Presentation is loading. Please wait.

Presentation is loading. Please wait.

F1 BOX/SECURITY/SERVER SYSTEM SPTECH FEEDBACK(DRAFT2) 12012/9/21Sony/SPTech Confidential.

Published byDina Eleanore Bradley Modified over 8 years ago

Similar presentations

Presentation on theme: "F1 BOX/SECURITY/SERVER SYSTEM SPTECH FEEDBACK(DRAFT2) 12012/9/21Sony/SPTech Confidential."— Presentation transcript:

1 F1 BOX/SECURITY/SERVER SYSTEM SPTECH FEEDBACK(DRAFT2) 12012/9/21Sony/SPTech Confidential

2 ECP Principles No content protection system is impenetrable When a system is compromised, there must be a method to re-secure it – Solution: renewability of software portions of media path When a system is compromised, the damage should be minimized. – Solution: diversity of software portions of media path, ideally at a per-title and per-device level 2012/9/14Sony Confidential2

3 Sony questions 1.Sony proposal is HW security, how NDS solution can improve the security further? (“2 protection layers is better than 1 layer” story is not convincing) [SPE] The critical advantages that NDS provides are renewability and per-title/per-machine diversity 2.If NDS solution is relying on NDS Spec compliant implementation, how compliance enforcement will work? [SPE] NDS is not relying on an NDS Spec or a compliant implementation; they implement the full solution themselves. NDS customizes their client software to the target platform. In the event that a breach is discovered, NDS would determine countermeasures and update client implementations to incorporate the countermeasures. 3.IF NDS renewable code (dynamically generated by NDS server) performs DRM process (title key retrieval, etc.), such code may not be able to use TEE. Does NDS has solution already? [SPE] The NDS solution is designed to execute outside of a TEE. Using a TEE adds an additional layer of security but is neither sufficient nor necessary. Our assumption is that the NDS client implementation will have access to all resources that the Marlin BB client implementation would have. 4.What kind of low level APIs NDS need to access to realize reasonable integrity check? Does NDS has experience implementing on custom chip like the one under Sony’s consideration? [SPE] This question would require a dialogue directly between NDS and Sony 3

4 Comparison of NDS and Marlin BB solutions 4 PropertyNDSMarlin BB Can use hardware root of trustYes Can use Trusted Execution EnvironmentYes Renewability frequencyper-download / per-firmware update Diversityper-title and per-deviceper-firmware version (?) Individualized keysetYes Content localizationYesNo Ecosystem monitoring and responseYes???

5 5  SPE Video watermark assumption Watermarking can be applied in AVC stream layer (no need for separate encoding) Normally target B frames, 1 bit per slice (or 1bit per frame) marking is possible  Segmentation If N bit is embedded in one segment, 2^N variations of same segment need to be prepared to utilize full N bit SPE will confirm marking density requirement, and then, whether Sony proposed segmentation can realize effective forensic WM. 2012/9/21 Sony/SPTech Confidential IBB PBBPBB Mark 0 0 0 0 1 1 0 1 1 0 1 1 Segment (encrypted with unique key) 0 1 0 1 0 0 1 1 Server / MOD machine Delivery 0 1 Can be on Stamped media 1 Segment = Frame 1 Segment > Frame (Assembled & encrypted on the fly) Selecting pre-encrypted segments Feedback to Forensic WM solution proposed by Sony Encoding, marking

Download ppt "F1 BOX/SECURITY/SERVER SYSTEM SPTECH FEEDBACK(DRAFT2) 12012/9/21Sony/SPTech Confidential."

Similar presentations

Configuration management

Configuration management
Internet of Things Security Architecture

Internet of Things Security Architecture
1 SECURE-PARTIAL RECONFIGURATION OF FPGAs MSc.Fisnik KRAJA Computer Engineering Department, Faculty Of Information Technology, Polytechnic University of.

1 SECURE-PARTIAL RECONFIGURATION OF FPGAs MSc.Fisnik KRAJA Computer Engineering Department, Faculty Of Information Technology, Polytechnic University of.
Digital Rights Management: The Technology behind the Hype Mark Stamp Department of Computer Science San Jose State University.

Digital Rights Management: The Technology behind the Hype Mark Stamp Department of Computer Science San Jose State University.
1 GP Confidential ©2013 1 GlobalPlatform’s Value Proposition for Mobile Point of Sale (mPOS)

1 GP Confidential © GlobalPlatform’s Value Proposition for Mobile Point of Sale (mPOS)
Lecture 19 Page 1 CS 111 Online Protecting Operating Systems Resources How do we use these various tools to protect actual OS resources? Memory? Files?

Lecture 19 Page 1 CS 111 Online Protecting Operating Systems Resources How do we use these various tools to protect actual OS resources? Memory? Files?
New Direction for Software Protection in Embedded Systems Department of EECS University of Michigan Feb 22, 2007 Kang G. Shin.

New Direction for Software Protection in Embedded Systems Department of EECS University of Michigan Feb 22, 2007 Kang G. Shin.
Insider Access Behavior Team May 06 Brandon Reher Jake Gionet Steven Bromley Jon McKee Advisor Client Dr. Tom DanielsThe Boeing Company Contact Dr. Nick.

Insider Access Behavior Team May 06 Brandon Reher Jake Gionet Steven Bromley Jon McKee Advisor Client Dr. Tom DanielsThe Boeing Company Contact Dr. Nick.
Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.

Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.
Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,

Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,
Copyright © 1995-2006 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci599 Trusted Computing Lecture Three.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci599 Trusted Computing Lecture Three.
CMSC 414 Computer and Network Security Lecture 9 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 9 Jonathan Katz.
Copyright © 1995-2006 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci599 Trusted Computing Lecture Seven.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci599 Trusted Computing Lecture Seven.
Creating a Secured and Trusted Information Sphere in Different Markets Giuseppe Contino.

Creating a Secured and Trusted Information Sphere in Different Markets Giuseppe Contino.
Web Cryptography & Utilizing ARM TrustZone® based TEE for Authentication & Cryptography Ilhan Gurel September 10th & 11th, 2014.

Web Cryptography & Utilizing ARM TrustZone® based TEE for Authentication & Cryptography Ilhan Gurel September 10th & 11th, 2014.
Software Design Division 秘 CONFIDENTIAL Panther Content Security Mar. 14, 2014 Sony Corporation.

Software Design Division 秘 CONFIDENTIAL Panther Content Security Mar. 14, 2014 Sony Corporation.
Personal Views on the Test Plan Jan. 29, 2013 Masahiro Wada.

Personal Views on the Test Plan Jan. 29, 2013 Masahiro Wada.
4K CONTENT PLAN Sony Pictures Technologies. Consumer Offering Broadcast (Over the air, cable, satellite, IPTV) Premium Content (Movies, episodic TV) Premium.

4K CONTENT PLAN Sony Pictures Technologies. Consumer Offering Broadcast (Over the air, cable, satellite, IPTV) Premium Content (Movies, episodic TV) Premium.
Resiliency Rules: 7 Steps for Critical Infrastructure Protection.

Resiliency Rules: 7 Steps for Critical Infrastructure Protection.
Online Search Marketing OMI Certification Course – Discovery Documentation.

Online Search Marketing OMI Certification Course – Discovery Documentation.

Similar presentations

Ads by Google