Posts Tagged ‘android drm’

Hardware Assisted DRM

Tuesday, November 16th, 2010

Hardware and software working in tandem to create effective content protection for connected devices
Tandem Racer
There was never any doubt about a mobile device’s ability to display video, however the large screens and powerful processors of the new generation mobile devices (smartphones and tablets) offer the consumer a more compelling viewing experience than ever. Moreover, home entertainment devices (TVs, set-top boxes (STB) and DVRs) are increasingly connected to the Internet, opening up a host of new viewing options for TV viewers, outside of the cable operator’s walled garden.

These trends are disrupting the traditional relationships existing between subscribers and service providers. This so-called disintermediation is being felt in the market, with cable operators offering video services to mobile subscribers and mobile operators offering video-on-demand to TV subscribers. Content owners and studios are also modifying their approach by offering services directly to consumers, circumventing the incumbent service providers.

These changes in the market have created new content service providers who must now “prove” their ability to securely deploy premium content in order to gain the approval of the major studios. Content protection – or Digital Rights Management (DRM) as it is more commonly known – is most effective when deployed in conjunction with hardware-based security elements. Principally, the objective of the hardware assets is to hinder scalable attacks, i.e., attacks that allow distribution in the form of exploit code, allowing the service provider to achieve a level of security similar to STBs.

In particular, the hardware-based embedded security is used to protect key elements in the DRM, as follows:

Permanent key material and other permanent sensitive data, including group private keys, device keys, security management keys, metering data
This type of data can be classified as long-term, sensitive data that must be stored permanently in the device. The solution takes the form of an encrypted, integrity-protected secure storage facility. A hardware-based secure storage mechanism is based on an embedded root key that is unique per each device. In order to obtain the Root Key and access the sensitive data, the attacker must physically probe the main processor chip which often results in its destruction. In addition, any information obtained by the attacker is relevant only for that specific device. Physical probing must be repeated to access the sensitive data of another device. This endeavor is both expensive and impractical, and certainly not scalable.

Title related and short term keys (content keys, session keys)
Mobile devices are open systems that run applications from many sources, some of them untrustworthy. The main processor in a mobile device must be deemed part of the threat model since it may be executing malicious code – malware – and attempting to access the content and session keys during run time. This threat is mitigated by running the security critical code that handles these keys in a secure execution environment – a secure subsystem that is inaccessible to the main processor. This hardware-based subsystem cannot be compromised by software-based attacks.

Compressed content (plaintext content before decoding)
Compressed content is output by the DRM client that runs in a secure execution environment and is sent to a codec for decoding and rendering on the output display and audio devices. As noted above, the main processor is deemed part of the threat model, so the compressed content cannot simply be copied from the secure execution environment to the main memory to the codec. In order to secure this interface, the DRM client must be tightly integrated with the codec. The hardware-based solution is to send the compressed content in an encrypted form to the codec. The codec decrypts and then decodes the content.

Thus the combination of hardware-based security working in tandem with a software client creates a robust and effective content protection solution.

No Comments

Does size really matter? What does the consumer expect from an iPad, TV and Smartphone?

Wednesday, May 5th, 2010

The success of devices like Apple’s iPad – which reached sales of 1 million devices in less than a month – indicates that mobile devices have crossed into the living room. Conversely, the sheer volume of content available on mobile devices, indicates that the home stereo, TV and VCR have – so to speak – left the building. These seemingly conflicting different trends have massive implications for all stakeholders.

Two Worlds Collide It’s not only that Apple have brought a mobile device into the living room. Implicit in the usage of the device is the expectation of a typical mobile subscriber viz personalization, on-demand, multi-function etc. Using an iPad the subscriber defines his entertainment schedule, not the service provider, the cable operator or broadcaster. The subscriber gets to decide if the device is an eBook reader, a TV or computer. In this sense the iPad is merely a manifestation of a far larger trends, namely that of personalization.

On the other hand the user want to stay connected on the move, with access to the same content outside of the home. Electronic books, games, HD video and TV are all being pushed to the mobile device. The subscriber now gets TV via the internet, books from the MNO (or even the author) and videos directly from the studios. Mobility is only part of the picture, the larger story is a breakdown of the traditional value chain. And once these service providers have developed a direct relationship with the subscriber, for the same effort they can push the content to his iPad, Home Network, TV or any other connected device. Again mobility is just a manifestation of disintermediation – explained by Wikipedia as a term in economics meaning the removal of intermediaries in a supply chain or “cutting out the middleman” (for a good example of disintermediation – look no further than Wikipedia).

Disintermediation and personalization converge in the connected device. Packaged correctly they have the power to turn existing relationships upside-down and grant the user more freedom than ever before. Naturally as traditional subscriber relationships breakdown and content is pushed to different devices the implications for security and content protection are mindboggling.

Watch this space for more information, or should I say, don’t touch that dial….

No Comments

The Rise of the Smartphone & Need for Secure Open OS

Tuesday, May 4th, 2010

The smartphone segment of the mobile phone market is growing rapidly. Smartphones use a number of different mobile operating systems, known collectively as “open operating systems.” Initially dominated by Symbian and Windows Mobile, the latest figures give a significant share of the market to Apple’s iPhone OS, Android and Research In Motion (RIM). New open mobile operating systems such as LiMo, MeeGo – based on the Linux kernel, are also expected to gain significant traction. These operating systems differ in their user experience and feature set, yet they all enable the phone’s owner to install applications on the device. While the ability to download applications allows the end-user to use the device in ways he never believed possible, it comes with huge security risks. These risks are not limited to the individual subscribers, but extend to service providers and enterprises as well.

