecture, Requirements and Mechanisms for interoperable CA/DRM-solutions supporting horizontal CPE markets Scope Analysis of solutions for interoperable multimedia CPE with respect to CA/DRM, suitable for Multimedia platforms (broadcast, broadband or hybrid) • • • • • • 12 Analysis of the status of existing standards and otherwise existing solutions Capturing market requirements, proposed architectures, mechanisms for key management, and existing encryption algorithms for secure, interoperable service access and content delivery; including exchangeable (downloadable) CA/DRM systems and evaluation of necessary usage rights for broadcast content, as well as mechanisms for interoperable provisioning of broadband delivered encrypted content. Identification of reference points, interfaces and flow charts of proposed architectures Concepts for market implementation, business roles, and trust center Special focus on security aspects including authentication and authorization in both a broadcast and broadband context and broadcast and broadband provisioning in a trusted environment. Regulatory and legal issues (related to TR 102 688 – 3) © ETSI 2011. All rights reserved How to proceed? „Interoperability“ • requires an agreement on communication protocol and semantics at interfaces • Standardization is one option Standardization • specifies the minimal necessary elements • requires support of all relevant market participants • must provide clear advantages for market participants • leaves sufficient room for differentiation and evolution There is something specific in CA/DRM • Liability to prevent misuse of content Besides standardization compliance & robustnes / trust must be etablished 13 © ETSI 2011. All rights reserved Contact Details: Dr.Klaus Illgner illgner@irt.de Thank you! 14 © ETSI 2011. All rights reserved