CPTWG Jan. 2002

MacroSafeTM System

A Solution for Secure Digital Media Distribution

Presentation to the CPTWG

Jan. 15, 2002

MacroSafeTM System

A Solution for Secure Digital Media Distribution

Presentation to the CPTWG

Jan. 15, 2002

CPTWG Jan. 2002 2

Problem Statement Problem Statement

The lack of a highly secure, flexible and easy to use system to protect, consume and distribute high value content via the Internet is one factor that has limited the distribution of high value content and the associated revenue opportunities

The lack of a highly secure, flexible and easy to use system to protect, consume and distribute high value content via the Internet is one factor that has limited the distribution of high value content and the associated revenue opportunities

CPTWG Jan. 2002 3

Customer Requirements Customer Requirements Highly secure, end-to-end solution Seamless interface with existing e-Commerce infrastructures Scalable architecture to cost effectively support growing

demand No change to existing content authoring workflows Media agnostic – usable with any type of compression or file

format Support for different means of distribution Support for flexible business models Able to be ported to other devices: STBs, PVR, HMS High quality user experience

Highly secure, end-to-end solution Seamless interface with existing e-Commerce infrastructures Scalable architecture to cost effectively support growing

demand No change to existing content authoring workflows Media agnostic – usable with any type of compression or file

format Support for different means of distribution Support for flexible business models Able to be ported to other devices: STBs, PVR, HMS High quality user experience

CPTWG Jan. 2002 4

Macrovision’s Strategy Macrovision’s Strategy Leverage its “best in class” security technologies and

products to develop a highly secure, end-to-end solution• Analog Copy Protection

– Customers: Content Owners, HW Man., IC Man.– Technology: Patented, analog-centric

• SafeWrap/SafeCast/SafeDisc consumer software copy protection and DRM

– Customers: Microsoft, EA, Digital River, Borland– Technology: Tamper Hardening, Tamper Evidence, DRM

• Flexlm, GTlicensing business software license management– Customers: Sun, Cadence, SGI, AutoDesk, ReleaseNow – Technology: License Generation, DRM

• SafeAudio audio CD copy protection– Currently in trials

Leverage its “best in class” security technologies and products to develop a highly secure, end-to-end solution• Analog Copy Protection

– Customers: Content Owners, HW Man., IC Man.– Technology: Patented, analog-centric

• SafeWrap/SafeCast/SafeDisc consumer software copy protection and DRM

– Customers: Microsoft, EA, Digital River, Borland– Technology: Tamper Hardening, Tamper Evidence, DRM

• Flexlm, GTlicensing business software license management– Customers: Sun, Cadence, SGI, AutoDesk, ReleaseNow – Technology: License Generation, DRM

• SafeAudio audio CD copy protection– Currently in trials

CPTWG Jan. 2002 5

Macrovision’s Strategy (cont.) Macrovision’s Strategy (cont.) Acquire new technology

• Investments in companies– Digimarc - watermarking– NTRU - encryption– RioPort – media distribution– Command Audio – media distribution– Widevine – encryption and tamper evidence– iVAST – MPEG-4 and media distribution– Digital Fountain – media distribution

• Purchase IP and patents– AudioSoft– MediaDNA– Others

Acquire new technology• Investments in companies

– Digimarc - watermarking– NTRU - encryption– RioPort – media distribution– Command Audio – media distribution– Widevine – encryption and tamper evidence– iVAST – MPEG-4 and media distribution– Digital Fountain – media distribution

