AGENDA

• Quick Introduction: How to build an end-to-end Marlin system in 30 minutes.
• Marlin Organization Overview
• Marlin Technology Primer
• Content Packaging and Distribution Technology
• Marlin Server Side Technology
• Marlin Client Side Technology
• Implementation Security
• Q&A

Build an End-to-End Marlin System

• Packaging clear-text content into a protected format
• Implementing a Marlin MS3 Streaming-only Server Solution
• Implementing a Marlin Broadband DRM Server Solution
• Implementing an HbbTV application content playback functionality

What is Marlin?

Founded in 2005 by five companies: Intertrust, Panasonic, Philips, Samsung and Sony

• Marlin Developer Community (MDC)
• Marlin Partner Program (MPP)
• Marlin Trust Management Organization (MTMO)
• Marlin Organization Relationships
• Additional Information

What is the the MDC?

• MDC formed in 2006 by Intertrust, Panasonic, Philips, Samsung, and Sony
• Charter is to develop open standards based DRM Specifications
• The community develops specification, reference and conformance test criteria
• Promotes Marlin technology worldwide

What is the the MPP?

• Marlin Partner Program is a forum for solutions providers
• Over 35 partner companies provide expertise across the value chain
• Includes Technology Solutions Providers and System Integrator’s
• MPP membership includes non-commercial access to SDKs

Who is in the MPP?

What is the the MTMO?

• Sister organization to the MDC formed in 2006
• Provides compliance and robustness requirements
• Remediation Policy Management
• Manages Marlin PKI Root Certificates
• Delegation of Trust Services to Certified Trust Service Providers (TSP)
  • Key and Trust Management Operations

Functions and Roles

Marlin Developer Community MDC (www.marlin-community.com)

Marlin Partner Program MPP (www.marlin-community.com/partner)

Marlin Trust Management Organization MTMO (www.marlin-trust.com)

Seacert Corporation (www.seacert.com)

Topics

• Platform Technology Overview
• Delivery Systems Overview
• Service Protocols

Technology Platform Specifications

• NEMO Technology Platform
  • Trusted communications framework
• Octopus DRM Technology Platform
  • General-purpose DRM technical specification
• Marlin Core System
  • Defines the overarching key and trust management functionality of Marlin
  • Profiles the general-purpose NEMO and Octopus technology platform specifications

What is NEMO?

The NEMO framework provides the trusted "plumbing" between the various functional components in a system. NEMO combines SOAP web services with SAML authorizations to provide end-to-end message integrity and confidentiality protection, entity authentication, and role-based service authorization.

Fundamentally the framework defines:

• XML Message Bindings
• Secure Messaging Protocols based on WS-Security
• Trust Management Bindings enabling authentication and role-base authorization
• Policy Bindings to ensure communicating peers adhere to security requirements

What is Octopus?

Octopus is a general-purpose DRM architecture that can be applied to any system requiring distributed governance and control of information.

Fundamentally Octopus DRM is composed of:

• An Object Model used to model application specific entities and their relationship
• A Control Model used to represent rules and enforce governance
• A Key Distribution System overlay
• Secure State Management

What is MCS?

The Marlin Core System Specification defines a common infrastructure for all Marlin Delivery Systems to build upon. Fundamentally the goal of MCS is to enable interoperation among disparate implementations of Marlin technology.

Key aspects of MCS include:

• Concretely specifies the NEMO security mechanisms, bindings and policies
• Defines the representation of Octopus Objects
• Defines the relationship of Octopus Objects to enable various business models
• Defines Octopus Control actions needed to govern access to A/V content
• Defines a Trust Model and a Key Management System

• Marlin Broadband Delivery System (MBB)
  • Persistent content protection
  • Flexible and extensible rights management
  • Business models include: electronic sell-through, rental, and subscription
• Marlin Simple Stream Setup (MS3)
  • Simple subset of Marlin Broadband
  • Persistent content protection
  • Streaming only
• Marlin IPTV-ES
  • Streaming to Connected TVs, STBs & BluRay players
  • Support for PVR

Format Families

• Structured file and data structures
• Encrypted payloads
• Metadata
• Delivery Protocols

