Long reads


NAB Show 2013 Q&A: Steve Christian, Verimatrix

Steve Christian, vice president of marketing at content security specialist Verimatrix, talks to DTVE about the content requirements for multiscreen video and the distribution of services across multiple network types.

What are the key elements that service providers need to put in place to secure multi-screen distribution of content?

Many operators are employing advanced protection mechanisms to secure their next-generation over-the-top (OTT) premium content services and to run these alongside their existing pay-TV distribution models. From our perspective, the guiding principle of security in these multi-network services is to consider the similarity of distribution and control challenges across the different network and protocol types more than considering the differences.
To address the challenges head on, a security solution needs to include:

•    Integrated rights management data associated with, or as a component of, the overall content management and preparation workflow.
•    Client side security management for key related data and management of the video decode path.
•    A roadmap for navigating inevitable changes in delivery preferences, optimizations and standards over time without requiring extensive re-integration re-validation of the security integration.

Internet-based services are not, as it turns out, very different in profile from that of more traditional offerings and naturally become a part of an extended offering. In fact, effectively scaling an OTT service seems to be easiest when the unmanaged network is integrated with existing back end infrastructure – sharing a proven video and security head-end platform. Many of the associated security mechanisms, which feature fine grain control options, have been successfully deployed to secure more mature pay-TV networks like managed IPTV and DVB.

Another challenge is for operators to eliminate the distribution and consumption silos that often frustrate consumers and nudge them towards alternative sources.  Most importantly, a single security platform clearly opens up the potential for flexible business models that can help up-sell OTT content for premium services and cross-sell over multi-network, multi-screen distribution. Such OTT business and rights management models are in a stage of being defined, and redefined.

What are the challenges operators face when securing content across multiple network types – IP as well as DVB broadcast, and OTT as well as managed networks?

Perhaps the greatest challenge for today’s and tomorrow’s operators is the changing security environment. We see the model of threats to service revenue shifting rapidly as highlighted in our recent sponsored reports from Farncombe and Frost & Sullivan. We also see the technology of consumption devices changing very rapidly – especially the fact that the number of non-proprietary CE devices accessing OTT video services is dramatically increasing every day.  As the symmetry between OTT and traditional pay-TV service offerings increases, it’s important that Internet distribution does not create multiple new potential and actual attack points for content pirates. To prevent content piracy and misuse from occurring, operators must have a thorough understanding of the specialized content protection requirements of each environment.

While control of piracy, especially online content re-distribution is critical, it is also especially clear that rights management between the pay-TV and OTT environments should be carefully harmonized to maintain the integrity of the overall service as seen by the consumer. Glitches in this aspect of presentation and delivery cause havoc for the management of overall subscriber expectations and rapidly undermine the sense of service coherence across screens. Overall, there shouldn’t be any gaps between what a consumer sees on the big screen and what they see on the small screen.  It’s when a subscriber experiences a difference – often decreased quality of experience (QoE) – that a tendency to search for less legitimate forms of content starts.

To what extent is additional complexity created by the use of adaptive bit-rate streaming and what do operators need to put in place to accommodate this?

Although more complicated from an infrastructure point of view, we feel strongly that ABR streaming offers many advantages to previous generations of proprietary video delivery systems – and this includes how security is handled. While there are still different technology approaches, a well defined common streaming format such as HTTP Live Streaming (HLS) can be combined with a distributed head-end, and scalable security solution to deliver protected premium content to the broadest range of mobile and fixed CE devices.  HLS also offers service providers an open, extensible standard and a broad ecosystem of products, which provides advantage over HTTP dynamic streaming and Smooth Streaming, which are single vendor closed ecosystem offerings at present. In fact de-facto standards such as HLS have shown the path towards more rational implementation of more formal international standards such as MPEG-DASH.

