F1 BOX/SECURITY/SERVER SYSTEM SPTECH FEEDBACK(DRAFT2) 12012/9/21Sony/SPTech Confidential.

Slides:

Advertisements

Similar presentations

Configuration management

Advertisements

Internet of Things Security Architecture

1 SECURE-PARTIAL RECONFIGURATION OF FPGAs MSc.Fisnik KRAJA Computer Engineering Department, Faculty Of Information Technology, Polytechnic University of.

Digital Rights Management: The Technology behind the Hype Mark Stamp Department of Computer Science San Jose State University.

1 GP Confidential © GlobalPlatform’s Value Proposition for Mobile Point of Sale (mPOS)

Lecture 19 Page 1 CS 111 Online Protecting Operating Systems Resources How do we use these various tools to protect actual OS resources? Memory? Files?

New Direction for Software Protection in Embedded Systems Department of EECS University of Michigan Feb 22, 2007 Kang G. Shin.

Insider Access Behavior Team May 06 Brandon Reher Jake Gionet Steven Bromley Jon McKee Advisor Client Dr. Tom DanielsThe Boeing Company Contact Dr. Nick.

Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.

Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci599 Trusted Computing Lecture Three.

CMSC 414 Computer and Network Security Lecture 9 Jonathan Katz.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci599 Trusted Computing Lecture Seven.

Creating a Secured and Trusted Information Sphere in Different Markets Giuseppe Contino.

Web Cryptography & Utilizing ARM TrustZone® based TEE for Authentication & Cryptography Ilhan Gurel September 10th & 11th, 2014.

Software Design Division 秘 CONFIDENTIAL Panther Content Security Mar. 14, 2014 Sony Corporation.

Personal Views on the Test Plan Jan. 29, 2013 Masahiro Wada.

4K CONTENT PLAN Sony Pictures Technologies. Consumer Offering Broadcast (Over the air, cable, satellite, IPTV) Premium Content (Movies, episodic TV) Premium.

Resiliency Rules: 7 Steps for Critical Infrastructure Protection.

Online Search Marketing OMI Certification Course – Discovery Documentation.

High-Speed, High Volume Document Storage, Retrieval, and Manipulation with Documentum and Snowbound March 8, 2007.

Storage Security and Management: Security Framework

01/17/2007 Research on Channel-Independent Secure Live Communication Embedding Authentication Information Kyushu-univ. Okamura lab Kazuhisa Nakagawa.

These materials are prepared only for the students enrolled in the course Distributed Software Development (DSD) at the Department of Computer.

Donald M. Whiteside Vice President, Corporate Technology Group Director, Technical Policy and Standards ITU and EBU Presentation A perspective on trends.

 To explain the importance of software configuration management (CM)  To describe key CM activities namely CM planning, change management, version management.

ENHANCED CONTENT PROTECTION OVERVIEW. Security Solution Characteristics Comprehensive security ecosystem All devices meet the same standard – No assumption.

Computer Science Open Research Questions Adversary models –Define/Formalize adversary models Need to incorporate characteristics of new technologies and.

4K. Contents Context Online required? UltraViolet connection.

1 © 2008 Avaya Inc. All rights reserved. IPOffice Configuration Service Emil Ratnam.

How to Design Open Platform Video Management Software (VMS)

BDA UHD Format Study (SPE internal update)

1 NEW GENERATION SECURE COMPUTING BASE. 2 INTRODUCTION  Next Generation Secure Computing Base,formerly known as Palladium.  The aim for palladium is.

CHAPTER TEN AUTHORING.

F1 Cross-Company Call Follow Up Process Flow against Security Breach on F1 Phase 1 6.iii.2013 Sony Confidential.

AXIS 250S MPEG-2 Video Server Full resolution live MPEG-2 video over your network.

Confidential. For use within only Slide 1 iOS and Android content protection requirements Version 0.2 Sony Pictures Entertainment Tim Wright.

DISTRIBUTED SYSTEMS Principles and Paradigms Second Edition ANDREW S

G53SEC 1 Reference Monitors Enforcement of Access Control.

Copyright © cs-tutorial.com. Overview Introduction Architecture Implementation Evaluation.

NT SECURITY Introduction Security features of an operating system revolve around the principles of “Availability,” “Integrity,” and Confidentiality. For.

1 Integrating security in a quality aware multimedia delivery platform Paul Koster 21 november 2001.

Sony Pictures Confidential Watermarking in AACS. Sony Pictures Confidential SPE Forensic Watermarking Goals Goals: – Identify the device that was compromised.