• Marlin Broadband Transport Stream Specification
• MPEG2-TS
• Based on ISO/IEC 62455
• Packet encryption: CBC with ANSI/SCTE block termination
• Optional single-key-layer mode

Content Identification (program-based or service-based):

cid:marlin#P||serviceBaseCID||"@"||hex(program_CID_extension)
cid:marlin#S||serviceBaseCID||"@"||hex(service_CID_extension)

Example:

cid:marlin#Purn:marlin:organization:example:video:1234@00000001

The content id (CID) is composed of a services namespace identifier and content item specific 32-bit hex-encoded value.

serviceBaseCID = urn:marlin:organization:hms:bbts
service_CID_extension = 0a0b0c0d

Content Key (128-bit value):

000102030405060708090a0b0c0d0e0f

BBTS Encryption

Ts2Encrypt --key
cid:marlin#Purn:marlin:organization:hms:bbts@0a0b0c0d::000102030405060708090a0b0c0d0e0f
--rights-issuer http://example.com
bigbucksbunny-trailer.ts bigbucksbunny-trailer.bbts

BBTS Decryption

Ts2Decrypt --key
cid:marlin#Purn:marlin:organization:hms:bbts@0a0b0c0d::000102030405060708090a0b0c0d0e0f
bigbucksbunny-trailer.bbts bigbucksbunny-trailer.ts

Download the clear-text bigbucksbunny-trailer.ts

BBTS Information

Ts2Info bigbucksbunny-trailer.bbts

Marlin Protected file:
Marlin content id is
cid:marlin#Purn:marlin:organization:hms:bbts@0a0b0c0d::000102030405060708090a0b0c0d0e0f
Rights issuer url is http://example.com

• Specified in OMA DCF 2.x
• Wrapper for any media type
• Bulk Encryption: AES 128 CBC, CTR
• ISO MP4 file format structure
• Standardized metadata: Content ID, Rights Issuer URL
• Custom headers for extensions
• Mime Type: application/vnd.oma.drm.dcf
• File Extensions: .odf, .oda (Audio), .odv (Video), .mra (Marlin Audio), .mrv (Marlin Video)

Encrypting DCF with mp4dcfpackager

mp4dcfpackager --method CBC
--content-type audio/mp3
--content-id urn:marlin:organization:example:01234
--rights-issuer http://example.com
--key 00112233445566778899aabbccddeeff:00000000000000000000000000000000
song.mp3 song.mra

Unpackaging DCF

mp4decrypt --key 1:00112233445566778899aabbccddeeff
song.mra song-clear.odf

NB: resulting file is still in DCF format (cleartext). Use mp4extract to extract ‘odda’ box and cut first 8 bytes

• Specified in OMA DCF 2.x
• For media in ISO MP4 containers
• Per-frame Encryption: AES 128 CBC, CTR
• ISO MP4 Encryption signaling (enca, encv)
• Custom headers for extensions
• Mime Type: video/mp4
• File Extensions: .mp4, .m4a (Audio), .m4v (Video), .mla (Marlin Audio), .mlv (Marlin Video)

MP4 files packaged as PDCF content can have individual tracks encrypted with the same or different keys. For each protected track, a unique content id must be chosen.

Content Identification

audio: urn:marlin:organization:hms:8puslic:00000000010f510070000000000000007f00000000000100
video: urn:marlin:organization:hms:8puslic:00000000010f510070000000000000007f00000000000101

Content Key

000102030405060708090a0b0c0d0e0f

Cryptographic Algorithm and Initialization Vector

OMA-PDCF-CTR
0000000000000000

mp4encrypt Command Line

mp4encrypt --method OMA-PDCF-CTR
 --key 1:000102030405060708090a0b0c0d0e0f:0000000000000000
 --key 2:000102030405060708090a0b0c0d0e0f:0000000000000000
 --property
1:ContentId:urn:marlin:organization:hms:8puslic:00000000010f510070000000000000007f00000000000100
 --property
2:ContentId:urn:marlin:organization:hms:8puslic:00000000010f510070000000000000007f00000000000101
bigbucksbunny-trailer.mp4 bigbucksbunny-trailer.mlv

mp4decrypt Command Line

mp4decrypt
--key 1:000102030405060708090a0b0c0d0e0f:0000000000000000
--key 2:000102030405060708090a0b0c0d0e0f:0000000000000000
bigbucksbunny-trailer.mlv bigbucksbunny-trailer.mp4