• Purchase IP and patents– AudioSoft– MediaDNA– Others

CPTWG Jan. 2002 6

MacroSafe System ArchitectureMacroSafe System Architecture

Encrypted Certificate

Transaction E-commerce Server

DRM Server

Publisher And

Parser

IPMP Insertion

Authoring System

Download Server

Content Repository

Media Control

Terminal Or

Codec

DRM Validation

Decryption Engine

Secure Registry

HTML Browser

MVSN Client

T A M P E R

R E S I S T A N C E

T A M P E R

E V I D E N C E

Quality of Service

Tamper Detection

DRM Control

PeopleSoft, SAP, Oracle

Cypher Service

With Signing

Verification

File Format Validation Tool

SOAP, TCP/IP, CORBA, RMI

Watermark Detection

Watermark Embedding

PUBLISHER

C L I E N T

Analog Video Out

Digital Video Out

Analog Copy

Protection

Digital Copy

Protection

CPTWG Jan. 2002 7

MacroSafe System ArchitectureMacroSafe System Architecture

Encrypted Certificate

Rights

Transaction E-commerce Server

DRM Server

Publisher And

Parser

IPMP Insertion

Authoring System

Streaming Server

Download Server

Dynamic Encryption

HW Content Repository

Installation And

Renewal Server

Media Control

Terminal Or

Codec

DRM Validation

Decryption Engine

Secure Registry

HTML Browser

MVSN Client

T A M P E R

R E S I S T A N C E

T A M P E R

E V I D E N C E

Quality of Service

Tamper Detection

DRM Control

PeopleSoft, SAP, Oracle

Cypher Service

With Signing

Verification

Renewal Service

Certificate Service

File Format Validation Tool

SOAP, TCP/IP, CORBA, RMI

Watermark Detection

Watermark Embedding

Analog Video Out

Digital Video Out

Analog Copy

Protection

Digital Copy

Protection

CPTWG Jan. 2002 8

Server-Side ComponentsServer-Side ComponentsPublisher

• Rights and encryption strategy defined• IPMP placeholders added to content stream

– During encryption, the placeholders are replaced with encrypted “content decryption keys”

• Metafile generated

Cypher Service• 192-bit, AES encryption• Content is encrypted before being stored in the content

repository• Manages the Key Escrow

Content Repository• Series of one or more network disk volumes• Stores encrypted content and metafile

Publisher• Rights and encryption strategy defined• IPMP placeholders added to content stream

– During encryption, the placeholders are replaced with encrypted “content decryption keys”

• Metafile generated

Cypher Service• 192-bit, AES encryption• Content is encrypted before being stored in the content

repository• Manages the Key Escrow

Content Repository• Series of one or more network disk volumes• Stores encrypted content and metafile

CPTWG Jan. 2002 9

Server-Side Components (cont.)Server-Side Components (cont.)DRM Server

• Slave to the E-commerce system, but master to the DRM system

– Coordinates all activities in the DRM system– Controls key generation, content encryption,

content and certificate delivery

Streaming Server• Streams encrypted content to the client

Download Server• Transfers encrypted content files to the

client

DRM Server• Slave to the E-commerce system, but

master to the DRM system– Coordinates all activities in the DRM system– Controls key generation, content encryption,

content and certificate delivery

Streaming Server• Streams encrypted content to the client

Download Server• Transfers encrypted content files to the

client

CPTWG Jan. 2002 10

Client ComponentsClient ComponentsDRM Validation

• Determines if the client has the rights to do the requested action, with the selected content

• Compares the requested action vs. the rights given to the client in the certificates stored in the Secured Registry

Decryption Engine• Decrypts content keys• Decrypts content using decrypted content keys and

enables viewing of content by authorized users

DRM Control• Manages and controls all access to the Secured Registry

DRM Validation• Determines if the client has the rights to do the

requested action, with the selected content• Compares the requested action vs. the rights given to

the client in the certificates stored in the Secured Registry

Decryption Engine• Decrypts content keys• Decrypts content using decrypted content keys and

enables viewing of content by authorized users

DRM Control• Manages and controls all access to the Secured Registry

CPTWG Jan. 2002 11

Client Components (cont.)Client Components (cont.)Secured Registry

• A secure container to store:– Component Signatures used to detect tampering– Client’s certificates (ie. the user’s rights)

• Locked to a specific computer• The only access to the Secured Registry is by

using trust authenticated controlsQuality of Service

• Validates that content has been received so that the E-Commerce system can complete the payment transaction

