๐Ÿ”ฅ๐Ÿ”ฅ Donโ€™t Miss Out on Our End of Autumn Sale. If you have any questions, feel free to click the bottom right corner to contact our customer service..

Concat us[email protected]
Shopping Cart

No products in the cart.

๐Ÿ”
BS IEC 62766-7:2017:2018 Edition

BS IEC 62766-7:2017:2018 Edition

$215.11

Consumer terminal function for access to IPTV and open internet multimedia services – Authentication, content protection and service protection

Published By Publication Date Number of Pages
BSI 2018 108
PDF Format Searchable Printable Preview Now
Guaranteed Safe Checkout
Categories: ,

If you have any questions, feel free to reach out to our online customer service team by clicking on the bottom right corner. Weโ€™re here to assist you 24/7.
Email:[email protected]

This part of IEC 62766 specifies functions for content protection, service protection, service access protection, user identification, user authentication, and user authorisation.

The following clauses contain features for which the criteria that determine under which circumstances these features are implemented are out of the scope of the present document or contain conditional normative statements referring to other parts of IEC 62766:

  1. 4.2 Terminal-centric approach

  2. 4.2.5 Protected file formats

  3. 4.2.6 Protection of MPEG-2 transport streams

  4. 4.3.4 CI+ based gateway

  5. 4.3.4.7 Protected streaming and file formats

  6. 4.3.4.8 Personal video recorder

  7. 4.3.4.9 Time shifting

  8. 4.3.5 DTCP-IP based gateway

  9. 4.3.5.6 Protected streaming and file formats

  10. 5.4.4 HTTP digest authentication using IMS gateway

  11. 5.4.5 GBA authentication using IMS gateway

NOTE GBA authentication can be achieved using either the mechanism in 5.4.5 GBA authentication using IMS gateway or the, more general, mechanism in 5.4.4 HTTP digest authentication using IMS gateway. 5.4.4 allows the use of different authentication mechanisms in a way that is transparent to the OITF, including possible future authentication mechanisms, and should preferably be used. It is expected that 5.4.5 GBA authentication using IMS gateway will be deprecated and removed in future versions of this specification.