Download the clear-text bigbucksbunny-trailer.mp4

• Source audio & video is encoded at one or more bit-rate variants, with aligned GOPs (Group of Pictures)
• Each variant is split into small segments (2-10 seconds) each with one or more GOPs
• An index provides a description, duration and location (URL) of segments
• Client retrieves the index, and segments one by one using HTTP
• Client can switch to a different bit-rate at each new segment

• Marlin Adaptive Streaming Specification -Simple Profile
• MPEG DASH
  • MP4: Fragmented MP4 with Common Encryption (CENC, AES-128 CTR)
  • MPEG2-TS: BBTS segments
• HLS
  • BBTS segments (AES 128 CBC)
  • Whole-segment encryption (AES-128 CBC)

• draft-pantos-http-live-streaming-07

• Segments encrypted with BBTS or Bulk

  Bulk:

  • METHOD=AES-128 (MANDATORY) as specified in [HLS], §3.2.3
  • IV (OPTIONAL) as specified in [HLS]
  • CID="<ContentId>" (MANDATORY) content identifier

  BBTS:

  • METHOD=MARLIN-BBTS (MANDATORY)
  • CID="<ContentId>" (MANDATORY) content identifier

• Encrypt each segment (Bulk or BBTS)
• Use same key for all bit-rates
• BBTS: use Ts2AdaptiveAwareEncrypt to guarantee that IVs will match

• ISO/IEC 23009-1 (Information technology — Dynamic adaptive streaming over HTTP (DASH) — Part 1: Media presentation description and segment formats)
• ISO/IEC 23001-7 (Information technology — MPEG systems technologies — Part 7: Common encryption in ISO base media file format files)

• Input must be GOP-aligned
• Fragment MP4 if not already fragmented mp4fragment tool
• Encrypt fragmented MP4 file
• Insert Marlin info in MPD

Head-end and MBB

Head-end and MS3

Server Side Implementation Options

• Hosted Marlin Service
• Bluewhale Marlin Broadband Server
• Roll-your-own DRM Server

HMS Overview

• A REST API for issuing rights to content
• Content packaging tools
• Sample clients and tools to verify your service implementation
• Simple and cost-effective to operate

5 Easy Steps

• Set up an account

• Review the REST API

• Integrate DRM support into the content store interface

• Package the content

• Test the system with actual target devices or the command line

  device simulators

• Sign up for the service at https://www.hostedmarlin.com/

• Subsequent to sign up a customer authentication code is created

  • This will be used to identify from your service to HMS

• HMS provides a simple REST API to issue rights to content

• The result of the REST API is either an MS3 compound URI or a

  Marlin Broadband Action Token

• HMS Rest API documentation and tutorial are available at: https://www.hostedmarlin.com/help.

Transaction Tokens

HMS operates by issuing transaction tokens to service providers that are then redeemed, by a media aware client application, to a DRM object such as a license for a particular content item.

HMS supports three types of transaction tokens:

• MS3 License
• Marlin Broadband License
• Marlin Broadband Registration

customerAuthenticator

The Customer Authenticator that was provided on the CMI web site.

contentId

For single content id the syntax is contentId=. For multiple contentIds the syntax is contentId.N=.

contentKey

For single content key the syntax is contentKey=. For multiple contentKeys the syntax is contentKey.N=. The value of N must correspond with the contentId having the same value.

contentURL

This is the URL where the protected content can be downloaded. It will be embedded in the transaction token (a URL for MS3 Licenses).