Secured Registry• A secure container to store:

– Component Signatures used to detect tampering– Client’s certificates (ie. the user’s rights)

• Locked to a specific computer• The only access to the Secured Registry is by

using trust authenticated controlsQuality of Service

• Validates that content has been received so that the E-Commerce system can complete the payment transaction

CPTWG Jan. 2002 12

Macrovision’s Solution - MacroSafe Macrovision’s Solution - MacroSafe

Highly secure, end-to-end solution• Frame-based deep encryption, 192-bit AES• Multi-layer encryption, similar to CA

– Content key– License key– Signing and authentication

• Ability to revoke compromised clients• Client to Server communication uses signatures

for authentication

Highly secure, end-to-end solution• Frame-based deep encryption, 192-bit AES• Multi-layer encryption, similar to CA

– Content key– License key– Signing and authentication

• Ability to revoke compromised clients• Client to Server communication uses signatures

for authentication

CPTWG Jan. 2002 13

Macrovision’s Solution - MacroSafe Macrovision’s Solution - MacroSafe Highly secure, end-to-end solution (cont.)

• Multiple layers of client security– Tamper Hardening – obfuscation, debugger detection,

encryption, etc.– Tamper Evidence – Module signatures compared to

signatures stored in Secure Registry– Tamper Detection – Self-revocation if tampering is detected,

requiring renewal– Secure registry – contains module signatures and certificates– Trust authentication - During runtime, module-to-module

communication checked for man-in-the-middles attacks– Client locked to a specific computer– Continuous security updates to code

Highly secure, end-to-end solution (cont.)• Multiple layers of client security

– Tamper Hardening – obfuscation, debugger detection, encryption, etc.

– Tamper Evidence – Module signatures compared to signatures stored in Secure Registry

– Tamper Detection – Self-revocation if tampering is detected, requiring renewal

– Secure registry – contains module signatures and certificates– Trust authentication - During runtime, module-to-module

communication checked for man-in-the-middles attacks– Client locked to a specific computer– Continuous security updates to code

CPTWG Jan. 2002 14

Macrovision’s Solution - MacroSafe Macrovision’s Solution - MacroSafe

Seamless interface with existing e-Commerce infrastructures• MacroSafe is a subsystem to the e-commerce

system or SMS• Interfaces to e-commerce using industry

standards– SOAP, RMI, TCP/IP, CORBA

• Certificates generated using industry standards– XML, XrML, XMCL, ORDL

Seamless interface with existing e-Commerce infrastructures• MacroSafe is a subsystem to the e-commerce

system or SMS• Interfaces to e-commerce using industry

standards– SOAP, RMI, TCP/IP, CORBA

• Certificates generated using industry standards– XML, XrML, XMCL, ORDL

CPTWG Jan. 2002 15

Macrovision’s Solution - MacroSafe Macrovision’s Solution - MacroSafe

Scalable architecture to cost effectively support growing demand • Distributed architecture allows servers operating

in parallel• Java-based server applications run on Unix,

Linux and Windows platforms

Scalable architecture to cost effectively support growing demand • Distributed architecture allows servers operating

in parallel• Java-based server applications run on Unix,

Linux and Windows platforms

CPTWG Jan. 2002 16

Macrovision’s Solution - MacroSafe Macrovision’s Solution - MacroSafe

No change to existing content authoring workflows• Separate authoring and publishing• Author once for multiple distribution methods• Pricing, usage rules and content package are

independent

No change to existing content authoring workflows• Separate authoring and publishing• Author once for multiple distribution methods• Pricing, usage rules and content package are

independent

CPTWG Jan. 2002 17

Macrovision’s Solution - MacroSafe Macrovision’s Solution - MacroSafe

Media agnostic – usable with any type of compression or file format• Audio, Video, Software, Text, .pdf• MPEG-1, MPEG-2, MPEG-4• AAC, MP3, WMA, others• Real, Microsoft, QuickTime

