Content and Service Protection for IPTV

Download Content and Service Protection for IPTV

Post on 14-Dec-2016




1 download

Embed Size (px)


<ul><li><p>IEEE TRANSACTIONS ON BROADCASTING, VOL. 55, NO. 2, JUNE 2009 425</p><p>Content and Service Protection for IPTVSeong Oun Hwang</p><p>AbstractContent or service delivered through IPTV is highquality and of high economic value accordingly. As digital tech-nologies progress, illegal copy and redistribution of IPTV contentbecome easier and simpler. Therefore it is required to protectIPTV content or service. In this paper, following the approachestaken by ITU-T IPTV Focus Group, we analyze the securitythreats and requirements. We also discuss related issues and solu-tions for IPTV. Specially, interoperability issues among differentcontent and service protection systems are addressed.</p><p>Index TermsCAS, content protection, DRM, IPTV, serviceprotection.</p><p>I. INTRODUCTION</p><p>I NTERNET Protocol Television (IPTV) is the use of an IPbroadband network to deliver television (cable TV type)services to the end user. Traditional telecommunications ser-vice providers as well as alternate service providers and Internetservice providers can utilize their IP networks (and broadbandconsumer access) to deliver broadcast TV, Video on Demand(VOD) and other Internet services to the consumer.</p><p>IPTV is also defined as multimedia services such as televi-sion/video/audio/text/graphics/data delivered over IP based net-works managed to provide the required level of QoS/QoE, se-curity, interactivity and reliability (ITU-T IPTV FG 2006. 11).This will be available at</p><p>IPTV services are already being offered by several telcosand Internet service providers worldwide. From countries tocountries or from service providers to service providers, eventhe same IPTV services can be under different stages such astrial or planning. This reflects that there exist diverse situationsincluding policies, legal systems, consumers attitudes, tech-nological infrastructures, etc. around IPTV. For the most part,IPTV service providers today are basically offering cable TVlike servicesincluding premium channel services such as en-tertainment, sports, game and so on. Most service providers areproviding regular definition TV services at this time, but someare offering high definition TV (HDTV) service. Many serviceproviders are also offering VOD services which allow users toselect their favorite content such as video and audio.</p><p>Manuscript received May 01, 2008; revised December 11, 2008. First pub-lished May 05, 2009; current version published May 22, 2009. This work wassupported by the Hongik University new faculty research support fund. Thispaper has supplementary downloadable material available at, provided by the author.</p><p>The author is with the Department of Computer and Information Communi-cation Engineering, Hongik University, Chungnam 339-800, Republic of Korea(e-mail:;</p><p>Digital Object Identifier 10.1109/TBC.2009.2020446</p><p>As digital technologies develop and IP infrastructures spreadwidely, traditional services which have been independently be-fore the IPTV era will take more advanced forms than now. Forexample, one can enjoy time-shifting or place-shifting of livebroadcasting more conveniently in IPTV than in non-IPTV. In-tegrated version of traditional services is one of the promising,new services unique to IPTV. One typical example of integratedservices is the so-called triple play service defined as provi-sioning of Internet, TV, and telephone service over a singlebroadband connection.</p><p>Many experts expect that other future capabilities of IPTVcould include whole house networking solutions to connect theTVs, PCs, in-home (or external) content storage devices andothers. The ultimate vision is to facilitate total interoperabilityamong and between all information, communications, and en-tertainment devices in the home, over one network within thecustomer premises [1].</p><p>The distinctive features of IPTV come from integration of IPnetwork and broadcast network, integration of existing, inde-pendent services, two-way communications between providerand consumer rather than the existing one-way communicationsfrom provider to consumer, and personalization, etc. Personal-ization is enabled and deepened by the two-way communica-tion network. That is, consumers now gradually interact activelywith the provision of the service and get differentiated person-alized service. It is sharply contrasted with the traditional wayconsumers just accept the provided service passively. Contentprovisioning service based upon a subscribers preferences canbe thought of one emerging example of such personalized ser-vices.