Given the following parameters:

customer authenticator:  FOOBAR

content id:   cid:marlin#Purn:marlin:organization:hms:bbts@0a0b0c0d

content key:  000102030405060708090a0b0c0d0e0f

A request for a transaction token could be acquired using curl:

curl 'https://eval.hostedmarlin.com/hms/ms3/token?
 &customerAuthenticator=FOOBAR
 &contentId=cid:marlin%23Purn:marlin:organization:hms:bbts@0a0b0c0d
 &contentKey=000102030405060708090a0b0c0d0e0f
 &contentURL=http://example.com/bigbucksbunny' > ms3_compound_uri.txt

In the above example, an errorFormat parameter was not specified so the default of HTML will be used. Alternatively errorFormat=json could have been added to the query string.

Assuming the Marlin client has already been personalized (e.g. with WasabiSushiPersonalize) then the transaction token (i.e., a MS3CompoundURI) can be redeemed for an MS3 Stream Access Statement.

Ms3SampleClient `cat ms3_compound_uri.txt`

--- MS3 Client 1.0 ---
Retrieving URL
https://eval.hostedmarlin.com:8443/hms/ms3/rights/?...
SAS:
Key 1:
Content ID: f3b4309701e2ed67ff75a069df70f6f73ce202af
Key Value:  000102030405060708090a0b0c0d0e0f
Authenticator:
Flags: (none)
Output Control: (0,0 hex)
[No Extensions]
Content URL: http://example.com/bigbucksbunny

Using the content id and content key the BBTS file can be decrypted and played:

Ts2Decrypt --key
cid:marlin\#Purn:marlin:organization:hms:bbts@0a0b0c0d::000102030405060708090a0b0c0d0e0f
bigbucksbunny-trailer.bbts decrypted.ts

For BBTS we can also use WasabiCopyMedia by providing the SAS directly:

WasabiCopyMedia -t video/MP2T `cat ms3_compound_uri.txt` decrypted.ts

And finally playback can by invoked with ffplay:

ffplay decrypted.ts

customerAuthenticator

The Customer Authenticator that was provided on the CMI web site.

actionTokenType

This value should be 1 for Broadband License Transaction Token.

contentId

The syntax is contentId= or contentId.N= for multiple contentIds.

contentKey

The syntax is contentKey= or contentKey.N= for multiple contentKeys.

rightsType

This value is either BuyToOwn or Rental. Rental requires the rental.periodEndTime and rental.playDuration parameters.

Given the following parameters:

customer authenticator:  FOOBAR
audio
 content id:
 urn:marlin:organization:hms:8puslic:00000000010f510070000000000000007f00000000000100
 content key:
 000102030405060708090a0b0c0d0e0f
video:
 content id:
 urn:marlin:organization:hms:8puslic:00000000010f510070000000000000007f00000000000101
 content key:
 000102030405060708090a0b0c0d0e0f

A request for a transaction token could be acquired using curl:

curl 'https://eval.hostedmarlin.com/hms/bb/token?actionTokenType=1
&customerAuthenticator=FOOBAR
&contentId.0=urn:marlin:organization:hms:8puslic:00000000010f510070000000000000007f00000000000100
&contentKey.0=000102030405060708090a0b0c0d0e0f
&contentId.1=urn:marlin:organization:hms:8puslic:00000000010f510070000000000000007f00000000000101
&contentKey.1=000102030405060708090a0b0c0d0e0f
&rightsType=BuyToOwn' > bb_license_action_token.xml

Assuming the Marlin client has already been personalized (e.g. with WasabiSushiPersonalize) then the transaction token (i.e., an ActionToken) can be redeemed for an MBB License.

WasabiSushiProcessToken --save-license license_device_bound.xml bb_license_action_token.xml

==== Sushi Token Processor V1.0 =======================================
SDK API Version: 0.1.1.6
SDK IMP Version: 1040000
SDK IMP Build:   7157
SDK IMP Details: (c) 2005-2010 Intertrust Technologies / Revision 7157
OnEvent - > BEGIN [SHI_TRANSACTION_TYPE_SERVICE_TOKEN_PROCESSING]
OnEvent - > PROGRESS: 0 of 3
OnEvent - > PROGRESS: 1 of 3
OnEvent - >> BEGIN [SHI_TRANSACTION_TYPE_LICENSE_ACQUISITION]
OnEvent - >> PROGRESS: 0 of 2
OnEvent - >> PROGRESS: 1 of 2
OnEvent - >> EVENT: event type 9
OnEvent - >> PROGRESS: 2 of 2
OnEvent - >> END: code=0, message=''
OnEvent - > PROGRESS: 2 of 3
OnEvent - > PROGRESS: 3 of 3
OnEvent - > END: code=0, message=''
OnEvent - DONE
======================================================================

