Multi-Screen Upheaval Mandates New Tactics for Securing Content

Fred Ellis, COO, SecureMedia

Fred Ellis, COO, SecureMedia

November 12, 2009 – Massachusetts-based SecureMedia, having found a ready market for its content protection solutions abroad, believes the time is ripe for North American MSOs and telcos to take advantage of its innovations as well.

It's not alone. Several suppliers, most based outside the U.S., who have been addressing advanced service security requirements across Europe and Asia, sense the strategic shifts that have driven demand for their solutions in other parts of the world will soon drive domestic service providers to rethink their approaches, which generally are characterized by reliance on single suppliers tied to legacy cable TV and IPTV platforms.

"I see the U.S. as a great potential market for us," says Fred Ellis, COO at Secure Media. "But at this point 50 to 60 percent of our activity has come from Europe and the vast majority of that from Eastern Europe. And now we're engaged in a number of things that are going on in the Middle East, Asia and Africa."

So far, independent providers of IP-based systems that are designed to fluidly deliver CA (conditional access) -quality security together with the policy enforcement dynamism of DRM (digital rights management) across multiple viewing platforms have met with limited success in their efforts to penetrate the North American market. While players like Widevine and Verimatrix have won contracts in the Tier 3 telco market and occasionally have cracked the Tier 2 level, Tier 1 telco and cable have been out of reach.

In North America SecureMedia hopes to leverage a track record that includes broad integration of its security solutions across the middleware, systems integration, content aggregation, set-top and server ecosystem. For example, Ellis notes, "Ericsson uses our solution in their IPTV offering. We're integrated with Amino, Entone, Motorola and many other set-top OEMs. We're the DRM for the Web content distribution platform supplied by Move Networks to Cable %26 Wireless. There's a long list of partnerships."

On the telco side of the North American market there are signs that things are starting to change at the Tier 1 level, Ellis says. "The Tier 1s chose fully integrated IPTV solutions as their best approach to getting to market quickly and building scale," he notes. "But as those markets mature they're going to want alternative choices. We're seeing them start to make decisions to change to new providers."

For smaller telcos, who have relied on pre-integrated solutions from single IPTV suppliers often at great costs and with limited flexibility to develop revenue-driving differentiated services, the challenges associated with moving to a more open field of suppliers are greater, since they don't have the wherewithal to patch the pieces together in house. "Until there's a more complete support ecosystem for evaluating and integrating separate components, the IOC (independent operating company) market will sputter along," Ellis says.

Perhaps the arena with the most potential for a dramatic break with content protection strategies of the past is cable, where the TV Everywhere agenda and the emergence of advanced set-tops with removable security portend major opportunities for new solutions. "We see a huge opportunity in cable beyond the set-top box," Ellis says.

As cable operators turn to the all-software, high-security solutions that TV Everywhere will require, "there may be an opportunity to replace today's set-tops with lower costs terminals that use software-based CA systems," he adds. Indeed, given the cable industry's intensifying focus on the need to accelerate migration to convergence over IP, the cost-savings attending new concepts about gateways and low-cost IP devices running software-based security have become a key part of the discussion.

"We'll go out everywhere with TV Everywhere to PCs and mobile," Ellis says. "Once they get there, the next step is how to enhance these capabilities to encompass the entire residential network and device foundation for advanced services, including gaming, interactive TV, home media management and the like. That will start the final transition, because as they implement whole-home multi-device solutions, they won't continue to rely on traditional cable CA-based boxes as old boxes wear out or as new customers come in."

A supporting element in this transition will be the fact that, having embraced removable security as a government-mandated expense in digital set-tops, operators are gradually seeding the market with high-end boxes for high-end customers, Ellis adds. These terminals are running on next-generation chipsets that could easily accommodate downloadable conditional access security, eliminating the need for the removable cable cards.

"That's where the opportunity exists for us," he says. "We can implement a field update across, say, 200,000 subscribers who are served by custom cable card-based solutions on existing hardware. Overnight the smart card solution can be disabled and replaced by our downloadable security solution, which immediately cuts costs by eliminating the need to deliver cards to new subscribers. And it gives the operator a much easier, more flexible way to manage security."

As Secure Media explores opportunities with state-side service providers it is working with Hollywood studios to devise solutions that combine the flexibility, cost effectiveness and ironclad security which content suppliers need to implement new business models tied to new modes of distribution. The company believes the technical details that distinguish its all-software approach to security are instrumental to satisfying these needs.

"Our focus from the start was to develop a client component light enough to port to every platform," Ellis says. "It has to be small, processing efficient and memory efficient, yet secure enough to meet studio requirements."

He says the company's ultra-light client, along with being deployable on virtually any device, including handhelds, is designed to run a common encryption scheme for persistent protection across broadcast and on-demand content, including DVR and network DVR applications. The company's Encryptonite ONE System has platform extensions that allow for selectable digital forensics, DVB Simulcrypt, rapid middleware integration and configurable security parameters for diverse levels of content quality.

"We're getting very good responses from the studios," Ellis says. "The requirements are constantly expanding as the agenda moves beyond the PC and as they look for protection that applies to very high-quality content, where there's increased value and ROI. Really, it's about getting to a point where there's no difference between the quality and value of what's available on the set-top and what's available on the PC, which means the protection has to meet the highest standards and track the same methodology and processing across all devices."

That's a tall order where a one-client-fits-all strategy won't work, Ellis adds. "Many DRMs are tied to a single PC player," he notes. "We're working with customers to give them a choice of the PC components they want to use while securing the PC player to studio specifications."

Achieving required protection levels beyond the set-top also entails dealing with the in-the-clear vulnerabilities that occur over the PC internal bus once content is decrypted and at various interface junctions with other types of devices. SecureMedia's approach to dealing with these challenges starts with a process that only decrypts one frame at a time. Working in conjunction with tamper detection methods, the system is able to terminate decryption at the first sign of an attack.