</p><p>Content or service delivered through IPTV is required to beprotected because the provision itself is very high quality andof high economic value accordingly. In addition, the IPTV en-vironment means that the provision is shared among consumerscomputers or portable digital devices. As it is well known, any-thing whose form is digital, whatever it is, can be shared on theInternet. Initially music files had been distributed through P2Pnetworks. Recently, copyrighted audiovisual contents are grad-ually distributed and shared illegally. As digitization of analogTV progresses, it is expected that illegal copy and redistribu-tion of IPTV content would be easier and simpler. As in thedigital TV, consumers can also make a complete copy of broad-casted IPTV content without degrading audio or visual qualitiesat all. The copy of broadcasted content is simply made by usingPVRs (personal video recorders) attached to the broadcastingreceiving devices. The most critical problem is that the illegalcopies can be redistributed in a very short time through the In-ternet.</p><p>The remainder of this paper is organized as follows. In Sec-tion II, we analyse the security threats, requirements and pos-sible solutions in IPTV which are drawn from the results of</p><p>0018-9316/$25.00 2009 IEEE</p></li><li><p>426 IEEE TRANSACTIONS ON BROADCASTING, VOL. 55, NO. 2, JUNE 2009</p><p>Fig. 1. Security attack points and threats. This figure was slightly modified from one in [2]. Note that various security threats are scattered around the server sideas well as the client side.</p><p>ITU-T IPTV Focus Group. Section III analyses security issuesand mechanisms in a more generic viewpoint. Section IV intro-duces interoperable architectures for service and content pro-tection and its related scenarios proposed by ITU-T IPTV FocusGroup. We also discuss further open problems in Section V. Sec-tion VI concludes the paper with a discussion of the contribu-tion of the paper. The aim of this paper is to give both a generaloverview and in-depth discussions on some important securityissues and related protection systems for IPTV. Recent researchresults or technical details may be omitted for some parts.</p><p>II. SECURITY THREATS, REQUIREMENTS,AND POSSIBLE SOLUTIONS</p><p>A. Security Threats</p><p>This section describes a set of identified security threats ad-dressed by ITU-T IPTV Focus Group [2]. Prospective securitythreats can be classified into the following types: content se-curity threats, service security threats, network security threats,terminal device security threats, and subscriber security threats[2]. Fig. 1 shows the relationships among each of these threats.</p><p>1) Content Security Threats: This threat is mostly upon con-tent asset which belong to content provider, and can be con-sumed by the end-user via IPTV terminal device. The contentassets include real-time TV content, VOD content, PVR con-tent and downloaded applications, for example. Those contentassets are in danger of being attacked by crackers, professionals,insiders, and end-users in the form of interception, unauthorizedviewing and unauthorized reproduction or redistribution.</p><p>2) Service Security Threats: The service assets to be pro-tected include media servers, AAA (authentication, authoriza-tion, accounting) servers, service and content protection servers,content delivery network servers, and operational informationsuch as service logs and billing information. The types of ser-vice asset threats are as follows:</p><p> Infringement of copyrights of the programs which IPTVservice platform provided to the subscribers. For example,attackers can cause financial damage to the copyrightholders by downloading and distributing copyrightedcontents illegally.</p><p> Masquerading/spoofing IPTV service provider. For ex-ample, attackers can inject noise or unnecessary datainto the transmitted content for the purpose of derogatingthe reputation of the target IPTV service provider bydegrading the level of QoS.</p><p> Malicious threats aimed at the IPTV servers (AAA servers,media servers, etc.) may include the cracking aiming atsecurity leaks in application software or communicationprotocol, denial of service attack, etc.</p><p>3) Network Security Threats: The network assets to be pro-tected include network equipments (e.g. routers, switches, gate-ways, DNS server) and network resources (e.g. bandwidth, mul-ticast services, etc). The network threats are listed as follows:</p><p> Malicious attacks aiming at the network equipments orresources: attacks such as denial of service (DoS) to thebearer network or nodes in content distribution network.For example, attackers execute attacks such as TCP SYNFlooding, ICMP Flooding, Ping of Death, UDP Floodingand result in denial of service by exhausting the resourcesof the target of the attack.</p><p> Security threats to multicast components used in IPTVbearer network such as masquerading/spoofing multicastTV sources, or illegitimate multicast group members. Forexample, attackers can have unauthorized access to multi-cast routers and modify the routing table.</p><p>4) Terminal Device Security Threats: The terminal assets be-long to IPTV terminal device, by which the end user can use toconsume and store content and other service related informa-tion. The terminal threats are listed as follows:</p><p> Illegally accessing clear content by tampering devicehardware or software. For example, clear contents can be</p></li><li><p>HWANG: CONTENT AND SERVICE PROTECTION FOR IPTV 427</p><p>copied by bus data interception or SCP software cracking.The term of SCP (service and content protection) meansall the security and protection mechanisms for content andservice in IPTV.