The redemption of the Action Token resulted in receiving a file license_device_bound.xml. To interrogate the license supply the relevant contentIds to WasabiSushiAction:

WasabiSushiAction Perform Play license_device_bound.xml
urn:marlin:organization:hms:8puslic:00000000010f510070000000000000007f00000000000100
urn:marlin:organization:hms:8puslic:00000000010f510070000000000000007f00000000000101

==== Sushi Action V1.0 =============================================
SDK API Version: 0.1.1.6
SDK IMP Version: 1040000
SDK IMP Build:   7157
SDK IMP Details: (c) 2005-2010 Intertrust Technologies / Revision 7157
Action Result: GRANTED
Action Result Info Flag(s):
KEY 0 = 000102030405060708090a0b0c0d0e0f
KEY 1 = 000102030405060708090a0b0c0d0e0f
======================================================================

Using the content id and content key the BBTS file can be decrypted and played:

mp4decrypt --key 1:000102030405060708090a0b0c0d0e0f
--key 2:000102030405060708090a0b0c0d0e0f
bigbucksbunny-trailer.mlv decrypted.mp4

And finally playback can by invoked with ffplay:

ffplay decrypted.mp4

customerAuthenticator

The Customer Authenticator that was provided on the CMI web site.

actionTokenType

This value should be 0 for Broadband Registration Action Token.

userId

The user id to associate with this user.

userKey

The user key to associate with this user.

Given the following parameters:

userId  12345678
userKey 000102030405060708090a0b0c0d0e0f

Request the token using curl:

curl
'https://eval.hostedmarlin.com/hms/bb/token?actionTokenType=0
 &customerAuthenticator=FOOBAR
 &userId=12345678
 &userKey=000102030405060708090a0b0c0d0e0f' > bb_registration_token.xml

Assuming the Marlin client has already been personalized (e.g. with WasabiSushiPersonalize) then the transaction token (i.e., an ActionToken) can be redeemed for an MBB License.

WasabiSushiProcessToken bb_registration_token.xml
==== Sushi Token Processor V1.0 =============================================
SDK API Version: 0.1.1.6
SDK IMP Version: 1040000
SDK IMP Build:   7157
SDK IMP Details: (c) 2005-2010 Intertrust Technologies / Revision 7157
OnEvent - > BEGIN [SHI_TRANSACTION_TYPE_SERVICE_TOKEN_PROCESSING]
OnEvent - > PROGRESS: ...
OnEvent - >> BEGIN [SHI_TRANSACTION_TYPE_USER_REGISTRATION]
OnEvent - >> PROGRESS: ...
OnEvent - >> END: code=0, message=''
OnEvent - > PROGRESS: 2 of 4
OnEvent - >> BEGIN [SHI_TRANSACTION_TYPE_LINK_ACQUISITION]
OnEvent - >> PROGRESS: ...
OnEvent - >> END: code=0, message=''
OnEvent - > PROGRESS: ...
OnEvent - > END: code=0, message=''
OnEvent - DONE
======================================================================

To request an Action Token for a user bound license you provide the same parameters for a device bound license plus the user specific information supplied for registration.

The requisite parameters are:

customerAuthenticator, actionTokenType, contentId, contentKey, rightsType,
userId, userKey

The command line request:

curl 'https://eval.hostedmarlin.com/hms/bb/token?actionTokenType=1
&customerAuthenticator=FOOBAR
&contentId.0=urn:marlin:organization:hms:8puslic:00000000010f510070000000000000007f00000000000100
&contentKey.0=000102030405060708090a0b0c0d0e0f
&contentId.1=urn:marlin:organization:hms:8puslic:00000000010f510070000000000000007f00000000000101
&contentKey.1=000102030405060708090a0b0c0d0e0f
&rightsType=BuyToOwn
&userId=12345678
&userKey=000102030405060708090a0b0c0d0e0f' >
bb_user_bound_license_action_token.xml

Assuming the Marlin client has already been personalized (e.g. with WasabiSushiPersonalize) then the transaction token (i.e., an ActionToken) can be redeemed for an MBB License.