Media agnostic – usable with any type of compression or file format• Audio, Video, Software, Text, .pdf• MPEG-1, MPEG-2, MPEG-4• AAC, MP3, WMA, others• Real, Microsoft, QuickTime

CPTWG Jan. 2002 18

Macrovision’s Solution - MacroSafe Macrovision’s Solution - MacroSafe

Support for different means of distribution: • Download, streaming, pre-packaged• “Push” and “Pull” business models supported

– Download or stream to a specific consumer– Datacast to a large audience

• Peer-to-Peer super-distribution supported

Support for different means of distribution: • Download, streaming, pre-packaged• “Push” and “Pull” business models supported

– Download or stream to a specific consumer– Datacast to a large audience

• Peer-to-Peer super-distribution supported

CPTWG Jan. 2002 19

Macrovision’s Solution - MacroSafe Macrovision’s Solution - MacroSafe

Support for flexible business models• Rental• Purchase• Subscription• Time restricted playback• Number restricted playback• PPV• VOD• Super Distribution

Support for flexible business models• Rental• Purchase• Subscription• Time restricted playback• Number restricted playback• PPV• VOD• Super Distribution

CPTWG Jan. 2002 20

Macrovision’s Solution - MacroSafe Macrovision’s Solution - MacroSafe

Able to be migrated to other devices: STB, PVR, HMS• Complements CA and other copy management

schemes• Java-based client compatible with Windows,

Linux and STBs running DVB-J• Client’s skin can be easily customized for

branding or specific applications• Rights definitions map into CCI states

Able to be migrated to other devices: STB, PVR, HMS• Complements CA and other copy management

schemes• Java-based client compatible with Windows,

Linux and STBs running DVB-J• Client’s skin can be easily customized for

branding or specific applications• Rights definitions map into CCI states

CPTWG Jan. 2002 21

Macrovision’s Solution - MacroSafe Macrovision’s Solution - MacroSafe High Quality User Experience

• Security is transparent to the user• DVD-like video and audio quality and user controls• Frame-based encryption enables trick-play of encrypted

media• Java-based client compatible with

– Win98, WinMe, WinNT, Win2K, WinXP– Linux– Mac OSX

• QoS feedback loop signals e-commerce system when media has been successfully transferred

• Supports “fair use”

High Quality User Experience• Security is transparent to the user• DVD-like video and audio quality and user controls• Frame-based encryption enables trick-play of encrypted

media• Java-based client compatible with

– Win98, WinMe, WinNT, Win2K, WinXP– Linux– Mac OSX

• QoS feedback loop signals e-commerce system when media has been successfully transferred

• Supports “fair use”

CPTWG Jan. 2002 22

ScheduleSchedule

Content Download to PC Client• Customer Trials – 3Q2002• Production Release – 4Q2002

Streaming to PC Client• Customer Trials – 4Q2002• Production Release – 1Q2003

Content Download to PC Client• Customer Trials – 3Q2002• Production Release – 4Q2002

Streaming to PC Client• Customer Trials – 4Q2002• Production Release – 1Q2003

CPTWG Jan. 2002 23

Summary - MacroSafe Summary - MacroSafe Highly secure, end-to-end solution Seamless interface with existing e-Commerce infrastructures Scalable architecture to cost effectively support growing

demand No change to existing content authoring workflows Media agnostic – usable with any type of compression or file

format Support for different means of distribution Support for flexible business models Able to be ported to other devices: STBs, PVR, HMS High quality user experience

Highly secure, end-to-end solution Seamless interface with existing e-Commerce infrastructures Scalable architecture to cost effectively support growing

demand No change to existing content authoring workflows Media agnostic – usable with any type of compression or file

format Support for different means of distribution Support for flexible business models Able to be ported to other devices: STBs, PVR, HMS High quality user experience

CPTWG Jan. 2002 24

For more information, contact:For more information, contact:

Kirby J. KishMacrovision408-743-8510

kkish@macrovision.com

Kirby J. KishMacrovision408-743-8510

kkish@macrovision.com