Time Warner Cable Picks Security for Big TVE Push

Fred Ellis, GM & director, business operations, Motorola Mobility

Fred Ellis, GM & director, business operations, Motorola Mobility

May 24, 2012 – Time Warner Cable is taking its TV Everywhere initiative to the next level with support for streaming to multiple types of devices in a way that minimizes the hassles of dealing with myriad device platforms.
Now that transcoding systems from many vendors are available to support a streamlined approach to multiscreen service delivery, the biggest challenge to expanding the device ecosystem for TVE is the need to maintain rigorous security at all points. To accomplish this without running separate security systems for each device category TWC is turning to Motorola Mobility’s SecureMedia platform, says Mike Hayashi, executive vice president for architecture, development and engineering at TWC.

“Our consumers are watching more media on more screens,” Hayashi says. “We’re invested in making that experience as seamless and enjoyable as possible.”

The surprisingly strong consumer demand for multiscreen services, which many MSOs, including TWC, began distributing to connected Apple devices just last year, has prompted operators to look for efficient ways to expand the device base. The emergence of the Apple HTTP Live Streaming (HLS) mode as the de facto standard for most tablets, smartphones and connected TVs has simplified matters, but nuances surrounding the way security is implemented with HLS require advanced solutions.

Motorola’s SecureMedia unit, like other leading content protection suppliers in the connected-device space, has developed means by which operators can meet security requirements on all HLS-connected devices from a single platform. “We selected SecureMedia because it streamlines the way we distribute secure video to multiple devices,” Hayashi says, adding that the choice was influenced by Motorola’s long-standing role as a leading supplier of TV security to the cable industry.

SecureMedia does not address security requirements for devices served by Microsoft’s Smooth streaming system, which remains dominant in the PC space and for delivering content to the Xbox. “We could have taken that path, but there’s no demand for it,” says Fred Ellis, general manager and director of business operations at Motorola Mobility.

As Ellis notes, content protection associated with high-value video streamed over the Smooth adaptive rate (AR) system is invariably part of a closed environment that employs Microsoft’s PlayReady security mechanisms. And the other AR system vying for mainstream status, HTTP Dynamic Streaming (HDS), which Adobe introduced as an alternative to the legacy Real Time Messaging Protocol used with Flash, hasn’t taken hold in the premium content market.

Nonetheless, things are still in flux. Microsoft, along with making known it is supporting HLS when situations call for delivering HLS-compatible content, has joined with Adobe and a multitude of other entities to support the emerging MPEG DASH (Dynamic Adaptive Streaming over HTTP) protocol. Motorola will be there with an MPEG DASH compatible version of its SecureMedia Encryptonite ONE solution when the time is right, Ellis says, but, for now, the environment to focus on is HLS.

“There’s been a lot of publicity surrounding MPEG DASH, but there are issues to be resolved before it goes main stream,” he says. “We’ll see some commercial implementations maybe by the end of 2012, but it won’t be prime time until sometime next year.”

Until then there are plenty of complications to address in the HLS domain. Given the range of devices, interpretations of HLS-compatible content protection and areas of idiosyncratic vulnerability associated with each manufacturer’s designs, keeping up with what’s required for premium content in the HLS domain is a rigorous process, Ellis notes.

As new devices come out they must be checked for any new security vulnerabilities, he says. “We do our own tests and then go through an approval process with the studios to verify our security system is meeting their requirements on a given device,” he explains. “If an operator has a device they want to add [on a TVE system protected by SecureMedia] that hasn’t been certified, we have to put it through the tests before they can do that.”

These days, after a long period of development in the HLS domain, “most devices can run our security as an app-level solution at lower screen resolutions,” he adds. “But when it gets to HD resolution, we typically have to work with manufacturers and make modifications as we go along to provide the full level of protection for that level of resolution.”

The company prides itself in being quick to identify and test important new devices when they hit the market. “The Kindle Fire is a good example of that,” Ellis says. “We were certified early ahead of anyone on that device, which gave our customers a market lead over their competitors.”

From a technology standpoint, Motorola has all the bases covered to enable rapid certification as new devices come onto the market. “We can stay with the pace provided the devices can be secured without special tweaks,” Ellis says. “But if, for example, something has an HDMI output that doesn’t have an HDCP control it can be a problem.”

The reference is to the standard High-Bandwidth Digital Content Protection studios require on the HD Multimedia Interface connections used to port content from connected devices to TV sets. Sometimes it’s possible to implement a special software fix that provides protection against unauthorized content porting, but that’s not always the case.

In general, manufacturers are being more cooperative in developing premium protection-friendly devices, Ellis says. “But they’re not all moving in the same direction,” he adds.

Given the increasing role of connected devices for delivering premium content in HD as release windows grow shorter, new requirements are on the horizon that will require more advances in protection and cooperation with manufacturers. “We will have to work with manufacturers to ensure the solutions are embedded in their devices as things like secure root of trust certification become mandatory,” Ellis says.