</p><p> Illegally accessing keys or other secret information in de-vices using software cracking or hardware tampering. At-tackers can tamper the device memory or analyse the dataflow to obtain the keys and other secrets. Content key ex-posure results in content leakage and device key leakageleads to device impersonation.</p><p> Device malfunctioning by hardware methods, such as con-trol of the device clock system to disable the functions ofthe SCP/CAS (conditional access system), or by softwaremethods, such as installation of viruses to exhaust the de-vice resources.</p><p> The unauthorized applications (such as software pro-grams) were downloaded, run and stored in terminaldevices. With the help of these applications, the users canhave unauthorized access to the channels which are notpaid by them.</p><p> The failure of the terminal equipments (hardware and soft-ware) caused by malicious codes/viruses from the net-work.</p><p> The unauthenticated terminal devices connecting to thehome network.</p><p>5) Subscriber Security Threats: The subscriber assets to beprotected include assets, which belong to subscriber and con-sist of information about the subscriber (or subscriber house-hold), and his/her transactions, etc. One example of the sub-scriber threats is the theft of the subscribers private informa-tion such as subscription, billing, and identity information (e.g.login ID, password, address, viewing history and preferences)by malicious programs, such as Trojan horses.</p><p>B. Security Requirements and Possible Solutions</p><p>This section describes a set of security requirements whichwere drawn from the analysis of the above security threats [2].The requirements are divided into five requirements: content se-curity, service security, network security, terminal security, andsubscriber security. As Fig. 2 shows, the IPTV services consistof four entities including content provider, service provider, net-work provider and customer.</p><p>1) Content Security Requirements and Possible Solutions:The IPTV architecture is required to support content protectionwhile in transit, or in storage, or in re-distribution, and combi-nations thereof.</p><p>Traditionally, digital rights management (DRM) technologieswere developed to prevent users from unauthorized copying ofdigital content, to control the use of digital content, and furtherto enable the development of digital distribution platforms onwhich innovative business models can be implemented [3].They were originally intended to protect downloaded content,for example, mp3 audio files, at the end users PC environ-ment. As broadband network establishes and more demandfor audiovisual content increases, a need for the protection ofstreaming content emerges. Although research on VOD unicaststreaming DRM has been done actively, DRM research in a</p><p>Fig. 2. Service entity and security [2]. This figure shows the relationships be-tween the five security requirements and service entities.</p><p>multicast streaming environment has been partly done by a fewcompanies, whose approaches are very limited. Therefore wehave a strong need to develop DRM functions considering thefeatures of a multicasting service environment: large numberof user groups, real-time service requirements, support of a livestream, frequent changing of channels, and size dynamics ofusers joining/leaving channels at a particular time.</p><p>Another issue with DRM is that the existing DRM systemsare not interoperable at all. Until now, a lot of standardizationefforts toward DRM interoperability have been developed, butdoes not seem to make a big progress. The following shows abrief skim of the main activities towards DRM interoperability.Research and standardization activities are still under way. Wenote that most schemes except for OMA do not seem to bewidely used in the industry.</p><p> Full-format interoperability (e.g., DMP [4], OMA [5])This approach has been adopted by most DRM standard-ization organizations and vendors. It seems to be one of themost complete ways of providing interoperability at firstglance. In fact, this approach has been successful at thelevel of particular application areas or systems. It seemshard, at least in the real world, for multiple vendors or or-ganizations to agree on a specific DRM scheme. Unlike thisapproach, MPEG has a totally different approach.</p><p> Building block-based interoperability (e.g., MPEG 21 [6])MPEG does not try to standardize the DRM itself. Rather itthinks DRM themselves (which they call DRM tools) arehard to standardize. Therefore it focuses on the interfacesbetween DRM modules and their surrounding terminals.Under the assumption that all the terminals and applica-tion players can access to all the DRM tools (authentica-tion, encryption/decryption, watermark, and so on) as nec-essary, the approach is to search/download and use the ap-propriate tools when...</p></li></ul>