Slide 1 SONY PICTURES ENTERTAINMENT CONFIDENTIAL Security requirements for early window consumer services Spencer Stephens and Tim Wright Version 0.1 SONY.

F1 Encoding and Content Security Spencer Stephens CTO, Sony Pictures.

Database Security Cmpe 226 Fall 2015 By Akanksha Jain Jerry Mengyuan Zheng.

Towards a Software Architecture for DRM Joint work with Kristof Verslype, Wouter Joosen, and Bart De Decker DistriNet research.

Powered by Microsoft Azure, Auctori Is the Next Generation in Multilingual, Global, Search Engine Optimized Web Content Management Systems MICROSOFT AZURE.

Lect 8 Tahani al jehain. Types of attack Remote code execution: occurs when an attacker exploits a software and runs a program that the user does not.

©2014 Cleo. All rights reserved. Company confidential. Managing Chaos: Andy Moir Director, Product Marketing 2 Data Movement in 2015.

LAS16-203: Platform Security Architecture for embedded devices

Etere Memory Transmission Logger.

SPE Expectations Leverage existing delivery technologies

4k Content Delivery Sony Pictures Technologies.

Content protection for 4k

Technology Development Group

O365 Data Compliance Control of sensitive data is key to cloud adoption Addressing Legal and Regulatory Data Compliance requirements is now a critical.

4K Content protection overview

4K Content protection overview

Languages and Software Engineering

Cambridge TECHNICALS- LEVEL 3

4K Content protection overview

OU BATTLECARD: Oracle Systems Learning Subscription

Presentation transcript:

F1 BOX/SECURITY/SERVER SYSTEM SPTECH FEEDBACK(DRAFT2) 12012/9/21Sony/SPTech Confidential

ECP Principles No content protection system is impenetrable When a system is compromised, there must be a method to re-secure it – Solution: renewability of software portions of media path When a system is compromised, the damage should be minimized. – Solution: diversity of software portions of media path, ideally at a per-title and per-device level 2012/9/14Sony Confidential2

Sony questions 1.Sony proposal is HW security, how NDS solution can improve the security further? (“2 protection layers is better than 1 layer” story is not convincing) [SPE] The critical advantages that NDS provides are renewability and per-title/per-machine diversity 2.If NDS solution is relying on NDS Spec compliant implementation, how compliance enforcement will work? [SPE] NDS is not relying on an NDS Spec or a compliant implementation; they implement the full solution themselves. NDS customizes their client software to the target platform. In the event that a breach is discovered, NDS would determine countermeasures and update client implementations to incorporate the countermeasures. 3.IF NDS renewable code (dynamically generated by NDS server) performs DRM process (title key retrieval, etc.), such code may not be able to use TEE. Does NDS has solution already? [SPE] The NDS solution is designed to execute outside of a TEE. Using a TEE adds an additional layer of security but is neither sufficient nor necessary. Our assumption is that the NDS client implementation will have access to all resources that the Marlin BB client implementation would have. 4.What kind of low level APIs NDS need to access to realize reasonable integrity check? Does NDS has experience implementing on custom chip like the one under Sony’s consideration? [SPE] This question would require a dialogue directly between NDS and Sony 3

Comparison of NDS and Marlin BB solutions 4 PropertyNDSMarlin BB Can use hardware root of trustYes Can use Trusted Execution EnvironmentYes Renewability frequencyper-download / per-firmware update Diversityper-title and per-deviceper-firmware version (?) Individualized keysetYes Content localizationYesNo Ecosystem monitoring and responseYes???

5  SPE Video watermark assumption Watermarking can be applied in AVC stream layer (no need for separate encoding) Normally target B frames, 1 bit per slice (or 1bit per frame) marking is possible  Segmentation If N bit is embedded in one segment, 2^N variations of same segment need to be prepared to utilize full N bit SPE will confirm marking density requirement, and then, whether Sony proposed segmentation can realize effective forensic WM. 2012/9/21 Sony/SPTech Confidential IBB PBBPBB Mark Segment (encrypted with unique key) Server / MOD machine Delivery 0 1 Can be on Stamped media 1 Segment = Frame 1 Segment > Frame (Assembled & encrypted on the fly) Selecting pre-encrypted segments Feedback to Forensic WM solution proposed by Sony Encoding, marking