WasabiSushiProcessToken --save-license license_user_bound.xml
bb_user_bound_license_action_token.xml

==== Sushi Token Processor V1.0 =============================================
SDK API Version: 0.1.1.6
SDK IMP Version: 1040000
SDK IMP Build:   7157
SDK IMP Details: (c) 2005-2010 Intertrust Technologies / Revision 7157
OnEvent - > BEGIN [SHI_TRANSACTION_TYPE_SERVICE_TOKEN_PROCESSING]
OnEvent - > PROGRESS: ...
OnEvent - >> BEGIN [SHI_TRANSACTION_TYPE_LICENSE_ACQUISITION]
OnEvent - >> PROGRESS: ...
OnEvent - >> EVENT: event type 9
OnEvent - >> PROGRESS: ...
OnEvent - >> END: code=0, message=''
OnEvent - > PROGRESS: ...
OnEvent - > END: code=0, message=''
OnEvent - DONE
======================================================================

The redemption of the Action Token resulted in receiving a file bb_user_bound_license_action_token.xml.

To interrogate the license supply the relevant contentIds to WasabiSushiAction:

WasabiSushiAction Perform Play license_user_bound.xml
urn:marlin:organization:hms:8puslic:00000000010f510070000000000000007f00000000000100
urn:marlin:organization:hms:8puslic:00000000010f510070000000000000007f00000000000101

==== Sushi Action V1.0 =============================================
SDK API Version: 0.1.1.6
SDK IMP Version: 1040000
SDK IMP Build:   7157
SDK IMP Details: (c) 2005-2010 Intertrust Technologies / Revision 7157
Action Result: GRANTED
Action Result Info Flag(s):
KEY 0 = 000102030405060708090a0b0c0d0e0f
KEY 1 = 000102030405060708090a0b0c0d0e0f
======================================================================

• To distribute content to various Marlin devices, you need to understand the interfaces required by your customers’ devices
• The device will provide interfaces for processing Marlin Action Tokens or MS3 URLs as part of its content acquisition workflow. Typically, these interfaces are implemented through browser plug-ins that are invoked in JavaScript on your store’s web page
• In the request to HMS, you supply all the information necessary for a content license and HMS sends you back an Action Token or an MS3 URL to pass to your customer’s device
• Once you transfer the value retrieved from HMS to the device, the device’s Marlin DRM system contacts HMS and redeems the value to obtain the rights to the content
• Through this entire interaction, HMS does not store any of your data. All the necessary information required to issue the content rights is encrypted in the Action Token or the MS3 URL returned from the REST API

• A downloadable set of binary tools is available to encrypt content
• These tools allow you to encrypt and package MP4 and MPEG-2 TS media into Marlin-protected content
• Tools also support other formats

• Verify using the supplied command line tools
• Verify using a Marlin-enabled device

Bluewhale Overview

Overview

Wasabi in-depth

• What is Wasabi
• Wasabi API
• Wasabi on Mobile
• Wasabi on STB/TV
• Wasabi for HTML5

Wasabi w/ Integrated HW Security

Wasabi w/o Integrated HW Security

Wasabi SDK Architecture

• Wasabi Developer's Guide
  • High Level description of the APIs
  • Tells which API is available for which system (desktop, mobile, STB)
• Wasabi SDK API C Developer's Guide
  • In-depth documentation of the Wasabi C APIs
• Wasabi Extensions
  • Addresses PlaylistProxy for mobile and Wasabi Chromium integration

Availability

• iOS and Android Platforms

HTTP Proxy functionalities

• License / MS3 SAS Evaluation
• Content Decryption
• Serves decrypted content (HLS format)

