Presentation on theme: "Seminario SMPTE tecnologie emergenti Rome, May23° -2012 Presented at JTG (Joint Technical Group) Marco Pellegrinato Vice President HD Forum Italia The."— Presentation transcript:
Seminario SMPTE tecnologie emergenti Rome, May23° Presented at JTG (Joint Technical Group) Marco Pellegrinato Vice President HD Forum Italia The Italian way to Hybrid Broadcast-Broadband services BROADBAND MEDIA DELIVERY Italian TV Platform goes OTT-TV
2 BROADBAND MEDIA DELIVERY Italian Platform goes OTT-TV TERRESTRIAL, SATELLITE, BROADBAND IP an Open, Interactive, Hybrid platform featuring support for Content Protection and Security Profile Italian TV Platform DTT SAT OTT an integrated all-digital smart solution since 2004
3 BROADBAND MEDIA DELIVERY Italian Platform goes OTT-TV Whos is who in Italian TV Platform Association of Digital Terrestrial Broadcasters and Network Operators (Rai, Mediaset, Telecom Italia Media, Dfree, Local stations through their associations ) for promotion and development of Italian digital Platform (founded in 2003) Industry-wide Association, constituted in 2006 for promoting HD and 3D application & services in Italy. The Association includes Broadcasters (Aeranti-Corallo, Mediaset, Rai, Sky Italia, Telecom Italia Media), Telco (Fastweb, Telecom Italia), Manufacturers (ADB, Panasonic, Philips, Samsung, Sony, ST, Telsey), Public Institutions (FUB) and Operators from various sectors (Eutelsat, SES Astra, Fracarro, Frame, IDS, SBP, Sisvel Tech) Joint Venture created in 2008 by the main Italian terrestrial Broadcasters (Mediaset, RAI and Telecom Italia Media), to provide Digital Satellite Free To Air television in areas not covered by terrestrial networks under the tivùsat brand. Active also on DTT as EPG Provider.
4 BROADBAND MEDIA DELIVERY Italian Platform goes OTT-TV SDHD D-Book 1.0 DVB-T SD (MPEG-2) V.90 modem MHP DVB-T e T2 (DTT) DVB-S e S2 (SAT) SD (MPEG-2) HD (H264AVC) 3D (Plano Stereos.) Ethernet MHP HD-Book Collection HD Book 2.0 DTT HD Book 1.0 SAT Specifications & Certification Program Since 2004 DGTVi has released baseline requirements for interoperability of DTT receivers with services offered by operators. Italian DTT has been interactive from day one. DGTVi choose, the DVB standard middleware, for this purpose. In 2008 HD Forum Italia joined DGTVi in specification activities when they entered into the new HD and Hybrid Broadcast Broadband (HBB) spaces Aligned HD and HBB specs for satellite were progressed during in collaboration between HD Forum Italia and Tivù Both DGTVi and Tivù have developed their own Logo programs, with related certifications, aiming to promote compliant products towards consumers
5 BROADBAND MEDIA DELIVERY Italian Platform goes OTT-TV Facts and figures Some 9.5 M first generation MHP SD DTT receivers have been sold since 2004 More than 1M MHP SD tivùsat receivers sold in 2 years of operation Around 1M DGTVi Gold Label certified HDTV devices already in the field: ADB, Fuba, Humax, Sagemcom, Telesystem +200 iDTV models passed DGTVi Gold Label Certification Program: LG, Loewe, Panasonic, Philips, Samsung, Sharp, Sony, Vestel Most of Connected TVs sold in Italy nowadays, besides coming with each manufacturers own widget portal, are also Gold Label More than 1.3 M Tivùsat compatible SD CAM (92%) & HD CAM (8%). About 1.8 M DGTVi compatible SD CAM (83%) & HD CAM (17%)
6 BROADBAND MEDIA DELIVERY Italian Platform goes OTT-TV Current OTT-TV Service offerings Broadband Media Delivery – GEM/MHP based OTT-TV Services DVB-T Free Regional TV News GEM / MHP DVB-T e Tivùsat – LCN 999 Widgets and Free OTTV Portal GEM / MHP Tivùsat tivùsat EPG GEM / MHP DVB-T Free Catch-up TV Services GEM / MHP DVB-T e Tivùsat – LCN 807 Free Catch-up TV Services GEM / MHP DVB-T – LCN 310 Pay Subscription On Demand TV GEM / MHP 1.1.3
7 BROADBAND MEDIA DELIVERY Italian Platform goes OTT-TV HDFI / DGTVi JTG current activity HD Book 2.1 DTT..new system requirements for DTT Italian platform 7 1 year later the v. 2.0 publishing kick off on April 19 th experts joined JTG (HDFI, Tivù, DGTVi, Industry) BAS Framework (1) and CENC (2) support included MPEG-DASH (3) support download HD Book DTT 2.1 its here: Published on January 2012 VOLUME 1 (1) BAS: Broadband Application Security (2) CENC: Common Encryption Format (3) MPEG-DASH: replaces OIPF-HAS in HD Book 2.0