The unique properties of ABR, especially its resilience, actually are having an impact on the new deployments of VOD and Catch-up services on more traditional networks, including IPTV, DVB and mobile network deployments. The older delivery standards such as RTSP and Switched Digital Video, which are strongly tied to managed bandwidth network delivery are being displaced with more uniform use of ABR. The end result is a reliable and consistent delivery technique suitable for use on managed and unmanaged network segments with standards-based security applicable to PC, phone, tablet and STB devices.

To what extent can standards help solve the problem of fragmentation of distribution across different networks and different device types, and to what extent will operators have to add to their costs by implementing multiple solutions?

It’s often stated and re-stated, but standards can tend to hamper deployment choices since there are so many of them to choose from. Standards and standards usage are shifting rapidly in the OTT delivery world, so about the only thing you can be sure about is the need to insulate implementation decisions against the changes that will inevitably occur. From a security standpoint, the trends seem clear – content formats, encryption algorithms and key management signaling systems are becoming more uniform and less proprietary. Examples of this include the mechanisms of the Common File Format from DECE/Ultraviolet and the references to a common encryption standard within the ISO/IEC standard MPEG-DASH for Dynamic Adaptive Streaming over HTTP.

The underlying key management and DRM mechanisms are likely to remain proprietary, but the touch points of these systems to the encoder infrastructure, to delivery systems such as CDNs and to the internal mechanics of media players (and increasingly the core of HTML5 browser implementations) are likely to standardize.  This can only help operators to more easily address the unique requirements of different devices types, giving them the potential to open up the universe of multi-network, multi-screen delivery, and greatly accelerate the growth of new revenue streams based on this paradigm.

How far do content providers in the broadcast environment now have confidence in cardless security solutions?

Cardless security solutions are gaining in popularity, in part due to the technical and operational benefits they offer. But, as we have seen with recent surveys of the operator landscape, the shift to a cardless approach also reflects profound shifts in both the threat to pay-TV operator revenue and the rapid advances in chipset technology used in receiving devices. When these changes are set against the demonstrably lower CAPEX and OPEX costs – an overall more favorable Total Cost of Ownership profile – the shift in the landscape seems likely to be permanent.

Renewability of security subsystems is a distinct advantage in a landscape of fast changing threats and business opportunities, making cardless security an attractive option. Content security is an arms race against pirates and fraudsters, so the security approach needs to be pro-actively renewable. Cardless security, in combination with state-of-the-art secure SOC technology, offers flexible renewability options allowing cable operators to stay a step ahead of threats, countering by over-the-air updates and other countermeasure techniques.

What are you highlighting at NAB and why?

Verimatrix will be using NAB 2013 as a showcase for its advanced multi-network security solutions – especially a showcase of hybrid network solutions in conjunction with our partners.  The new video delivery challenge is integration of traditional and Internet delivered services – and Verimatrix has the leading position in security solutions that harmonize rights management across broadcast, IPTV and OTT services – while offering support for the broadest range of consumer devices through its partner ecosystem. At the show, its experts will be demonstrating:

•    IP-Hybrid solutions for progressive cable operators with a transition to an all-IP video future in mind
•    DVB-Hybrid solutions featuring a cardless, single security approach to combinations of broadcast and Internet video services
•    Enhanced adaptive streaming security for OTT video to iOS and Android devices, smart TVs & STBs, PC/Mac platforms and STBs complete with multiple audio track and closed captioning support

We will also be hosting the latest event in our Multi-Network Solutions in the Real World Forum at the Show.  During the complimentary breakfast Forum on April 9, 2013 at 8 a.m., attendees will learn how operators are building their brands around consistent, high-quality user experience across devices to attract and retain engaged and loyal subscribers. The esteemed panel will be moderated by Jim O’Neill, research analyst, Parks Associates, and includes experts from Vubiquity, Envivio, Total Movie and Verimatrix.

To register for Verimatrix’s Multi-Network Solutions in the Real World Forum please click here.

Most Recent