Use of the native player to render the content

• Connect to obfuscated local URL (to the proxy)
• Saves battery life

Example: iOS Playlist Proxy

// create and start the proxy
WSB_PlaylistProxy* proxy = NULL;
WSB_PlaylistProxy_Create(&proxy);
WSB_PlaylistProxy_Start(proxy);

// get a proxy URL to feed the native player
const char* proxy_url;
WSB_PlaylistProxy_MakeUrl(proxy,
                          ms3_url,
                          WSB_PPMST_SINGLE_FILE,
                          NULL,
                          &proxy_url);

// now feed the proxy_url to the player (iOS specific code)
MPMoviePlayerControlller* player = NULL;
player = [[MPMoviePlayerController alloc] initWithContentURL:proxy_url];
[player play];
...

// cleanup after content is done
[player release];
WSB_PlaylistProxy_Stop(proxy);
WSB_PlaylistProxy_Destroy(proxy);

• Sushi API
  • Retrieves BB objects (Registration, Licenses)
  • Access to DRM Metadata (Registration Status, etc...)
• WSB_LicenseStore
  • Stores/Finds BB licenses based on Content IDs
• WSB_MediaFile
  • Access to file/stream metadata (e.g. DRM Content ID)
• WSB_PlaybackEnabler
  • Retrieves / Evaluates Rights (BB or MS3)
  • Populates the Key Manager

• WSB_KeyManager
  • Stores the Keys to be used in the Media Stack
• WSB_EcmDecrypter (MPEG2TS)
  • Works in conjunction with the Native Hardware Demux
  • Decrypts traffic keys (Control Words) to be programmed in HW Demux
• Bento4 (MP4)
  • General MP4/ISO/Common file format parsing library
  • Supports PDCF/Common file format/IPMP encryption/decryption

// create a license manager object
class LicenseRetriever {
public:
    // forwarding method
    static void OnEvent_(SHI_EngineListener     self,
                         SHI_EngineEventType    type,
                         const SHI_EngineEvent* event) {
        ((LicenseRetriever*)self.instance)->OnEvent(type, event);
    }

    // constructor
    LicenseRetriever() : m_DrmEngine(NULL), m_LicenseStore(NULL) {
        // create a drm engine with ourselves as a listener
        SHI_EngineConfig config;
        const SHI_EngineListenerInterface iface = { OnEvent_ };
        config.flags = 0;
        config.listener.iface = &iface;
        config.listener.instance = (SHI_EngineListenerInstance*)this;
        SHI_Engine_Create(&config, &m_DrmEngine);

        WSB_LicenseStore_Open(&m_LicenseStore);
    };
    ...

    void OnEvent(SHI_EngineEventType type, const SHI_EngineEvent* event) {
        switch(type) {
            case SHI_ENGINE_EVENT_LICENSE_DATA_RECEIVED: {
                SHI_LicenseDataReceivedEvent* lic_event = NULL;
                lic_Event = (SHI_LicenseDataReceivedEvent*)event;
                WSB_LicenseStore_AddLicense(store, lic_event->data,
                                            lic_event->size, NULL, NULL);
                break;
            }
            ...
    }

    WSB_Result ProcessToken(const char* lic_token) {
        return SHI_Engine_ProcessServiceToken(lic_token);
    }

private:
    // members
    SHI_Engine*       m_DrmEngine;
    WSB_LicenseStore* m_LicenseStore;
};

// using our object
LicenseRetriever* retriever = new LicenseRetriever;
retriever->ProcessToken(my_license_token);

Using Wasabi with a Hardware DeMux

Choosing the right approach for your needs

• Build your own player using the WSB_Player API
  • More work but more control
• Use our Chromium/Berkelium build
  • The <video> and <audio> tags go through our secure media stack
  • Interact with the DRM servers using our Javascript DRM API

The Wasabi Player API (WSB_Player) allows you to do the following

• Set Outputs (audio and video)
  • You can specify which window you want to use to render your content
• Specifying your input
  • Can be an MS3 or a content URL
  • Use of dedicated schemes (hls:// for HLS, dash:// for DASH etc...) and/or mime types
• Playback Controls
  • Pause, Stop, Seek, Volume
• Get Notified with Events
  • Timecode, decoder state, drm state etc...