8 BROADBAND MEDIA DELIVERY Italian Platform goes OTT-TV 1.Application Security: Introduction of a Security Framework for broadband applications. Support to generic BAS Framework ( * ) (Broadband Application Security) 2.Content Protection: DRM support to prevent content overspill over broadband distribution. Support to MPEG-CENC (Common Encryption Format) 3.Extended Broadband Media Delivery: alignment to the emerging standards in broadband content encoding and streaming. Support to MPEG –DASH ( ** ) (Dynamic Adaptive Streaming over HTTP) Support to IPv6 and manual IP Address settings (subnet, GTW, DNS prime & sec.) Support to HTTPS Streaming 4.Support to new AGCOM decision : Parental Control management (User PIN code mandatory on TV start up) 5.Plano Stereoscopic 3DTV DVB subtitle behaviour: user select 3DTV with no subtitle vs. HDTV with subtitle overlay 3DTV backward compatibility: verification test results upon n° 7 iDTV brands (2011/2012) : HDTV-2D compatibility: 11 platforms = 72% OK (8 approved; 2 pending; 1 conditional) 3DTV-3D compatibility: 12 platforms = 58% OK (7 approved; 4 pending; 1 conditional) 8 5 new topics added to HD Book 2.1 DTT HD Book 2.1 DTT (*) replace MHP Security solution selected in previous version (**) replace HAS (OIPF) solution selected in HD Book 2.0 DTT
9 BROADBAND MEDIA DELIVERY Italian Platform goes OTT-TV Target: Interactive HD receivers (STBs and iDTVs) Feature: ready for broadcast interactive and HD services plus protected OTT services A DGTVi Golden label receiver will be eligible also to tivùon! label by complying with the following specifications : tivùon! DRM Profile - Final 1.0, Marlin based DRM specifications tivùon! BAS Profile - Final 1.0, specific implementation profile of DGTVi/HDFI Broadband Applications Security (BAS) framework for securing OTT-TV applications. The 2 documents will be merged into tivùon CPAS 1.0 (Content Protection & Application Security), a tivùon! specific document for securing OTT-TV services with content delivery protection. + tivùon! label introduced by Tivù DGTVi related initiatives
10 BROADBAND MEDIA DELIVERY Italian Platform goes OTT-TV DTT SAT Tivùon HD Book 2.1 DTT (January 2012) Tivùon CPAS 1.0 (1) (April 2012) HD Book 2.0 SAT (June 2012) ISSUES PUBLISHER *CPAS: Content Protection & Application Security document will merge tivùon! BAS & DRM Profiles specifications into an independent publishing in the scope to implement tivùon! Services. tivùon! Profile : BAS + DRM specifications (2012) Tivù JTG current activity
11 BROADBAND MEDIA DELIVERY Italian Platform goes OTT-TV tivùon! Profile 11 Rationale The publishing of HD Book 2.1 DTT specification extended Italian digital platform with new features beyond that already included in previous release, they are: BAS Framework, Common Encryption Format: MPEG-CENC, Enhanced Streaming support: MPEG-DASH. Despite the Openness of a Digital Platform is considered a valuable plus for stakeholders, most of the Italian service providers and broadcasters needs could not be encompass by a set of open common specifications. Although DCA ( * ), Security, or Content Protection solutions to avoid illegal overspill on Internet are out of the scope of Open Platform, they would be realised trough specific Profiles on top of it. Reference model adopted to extend platform requirements to specific profiles is the following: Open Platform: set of common specifications which rely upon industry standards (DVB; ETSI; EITF; OIPF; ISO-MPEG). Multi Profiles: set of implementation specific criteria & service functionalities applicable on top of the Open Platform. other Profile implementation specific tivùon! Profile implementation specific tivùon! Profile implementation specific OPEN PLATFORM baseline requirements OPEN PLATFORM baseline requirements other Profile implementation specific DTT SAT OTT (*)DCA: Delegate Certification Authority
12 BROADBAND MEDIA DELIVERY Italian Platform goes OTT-TV BAS Framework: a public specification 12 Requirements security requirements provided to BAS compliant broadband applications are the followings: 1.Trusted source : selected applications download shall be allowed trough secure trusted servers only. 2.Trusted client: selected applications download shall be allowed to secure trusted devices only. 3.Device shunning: selected applications download for secure trusted devices may be restricted by some service providers. 4.Confidentiality: selected applications may be confidentially delivered to client devices. 5.Restricted resources: usage of selected APIs accessing sensible resources (e.g. tuner, semi-permanent memory,...) might be grant to selected applications only. 6.Restricted APIs: usage of specific APIs (e.g. API towards CAS cards) might be grant only to those applications delivered by selected service providers only.
