Content protection

Traditional conditional access (CA) controls entrance to the service or delivery pipe. In contrast, content protection controls the use of the content. Can it be copied and to where? How many times can it be viewed? When does it expire?

Digital rights management (DRM) is a closely related area, but it focuses on defining the allowed usage. Content protection enforces the rules that DRM defines. This line is somewhat blurred, and most DRM systems include enforcement.

Using content protection, content can be moved around in digital form, but only within an authorized domain. Content providers can set the extent of the authorized domain on a per subscriber basis. An example might be all the TVs, computers and video iPods in a household. Introducing the concept of an authorized domain depends on devices that can be trusted to respect the usage rights.


There are several stakeholders in this area, and they all have different interests that often pull in different directions.

Content owners are extremely concerned about keeping their content safe, while platform operators want to make money from advertising and subscriptions. They care about shrinkage of subscriptions, but they will tolerate some piracy when the lost subscriptions are less than the cost of tackling it. What usually causes them to address piracy is concern from their content suppliers. This concern has grown as consumer devices have become capable of copying and distributing content.

Consumer electronics vendors have two conflicting goals. First, they want to keep content owners happy because they need content. Second, they want to sell as many units as possible. To achieve the second goal, they want to make their devices as cheap, easy to use, flexible and reliable as possible. Content protection offers the hope of keeping content safe, but it tends to conflict with the second goal.

Most consumers are prepared to pay a fair price for what they regard as fair use. Ease of use, flexibility and reliability are equally important factors. A fundamental issue is whether all the stakeholders will agree on what constitutes fair use. Consumers may be unhappy when they find they can't lend content to a friend or use it on certain devices.

The last group of stakeholders is the security companies. This group includes the traditional CA companies and a new wave of companies that draw inspiration from the IT sector. They obviously want to sell as much security technology as possible.


Patent disputes and an abundance of overlapping standards have hampered standardization in the content protection and DRM spaces. The latter is partly due to the convergence of related industries, each having its own ideas and practices. This means that products in the field are running ahead of standardization.

Most CA vendors have extended their products to include content-protection capabilities. The most obvious examples are PVRs. Most CA vendors also have a roadmap to allow secure sharing of content within the authorized domain, but deployments have been limited so far.

Microsoft would like to become the de facto DRM standard and certainly has wider coverage than any other vendor at the moment. It can supply interoperable DRM across STBs, PCs, phones and PDAs.

The progress of the broadcast flag in the United States has been interesting. It is a technically insecure system that was supposed to rely on the consumer equipment respecting the flag setting (e.g. never copy, copy once, etc.). To enforce this, the content industry lobbied for laws to make this mandatory. These laws were passed by Congress but have been struck down by the Supreme Court as unconstitutional, mainly on the grounds that they place too much restriction on fair use of content.

Most pay TV operators implement proprietary standards to restrict copying, usually as part of the CA system. For example, most CA systems can turn Macrovision on or off for a particular event. This principle is being extended with the introduction of high-bandwidth digital content protection (HDCP) and other similar standards. HDCP is intended to run over interfaces such as digital video interface (DVI) and high-definition multimedia interface (HDMI) and is a method of secure handshaking between consumer devices such as STBs, DVD players and recorders, and HD TVs. It allows more levels of control than Macrovision — copy once, copy no more, copy never and copy free. It also allows individual devices to be revoked if they are suspected of being compromised.

The main EBU standard in this area is content protection and copy management (CPCM), although this is still in the standardization process and so no implementations are likely soon.

In the mobile TV world, DVB-H has specified two options for content protection — 18C and open framework (OF). 18C comes from the mobile phone industry and is based on the Open Mobile Alliance (OMA) content protection system. OF comes from the DTV CA industry. Unfortunately, the two standards are incompatible. Currently, only one commercial DVB-H deployment has been announced, and it uses OF.

Rights expression languages are used to express the rights to use content in a machine-readable form. For example, they could define embargos on pre-distributed content or make the viewer fill out a questionnaire before watching some content. The main standards are:

  • eXtensible rights Markup Language (XrML), which was developed by ContentGaurd and is proprietary;
  • MPEG-21 REL, which is based on XrML and is part of the MPEG-21 multimedia framework; and
  • Open Digital Rights Language (ODRL), which is an alternative and noncompatible standard. It is used by the OMA standard. Its backers claim that it is not subject to any patents.

Threats and limits to technology

The two basic threats are commercial and amateur piracy. Commercial pirates will always be able to circumvent the technology if they have a commercial motivation to do so. In the CA world, the strategy is make sure that the pirates are forced to be sufficiently visible and traceable to use legal means to shut them down. For example, if they have to sell pirate smart cards or DVDs, they must have somewhere to process them. If they can rely on selling codes, video downloads or software, they are harder to trace. In fact, they will probably be offshore.

Amateur piracy comes in two forms: unauthorized use by the same user (ripping to an iPod, for example) and sharing with others. Both can be addressed by sensible fair use policy and pricing, easy access to legitimate content and good enough security. It should be significantly easier and cheaper to pay for the content than not to pay.

Don't forget the analog hole! This will probably exist for a long time, although most HD STBs can down-convert to SD for analog output.

The lessons from traditional CA are that there should be a replaceable hardware element (the smart card) and that the key distribution has to be a managed service (not an open standard.) This is because all security systems get broken in the end, and the important thing is the response to breaches. Attempts to handle security by defining an open standard can mean that no one is responsible for addressing breaches. The DVD Content Scrambling System (CSS) is an example of this. When the system was broken, there were millions of players in the field, and no one was going to pay to recall them.

Hardware initiatives

Many of the current content protection systems are software-based. This means they can be reverse-engineered without expensive equipment. Clearly, the vendors are good at obscuring their keys and algorithms, but eventually they will be found. Most industry sources believe that the latest versions of iTunes and Windows Media DRM are both compromised.

There are several initiatives to address this issue, including:

  • the Secure Video Processor (SVP) alliance, led by NDS;
  • the TIRAMISU project, led by Nagra and Optibase; and
  • the Trustworthy Computing (TC) group, led by Microsoft.

All of these initiatives attempt to move security functions and key storage from software to hardware. They also rely on the hardware being authenticated by some authority on an ongoing basis, so imply a subscription model.

The SVP seems to be the most advanced, with some deployments already announced. The scope of TC goes far beyond broadcast and has caused significant controversy. For example, Microsoft could block open source software or remotely delete or censor content.

Interoperable DRM

It seems unlikely that the world will agree on any one DRM standard, and the focus of standardization has been shifting towards interoperability of standards. Ironically, there are several initiatives in this area:

  • Marlin, for portable devices;
  • the Coral Consortium, which includes a significant number of stakeholders for across the industry;
  • the Digital Media Project (DMP), led by Leonardo Chiariglione of MPEG fame; and
  • DReaM, led by Sun.


Content protection is still an emerging area of the converging media industry, and it is hard to predict with any certainty what form it will finally take. Stakeholders' interests, legislation and how it is sold to the public will shape this area more than the technological issues.

David Short and Alan Patrick are digital media consultants at BroadcastProjects (