PDF Catalog

PDF Pages PDF Title
2 undefined
4 CONTENTS
8 FOREWORD
10 INTRODUCTION
11 1 Scope
2 Normative references
13 3 Terms, definitions and abbreviated terms
3.1 Terms and definitions
15 3.2 Abbreviated terms
17 4 Content and service protection
4.1 General
4.2 Terminal-centric approach
4.2.1 General
18 4.2.2 Interfaces for CSP and CSP-T server
Figures
Figure 1 โ€“ CSP-T system overview
20 Figure 2 โ€“ Node acquisition sequence
22 Figure 3 โ€“ Link acquisition sequence
24 Figure 4 โ€“ Deregistration sequence
26 Figure 5 โ€“ Licence acquisition sequence
27 4.2.3 Protected content usages
28 Figure 6 โ€“ Licence evaluation sequence
29 Figure 7 โ€“ Scramble key decryption sequence
30 4.2.4 Content encryption
Figure 8 โ€“ Content on demand encryption sequence using content key(for (P)DCF OMArlin or Marlin IPMP Marlin FF)
Figure 9 โ€“ Content on demand encryption sequence using content key (for MPEG-2 TS)
31 4.2.5 Protected file formats
Figure 10 โ€“ Scheduled content encryption sequenceusing scramble key (for MPEG-2 TS)
32 4.2.6 Protection of MPEG-2 transport streams
Figure 11 โ€“ Conditional access descriptors signalling ECM and EMM messages
34 Tables
Table 1 โ€“ Recording Control access_criteria_descriptor
Table 2 โ€“ Bit assignments of recording_control_information_byte
Table 3 โ€“ DNR and DNTS combinations
35 Table 4 โ€“ Parental_Control_URL parameter syntax
36 4.2.7 Operation of Marlin technologies
37 4.2.8 DRM data
Table 5 โ€“ DRMControlInformation mapping for Marlin
38 Table 6 โ€“ DRMControlInformation mapping for Marlin simple secure streaming
39 Figure 12 โ€“ Outline of DRMControlInformationtype with MarlinPrivateData
Table 7 โ€“ MarlinPrivateData structure
40 Figure 13 โ€“ Outline of MIPPVControlMessage
41 4.3 Gateway-centric approach
4.3.1 General
4.3.2 Capabilities
4.3.3 CSPG-DAE interface
Table 8 โ€“ MIPPVControlMessage format
42 4.3.4 CI+ based gateway
Figure 14 โ€“ CSPG-CI+ overview
43 Figure 15 โ€“ CSPG-CI+ context
44 Table 9 โ€“ OIPF private_host_application_ID
Table 10 โ€“ SAS_async_msg() APDU syntax
Table 11 โ€“ Generic message_byte() syntax
45 Table 12 โ€“ OIPF specific messages and command_id values
Table 13 โ€“ OIPF specific datatype_id values
46 Table 14 โ€“ Mapping to DAE API or events
47 Table 15 โ€“ send_msg message data types
Table 16 โ€“ reply_msg message data types
48 Table 17 โ€“ resultCode and oipf_status mapping
49 Table 18 โ€“ parental_control_info message data types
50 Table 19 โ€“ oipf_access_status field and blocked attribute mapping
Table 20 โ€“ rights_info message data types
51 Table 21 โ€“ oipf_access_status field and errorStatte attribute mapping
Table 22 โ€“ system_info message data types
52 Table 23 โ€“ can_play_content_req message data types
Table 24 โ€“ can_play_content_reply message data types
53 Table 25 โ€“ can_record_content_req message data types
Table 26 โ€“ can_record_content_reply message data types
55 Table 27 โ€“ Scrambling modes
56 Table 28 โ€“ DRMControlInformation mapping for CSPG-CI+
57 4.3.5 DTCP-IP based gateway
Table 29 โ€“ HexBinaryPrivateData structure
58 Figure 16 โ€“ CSPG-DTCP overview
Figure 17 โ€“ Overview of involved reference points
60 Table 30 โ€“ CA_descriptor
62 5 User identification, authentication, authorisation and service access protection
5.1 General principles
Figure 18 โ€“ General message flow for service access protection and user authentication
63 5.2 Interfaces
5.2.1 General
5.2.2 HNI-INI
64 5.2.3 HNI-IGI
5.2.4 Common requirements
5.3 Service access protection
5.3.1 SAA co-located with service
65 5.3.2 SAA standalone
Figure 19 โ€“ SAA co-located with requested service
Figure 20 โ€“ Standalone SAA, redirection mode
66 5.4 OITF authentication mechanisms
5.4.1 HTTP basic and digest authentication
Figure 21 โ€“ HTTP basic and digest authentication
67 5.4.2 Network-based authentication
5.4.3 Web-based authentication
Figure 22 โ€“ Network-based authentication
68 Figure 23 โ€“ Web-based authentication with form
69 5.4.4 HTTP digest authentication โ€“ Using IMS gateway
70 Figure 24 โ€“ Initial procedure
71 Figure 25 โ€“ Authentication between an OITF and an SAA basedon HTTP credentials stored in IG
73 Figure 26 โ€“ Authentication between an OITF and an SAA based on GBA credentials
74 5.4.5 GBA authentication โ€“ Using IMS gateway
75 Figure 27 โ€“ Initial GBA registration
76 Figure 28 โ€“ Authentication between an OITF and an SAA based on GBA keys
77 5.5 IMS registration โ€“ OITF
5.5.1 General
5.5.2 Relevant functional entities and reference points
78 5.5.3 Prerequisites
Figure 29 โ€“ OIPF functional entities and reference points involved in IMS registration
79 5.5.4 SIP digest message flows
Figure 30 โ€“ SIP digest message flow interlaced into IMS registration
80 5.5.5 IMS AKA message flows
81 Figure 31 โ€“ User identification and authentication based on the IMS AKA procedure
82 5.6 Session management and single sign on
5.6.1 General
5.6.2 Cookie session
83 5.6.3 URL parameters
Figure 32 โ€“ Session management using cookie
84 5.6.4 HTTP authentication session
Figure 33 โ€“ Session management using URL parameters
85 5.6.5 SAML Web-based SSO
Figure 34 โ€“ HTTP authentication session
86 6 Forced play-out using media zones
Figure 35 โ€“ SAML Web-based SSO
88 Annex A (informative)Link of user authentication and DRM device authentication
Figure A.1 โ€“ User authentication for CSP, CSP-T server communication
90 Annex B (normative)XML schemas
B.1 General
B.2 XML schema for MarlinPrivateDataType structure
91 B.3 XML schema for MIPPVControlMessage format
B.4 XML schema for HexBinaryPrivateDataType structure
92 Annex C (informative)DRM messages used in DAE
Table C.1 โ€“ DRM messages used in the DAE
93 Annex D (informative)CSPG-CI+ usage examples
D.1 General
D.2 CSPG-CI+ initial power-on
D.3 CSPG-CI+ normal power-on
Figure D.1 โ€“ CSPG-CI+ first power-on
94 D.4 Live session example
Figure D.2 โ€“ CSPG-CI+ normal power-on
Figure D.3 โ€“ CSPG-CI+ live session example
95 D.5 Parental control management example
Figure D.4 โ€“ Parental control management example
96 D.6 No-rights event and purchase example
Figure D.5 โ€“ No-rights event and purchase example
97 D.7 VoD session example
Figure D.6 โ€“ VoD session example
98 Annex E (informative)CSPG-DTCP session setup sequence examples
E.1 General
E.2 Multicast streaming with SIP session management
99 Figure E.1 โ€“ Session setup sequence for multicast streamingwith SIP session management
100 E.3 Unicast streaming with SIP session management
Figure E.2 โ€“ CSPG-DTCP initiated teardown sequencefor multicast streaming with SIP session management
101 E.4 Unicast streaming with RTSP session management
Figure E.3 โ€“ Session setup sequence for unicast streamingwith SIP session management
102 E.5 HTTP streaming and download
Figure E.4 โ€“ Session setup sequence for unicast streamingwith RTSP session management
Figure E.5 โ€“ Session setup sequence for HTTP streaming and download
103 Annex F (informative)Embedded CSPG
F.1 General
Figure F.1 โ€“ Possible CSPG deployments
104 Figure F.2 โ€“ CSPG embedded in the same device as OITF
105 F.2 Application to simple and secure streaming
Figure F.3 โ€“ Simple and secure streaming with CSPG
107 Bibliography
BS IEC 62766-7:2017
$215.11