Click here to read about the risks posed to smartphones and the need for security in open operating systems: http://wirelessweek.com/Articles/2010/03/Devices-Secure-Open-OS-Smartphones/

No Comments

OMA DRM as the 1st Choice for Carriers and Service Providers Deploying E-book Services

Thursday, March 4th, 2010

E-book market is experiencing significant growth. Approximately four million electronic-book reading devices were sold last year. According to U.S.-based market intelligence firm iSuppli, number is expected to jump to 12 million in 2010 and 18 million in 2012 . Increasingly E-book readers are  equipped with a broadband mobile connectivity. For example Hanwang Science released a 3G e-reader capable of connecting with China Mobile Ltd.’s network, a feature that enables users to access the Internet and to download books. Other examples of e-book readers that include a cellular connection can be seen here

http://gizmodo.com/5365676/irex-dr800sg-ebook-reader-verizon-3g-bn-books-stylus-touchscreen
http://www.engadget.com/2009/10/29/asus-to-launch-3g-wimax-equipped-e-book-readers-by-march-2010/

OMA DRM is the most common content protection and access system in use today by mobile carriers. All forms of digital content including multimedia, ringtones, music, video and games are secured using the OMA DRM solution.

By expanding OMA DRM to protect E-book content mobile carriers can leverage their existing back end infrastructure and qualified workforce. Moreover as an open standard DRM scheme it enjoys the support of content owners and service provides alike. The scheme is robust and widely deployed, and supports all the required business models including:

  • Subscription
  • Time limited rental
  • Buy to own without sharing (forward lock)
  • Sharing with other users (super distribution)
  • Preview
  • Right to read on multiple devices (domains)
  • Usage metering and advertising funded models
  • Backup and recovery

No Comments

Discretix to Provide Android and Windows Mobile DRM Security for Sony Ericsson

Monday, February 15th, 2010

Discretix Multi-Scheme DRM Client Will Secure Subscription-Based Music and Video Services on Sony Ericsson Android and Windows Mobiles Phones.

FIRA de BARCELONA, SUITE 4.7HS22 / BARCELONA, SPAIN — (February 15, 2010) — Discretix, the leading global provider of embedded Windows Mobile and Android security DRM, today announced that Sony Ericsson has chosen Discretix’ Multi-Scheme DRM Client to protect distribution and consumption of multimedia content on select mobile phones and for its PlayNow services.

Discretix’ Multi-Scheme DRM Client has been deployed on select Sony Ericsson mobile phones based on the Windows Mobile and Android operating systems.  The embedded technology enables a wide variety of business models including subscription-based music and video services for the consumer market.

No Comments

Discretix Joins ARM Solution Center for Android

Monday, December 7th, 2009

Optimized for Android and already selected by several Tier-1 Mobile Device OEMs, the Discretix Multi Scheme DRM client ensures quick time-to-market for next-generation open source mobile and connected devices.

http://www.discretix.com/corporate/pr071209.html

No Comments

The need for content and platform protection and the “cost” of poor security

Thursday, November 12th, 2009

Recent reports indicate widespread pirating of iPhone games.

  • FRally Master Pro 95% piracy
  • Tap-Fu game 70% piracy

    • Piracy is a fact of life, however at these levels its places a massive question mark over the viability of mobile game developers. When properly implemented digital rights management (DRM) is effective in ensuring a sustainable business for the developer community, offering attractive usage models and encouraging the legal usage of the content.

    In order for DRM to be effective it must be incorporated into the device from the ground up. DRM needs to have a “root of trust” in the application processor hardware, moreover the DRM application must be tightly integrated into the device OS. The device firmware and OS should also be better protected, with verification mechanisms, deployed at boot and run time. These embedded security mechanisms together with secure execution environment, secure key storage and robust crypto engines will also limit “Jailbreak” attacks.

    It is estimated that the cost of fixing a security problem grows by a factor of 10 for each successive phase of the product life cycle. While eliminating security breaks entirely is close to impossible, designing security into the system from the start creates a solution that is far more effective and ultimately significantly cheaper in the long run.

    No Comments

    iPhone doesn’t neither does Droid

    Monday, November 9th, 2009

    Verizon are doing level best to expose the weaknesses of the iPhone in the current “droiddoes” campain. Both the Apple iPhone and Motorola Droid devices are packed full of features, but both do not do security. The ability to install applications on the device – something common to all smartphones – comes with huge security risks, for individual subscribers, service providers and enterprises.

    Limiting subscribers to downloading applications from approved app stores, certainly mitigates some of the risk. However there are several well known and freely available cracks online that will effectively bypass almost any restrictions and protection mechanisms.

    Just in case the simple man on the street felt he had nothing to lose, vulnerabilities of the operating system pose other threats, placing the end-user at risk. Viruses and the trojan horse can reveal and/or modify personal information. These viruses can grab personal payment information such as credit card numbers, illegally obtain contact information from our private phone book stored on the mobile phone, and access our home network using a mobile device’s WiFi capabilities.

    As smartphones become more prevalent and entrenched in our work and home lives, their security requirements increase as well. Without such safeguards in place, people will never feel safe using smartphones, thereby preventing these powerful innovations from ever reaching their full potential.

    No Comments

    Welcome to Discretix’ Blog dedicated to embedded security

    Tuesday, October 27th, 2009

    Since Discretix was founded the world of embedded security has evolved and grown in ways that few thought possible. Embedded security cuts across a wide spectrum of markets, playing a critical role in their development.  As the market continues to evolve at a rapid pace, this blog will allow us to share relevant information, news and announcements with our customers and partners. We welcome your feedback and comments and look forward to being part of a productive dialog about the issues facing our industry.

    No Comments