13 BROADBAND MEDIA DELIVERY Italian Platform goes OTT-TV BAS Framework: a public specification Broadband Application Security (BAS), its a framework of the digital Italian platform designed in the scope to allows logical security elements to MHP based broadband applications. Bas framework has been developed by JTG (1). BAS consists of two complementary set of specifications: 1.BAS Framework, included into HD Book 2.1 DTT document, define a generic TLS infrastructure (transport layer security) with certificates and public keys. 2.BAS Profile, included into tivùon! BAS Profile document, define a specific implementation operated by a Trust Anchor (tivùon!) acting as Certification Authority, issuing system certificates. BAS exclusively applies to MHP applications downloaded by a broadband secure channel, alternatively, legacy broadcast MHP applications are out of the scope of BAS framework. Consequently they freely runs on tivùon! compliant devices. (1) JTG: Joint Technical Group. Is a technical team of experts participated by DGTVi; HD Forum Italia and Tivù How does it works.
14 BROADBAND MEDIA DELIVERY Italian Platform goes OTT-TV tivùon! BAS Profile 14 Certificate Requirements & Trust Anchor throughout the usage of X509v3 based Certificates, BAS provides the following feature: (fig. 1) 1.Device authentication throughout Platform Identity certificate PI-CRL 2.Service authentication throughout Server Identity certificate SI-CRL 3.Application authentication throughout Application Authorisation Certificate APPA-CRL 4.above elements are trusted by the same authority: tivùon! Trust Anchor
15 BROADBAND MEDIA DELIVERY Italian Platform goes OTT-TV tivùon! BAS Profile 15 How does it work 1.A system entity located on receiver stack is devoted to MHP resources management (DVB-GEM). System entity only grants access to those resources included in DVB-GEM Permission Request File (PRF) once MHP X.let is authenticated by BAS tivùon! Profile 2.BAS tivùon! Profile specifications configures DVB-GEM Resources into three hierarchical levels: Basic Resources: are those ones defined by DVB-GEM which can be accessed by any trusted application coming from an HTTPS server with a valid certificate. Currently there are no basic resources defined for a tivùon! compliant receiver. System Resources: are those ones controlled by the system entity under BAS conditions: (id 0x01) Marlin DRM Agent; (id 0x01) Persistent storage Private Resources: are those ones owned by single companies: (id 0x01) Application storage 3.BAS permission mechanism is based onto the following assumptions: an Xlet (with associated PRF file) is downloaded throughout an HTTPS server with mutual authentication based upon certificates. an Xlet may include one or more certificates to allows device to validate requests and grant access to resources.
16 BROADBAND MEDIA DELIVERY Italian Platform goes OTT-TV tivùon! BAS Profile 16 Platform Security Class level assignments 1.Current platform implementations largely differ in terms of security measures supported: some platforms uses secure chipsets with crypto operations implemented in hardware, exposed through secure interface. Others implementing white box cryptography in software with anti-tampering and obfuscation techniques. 2.Most of the Italian service providers and broadcasters willing to join the tivùon! initiative feel that a mechanism to ensure some degree of differentiation, with respect to the class of security associated with a platform implementation, is required. 3.Adding support for platform security classes in the TivùOn ecosystem implies: To define a set of applicable Platform Security Classes and related key security mechanisms applied. To assign and to signal in a secure way the Platform Security Class assigned. To expose the Platform specific Security Class to the Application layer (GEM) trough a read-only system property specifically defined : system.drm.securityclass To negotiate a liability agreement between the Certification Authority and the Platform manufacturer responsible for assigning a Security Class to owned platform.