You Build your own player and content service using HTML5, JavaScript and CSS 3.

MS3 Example

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="utf-8" />
    <title>MS3 Video Player Example</title>
</head>
<body>
    <video controls width="480" height="320" id="video">
        <source src="https://hms-test.intertrust.com:8443/hms/ms3...">
    </video>
</body>
</html>

Key and Trust Management

• Secure Key Box (aka Sockeye)
• How to get keys from Seacert
• Provisioning keys
  • Factory
  • Seacert Online Provisioning Service
  • Custom
• Trust Management for OTT Ecosystems

What Sockeye is?

• Allow an application to work with keys and secret data without having access to them in memory.
• Use hardware-assisted security on capable processors
• Use whitebox cryptography on downloaded applications for PCs and Mobile

What Sockeye is not?

• Sockeye is not for verifying trust

• SKB (Secure Key Box) API in C
• SKB Documentation (Implementer’s Guide)
• SKB Software Implementation
• SKB Test Suite

• Fully implements the SKB API
• Provided as standalone source code
• No external dependencies
• May be used as a code base for porting and adapting

• SKB_Engine
• SKB_SecureData
  • AES Key
  • RSA Private Key
  • Arbitrary Data

• SKB_Transform
  • Sign
    • HMAC, RSA
  • Verify
    • HMAC
  • Digest
    • SHA1, SHA256
• SKB_Cipher
  • Encrypt/Decrypt
  • Normal/High Speed
• SKB_Derivation
  • Slice, Iterative-Digest

What is Trust Management?

• A trust management framework allows independent entities to trust one another through a Trust Authority that distributes risk and responsibilities among these entities
• A Digital Rights Management (DRM) framework may combine multiple types of trust management relationships

Independent entities:

• Content providers
• Commerce Service providers
• On line retailers
• Device providers
• Software client providers

All need to cooperate under well-defined protocols and policies

• The Publishing ecosystem distributes functionality among many components
• Failures of trust and security are also distributed
• A Trust Authority takes a systemic view and equitably and optimally distributes risk management functionality among those components
• These distributed risk management responsibilities must be incorporated into agreements

• Entities need to cooperate and allow
  • Interoperability of formats and protocols
  • Maintenance of policies and security processes that protect content and business models
• Each entity needs to trust other entities regarding proper implementation of policies and procedures
• Requires interoperable methods for automated authentication, authorization, remediation
• Requires agreements concerning limitations of liability, specific obligations, privileges, consequences

To provide the framework for cooperation with three main functions:

• Originates and maintains agreements
• Provides framework for electronic credentials and licenses following a ecosystem defined Trust Model
  • Entities get well-defined roles defining what services they are trusted to provide
  • Trust delegation allows scalability of processes
  • Remediation planning allows orderly maintenance of trust
• Actuates remediation processes

Trust Authority Contractually:

• Sets criteria under which a device may receive cryptographic credentials -- compliance and robustness rules
• Authorizes issuance of device cryptographic credentials -- Registration Authority
• Requires service providers to rely on asserted properties of device as part of releasing content keys to device

Certification Authority Technically:

• Generates and manages Trust Anchors (and other) private keys
• Employs processes to prevent compromise of private keys
• Uses private keys to sign certificates only when authorized
• Provides remediation for issued certificates or credentials

Trust Authority and Certificate Authority need to be highly reliable or immune from faults

• Secure boot rooted in a hardware and/or tamper resilient trust mechanism
• Secure management of Ecosystem and DRM Keys
• Ensure integrity of trust anchors relied upon by the ecosystem authentication services and the DRM
• Supports authenticated communications between the device and ecosystem services
• May enable an application security model to ensure the integrity and trustworthiness of applications

How to get access to the code

Implementation technology is available from Intertrust.

The Wasabi Marlin Client SDK, Bluewhale Marlin Broadband Server and packaging tools are available for evaluation :

http://www.intertrust.com/agreements/code_eval

Information regarding the Intertrust's Hosted Marlin Service HMS may be found at:

https://www.hostedmarlin.com/

The media packaging tools are available from Bento4.com