Presentation is loading. Please wait.

Presentation is loading. Please wait.

Software Design Division 秘 CONFIDENTIAL Panther Content Security Mar. 14, 2014 Sony Corporation.

Published byScott Horton Modified over 8 years ago

Similar presentations

Presentation on theme: "Software Design Division 秘 CONFIDENTIAL Panther Content Security Mar. 14, 2014 Sony Corporation."— Presentation transcript:

1 Software Design Division 秘 CONFIDENTIAL Panther Content Security Mar. 14, 2014 Sony Corporation

2 Software Design Division 秘 CONFIDENTIAL Introduction: Panther/Lyon Panther is FY14 F1 Box implemented on new platform. 2 nd generation F1 Box Supports multiple network services including Video Unlimited 4K and playback of User Generated Contents Includes secure SoC “Lyon” Lyon is in-house secure SoC. Dedicated for Sony’s product Includes decryptor and AVC/HEVC decoder Handles (decrypts and decodes) Video Unlimited 4K contents 2

3 Software Design Division 秘 CONFIDENTIAL Panther/Lyon Security Improvement Lyon supports Trusted Execution Environment (cf. 1 st generation F1 Box does not support TEE) and H/W Root of Trust with Secure Boot. By introduction of TEE, the following items are improved from FMP-X1 (1 st generation F1 Box) Secure media pipeline Secure computation environment Memory protection The following items are fully supported as well as FMP-X1. Device Binding Device-unique private key HDCP2.2 Playback control watermark (Cinavia)  Note: Panther expands the coverage of Verance watermark screening to UGC in addition to VU 4K contents. UGC... User Generated Contents (e.g. contents from camcoder) Cf. FMP-X1 playbacks only Video Unlimited 4K contents 3

4 Software Design Division 秘 CONFIDENTIAL Panther Content Security About communication with Verance About WASU service 4

5 Software Design Division 秘 CONFIDENTIAL End 5

6 Software Design Division 秘 CONFIDENTIAL Backup 6

7 Software Design Division 秘 CONFIDENTIAL Memory Protection Lyon is able to protect memory of the secure zone against access from untrusted code. This means that Secure Data is still protected even if Normal Zone is rooted. Secure Data includes e.g. decrypted/decoded data. 7 Lyon Secure Process RAM Memory Protection: Secure Data cannot be accessed by untrusted code in Normal Zone. Secure ZoneNormal Zone Normal Process Normal MemorySecure Memory Secure Data

8 Software Design Division 秘 CONFIDENTIAL Secure Media Pipeline Panther implements a secure media pipeline that provides protection from Key Management to protected output (HDCP2.2). 8 Decryption Decode HDCP2.2 Secure Media Pipeline (Decryption - Protected Output) Key Management Secure Media Pipeline: Protection between Key Calculation to HDCP Lyon HDMI Bridge Main Board App. Processor Application

9 Software Design Division 秘 CONFIDENTIAL Secure Computation Environment Lyon supports a TEE isolated by hardware mechanisms running only authenticated code for performing secure operations (e.g. decryption). Lyon keeps integrity of secure process by TEE mechanism, i.e. can protect from unauthorized access to secure process. 9 Lyon Trusted RAM Flash Memory Signed & Encrypted Binary Keep Integrity of Secure Process: Unauthorized access is impossible by TEE. authorized Binary Verification ① Execution ② Authenticated Code: Only signed and encrypted process is running. Decryption

10 Software Design Division 秘 CONFIDENTIAL End of backup 10

Download ppt "Software Design Division 秘 CONFIDENTIAL Panther Content Security Mar. 14, 2014 Sony Corporation."

Similar presentations

Operating Systems Components of OS

Operating Systems Components of OS
Wei Lu 1, Kate Keahey 2, Tim Freeman 2, Frank Siebenlist 2 1 Indiana University, 2 Argonne National Lab

Wei Lu 1, Kate Keahey 2, Tim Freeman 2, Frank Siebenlist 2 1 Indiana University, 2 Argonne National Lab
Confidential 1 Phoenix Security Architecture and DevID July 2005 Karen Zelenko Phoenix Technologies.

Confidential 1 Phoenix Security Architecture and DevID July 2005 Karen Zelenko Phoenix Technologies.
Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.

Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.
1 GP Confidential ©2013 1 GlobalPlatform’s Value Proposition for Mobile Point of Sale (mPOS)

1 GP Confidential © GlobalPlatform’s Value Proposition for Mobile Point of Sale (mPOS)
Dongyan Wang GlobalPlatform Technical Program Manager

Dongyan Wang GlobalPlatform Technical Program Manager
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
Chapter 1 Introduction. Chapter Overview Overview of Operating Systems Secure Operating Systems Basic Concepts in Information Security Design of a Secure.

Chapter 1 Introduction. Chapter Overview Overview of Operating Systems Secure Operating Systems Basic Concepts in Information Security Design of a Secure.
CMSC 414 Computer and Network Security Lecture 9 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 9 Jonathan Katz.
Towards Application Security On Untrusted OS

Towards Application Security On Untrusted OS
Web Cryptography & Utilizing ARM TrustZone® based TEE for Authentication & Cryptography Ilhan Gurel September 10th & 11th, 2014.

Web Cryptography & Utilizing ARM TrustZone® based TEE for Authentication & Cryptography Ilhan Gurel September 10th & 11th, 2014.
Securing Information Transfer in Distributed Computing Environments AbdulRahman A. Namankani.

Securing Information Transfer in Distributed Computing Environments AbdulRahman A. Namankani.
CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.

CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.
Chapter 11: Dial-Up Connectivity in Remote Access Designs

Chapter 11: Dial-Up Connectivity in Remote Access Designs
DATABASE SECURITY By Oscar Suciadi CS 157B Prof. Sin-Min Lee.

DATABASE SECURITY By Oscar Suciadi CS 157B Prof. Sin-Min Lee.
4K CONTENT PLAN Sony Pictures Technologies. Consumer Offering Broadcast (Over the air, cable, satellite, IPTV) Premium Content (Movies, episodic TV) Premium.

4K CONTENT PLAN Sony Pictures Technologies. Consumer Offering Broadcast (Over the air, cable, satellite, IPTV) Premium Content (Movies, episodic TV) Premium.
Key Management Lifecycle. Cryptographic key management encompasses the entire lifecycle of cryptographic keys and other keying material. Basic key management.

Key Management Lifecycle. Cryptographic key management encompasses the entire lifecycle of cryptographic keys and other keying material. Basic key management.
Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.

Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.
Ajmer Singh PGT(IP) Software Concepts. Ajmer Singh PGT(IP) Operating System It is a program which acts as an interface between a user and hardware.

Ajmer Singh PGT(IP) Software Concepts. Ajmer Singh PGT(IP) Operating System It is a program which acts as an interface between a user and hardware.
Patterns for Secure Boot and Secure Storage in Computer Systems By: Hans L¨ohr, Ahmad-Reza Sadeghi, Marcel Winandy Horst G¨ortz Institute for IT Security,

Patterns for Secure Boot and Secure Storage in Computer Systems By: Hans L¨ohr, Ahmad-Reza Sadeghi, Marcel Winandy Horst G¨ortz Institute for IT Security,

Similar presentations

Ads by Google