17 BROADBAND MEDIA DELIVERY Italian Platform goes OTT-TV tivùon! BAS Profile 17 Platform Security Class definition table An example of Security Class table defined in tivùon! Profile is the following:
18 BROADBAND MEDIA DELIVERY Italian Platform goes OTT-TV tivùon! DRM Profile The aim of DRM Profile is to complement HD-Books in the area of Content Protection for broadband media delivery. Tivù has decided to foster the development of OTT-TV services by Italian broadcasters through the creation of a DRM Ecosystem, to encourage them to profit from Free OTT services, protecting content distribution to avoid illegal overspill on Internet. tivùon! DRM Profile fits within this initiative. The DRM ecosystem concept promoted by Tivù is based on the widest acceptance of DRM technologies already adopted by Italian Operators and Manufacturers. Tivù mandates the implementation of Marlin DRM on abilitato tivùon! labelled devices and strongly recommends the implementation of at least another DRM solution, compatible with the existing platform specifications (e.g. those ones which are already deployed and used in the Italian market). tivùon! DRM Profile specification is reflecting this DRM ecosystem concept and related specifications are aiming to promote the coexistence of concurrent DRM solution in parallel with Marlin DRM technology. abilitato tivùon! brand is a spontaneous participation program proposed to CE manufacturers, aimed to extend the current Gold Label (DTT) and Broadband Ready (tivùsat) devices capabilities with OTT Content Protection, Broadband Application Security and Adaptive Streaming solutions. DRM Profile: whats that ?
19 BROADBAND MEDIA DELIVERY Italian Platform goes OTT-TV tivùon! DRM Profile Service Profiles: Two types of CoD services are addressed: Streaming CoD services (MANDATORY) Download CoD services (RECOMMENDED) Device Profiles: There are 2 receiver profiles as clients for protected CoD services: Streaming Device that is not equipped with storage for content files. Streaming Device: SHALL support Streaming CoD services. SHALL allow persistent internal storage of at least 1500 kB for licences. MAY actually behave as a Download Device if accessing content located in external storage is supported. Download Device that is equipped with storage for content and license files. Download Device: SHALL be able to store the content and/or license for future playback SHALL support Streaming CoD services and it SHALL support Download CoD services. Tivù DRM Ecosystem: SHALL be compliant with the following Marlin specifications: Marlin Simple Secure Streaming (MS3) Marlin Broadband (BB) Marlin Compliance and Robustness rules: SHALL apply for MS3 and Marlin BB profiles implementations. Streaming Devices SHALL be compliant with Marlin MS3 and BB Compact Implementation. Download Devices SHALL be compliant with Marlin MS3 and BB Full Implementation. Requirements (*) CoD: Content on Demand
20 BROADBAND MEDIA DELIVERY Italian Platform goes OTT-TV tivùon! Service Trial: 200 users launched on may 2012 A Coopetitive Video Portal for free access to catch-up TV service Content Providers selector Searching tool by Genre Searching tool by key word entry Application Launcher on Tivùsat EPG Content Synoptic Content Browser and Selection only
21 BROADBAND MEDIA DELIVERY Italian Platform goes OTT-TV tivùon! Service Trial functional block diagram MHP applet + metadata tivùon! CDS & Appl. Back End CDS & Appl. Back End Front End Mediaset DAM Front End Front End RAI DAM Front End Front End La7 DAM Front End Front End SAS streaming metadata SLAs MHP applet + metadata MARLIN HOSTED MARLIN SERVICES HOSTED MARLIN SERVICES SAS streaming Content Key tivùon! Trial Platform: a distributed architecture over Internet layer Service Provider Content Providers MS3 SERVER MS3 SERVER MS3 SERVER MS3 SERVER MS3 SERVER MS3 SERVER
22 BROADBAND MEDIA DELIVERY Italian Platform goes OTT-TV Conclusions 1.Broadband Media Delivery via Over The Top platforms could represent a New Age for TV Broadcaster offering Free or Pay TV services. 2.Bringing back younger audiences to TV consumption throughout new appealing non-linear large screen TV services, would be the new deal for commercial and public broadcasters to compete against the Internet global giants of video value proposition. 3.Italian TV Platform goes OTT-TV because it is aware of the new challenge. Its own cross platform breakthrough design is an outstanding reference for Industry standards, Operator needs and Customer satisfaction, encouraging a Coopetitive approach in relying with regulatory policies and Authority recommendations. 4.Nationwide organisation representatives, Industries and platform designers would be aimed to merge their own specific implementation profiles into a wider convergence set of common European requirements & specifications capable to fulfil large scale economy cost reduction for CE manufacturers, Content owners, Broadcasters, Service Operators, Broadband Telcos.
Seminario SMPTE tecnologie emergenti Rome, May23° Presented at THANK YOU