Securing DVB Hybrid Networks: Taking advantage of the IP Transition
Convergence between broadcasting, broadband and mobile communications is creating new business opportunities and challenges and for the whole content delivery value chain. Consumers are naturally expecting to access interactive, on-demand and live streaming services from traditional TV as they do from their connected devices. Commercial and technical improvements have the potential to significantly increase ARPU (average revenue per user), while reducing churn. The package as a whole becomes “stickier.”
Many of the technical requirements for interactivity for traditional pay-TV services are focused on the successful combination of one-way linear broadcast channels (via cable or terrestrial networks, for instance) with two-way services, such as video-on-demand (VOD) and live streaming. Different versions of hybrid networks are emerging to meet these dual needs, enabling operators to serve multiple tiers of customers and deliver material ranging widely in value from blockbusters to niche content. Pay-TV operators broadly recognize that the future involves more than a simple substitution of Digital Video Broadcasting (DVB) for their existing analog services. Their networks must accommodate broadband IP services and multi-screen delivery.
Yet hybrid network architectures raise unique issues regarding content security and digital rights enforcement. These challenges are typically met by a variety of incompatible conditional access (CA) and digital rights management (DRM) solutions. Dealing with more than one security platform creates management challenges for operators and content owners alike. Newer generations of revenue security architectures can help resolve these challenges through a multi-layered approach that supports all content types, delivery networks and display devices – typically from a unified rights management platform.
Revenue security architectures in the converged digital age need to be multi-dimensional, addressing the three key aspects of this new pay-TV distribution challenge – secure delivery over multiple networks, support for diverse consumer devices, and a multi-layered ability to detect and address threats.
Revenue Security Foundations
It is easy to see that the demands of fully networked consumers, and the wide range of transmission technologies available to today’s operators, bring new challenges for revenue security. One of the biggest challenges lies in defending a viable business model against the wide-scale piracy encouraged by the very same technological advances. And this dimension of the puzzle brings the question of revenue protection to the fore.
Most consumers are simply looking for clear and transparently enforced rules relating to the material they purchase. In fact without these rules in place, the variety of different purchase and rental options available today could not exist. A unified revenue security approach eliminates any negative perceptions of DRM policies and allows consumers to simply enjoy the content they purchased.
A unified rights management solution allows operators to optimize revenue security for different networks, consumer devices and subscribers, within a single platform. Operators are able to deploy the right amount of security to meet their varying business objectives. Too much security incurs unnecessary costs and can deter customers, while too little of course can encourage piracy as well as unauthorized access to services. Low-tier customers without access to premium content or interactive services do not need the maximum level of access control and rights enforcement.
Advantages of Cardless Security
The advent of IP-based infrastructures for play-out and transmission has one main implication for revenue security. Renewability of security subsystems is a distinct advantage in a landscape of fast changing threats and business opportunities, making software- and cloud-based security an attractive option. Hardware-based systems can be highly secure at the time they are implemented, but experience with smartcard-based pay TV services has shown that they are cracked sooner or later. Revenue security is an arms race against pirates and fraudsters, so the security platform must be renewable, allowing operators to stay a step ahead.
Cardless security strategy offers the ability to uniformly deploy content protection across all devices of a subscriber’s domain. It should be noted that while the head-end architecture is unified, the client implementation will still be unique for each device platform, threat profile and available hardware tools. For example, where trust anchors are available in silicon (such as in an SOC or trusted area of a general purpose CPU) a software content protection client will benefit from leveraging these. Also, the exact encryption and key delivery technology used will vary by device and delivery method.
In fact, Cartesian, a specialist provider of consulting services to the telecoms industry, recently conducted a survey on one-way CA systems targeting key stakeholders in the TV industry (www.verimatrix.com/cardless). The primary goal was to capture the current view of cardless technology versus smartcard technology. In response to the simple question “is the security offered by cardless now comparable to smartcards?,” 82% agreed with or were indifferent to the comparison. They also took an in-depth look at the current capabilities of both and concluded that “innovation will continue in cardless technology to meet the growing needs of very high value content.”
Besides offering more effective security for digital content assets, the transition to IP also represents an opportunity to gain a deeper level of insights into their subscribers. Operators have access to a vast amount of data from an array of sources bringing great potential for valuable customer insights, cost savings and operational efficiencies. The challenge lies in collecting, storing and analyzing this data within a single coherent analytics platform. Security is really at the heart of the analytics revolution now sweeping video service market. Security has become a major enabler for analytics as a source of data by virtue of its position in the head-end and through management of entitlements, as well as in protecting data whatever its provenance. This second role of protecting privacy and ensuring confidentiality is crucial for encouraging users to make sensitive data available.
Yet, above all, operators truly benefit from a unified revenue security system, which not only brings significant cost and operational savings from managing just one platform, but also enables the deployment of a transparent security regime across all the network and device permutations that subscribers are demanding. A unified revenue security system, particularly one based in the cloud, has a vital role in the transition towards hybrid and all-IP networks.