Marlin DRM Exploits Concern Over OTT Security Fragmentation

The announcement last month by the Marlin DRM group of support for enhanced content protection conforming with industry standard specifications for ultra HD would have created only a ripple a few years ago.

But the proliferation of OTT services distributed over the Internet and associated need to reach different device categories has revived interest in the Marlin DRM which was after all developed from the outset for broadband networks. As service providers now have to cope with several proprietary DRMs the prospect of converging around just one is increasingly appealing.

Of course, on the face of it, Marlin is yet another DRM to support but the company that was one of its founders and has based many of its security products on it, Intertrust, has developed a multi-DRM approach. So as well as supporting Marlin, Intertrust’s Universal DRM embraces the big three of Apple FairPlay, Google Widevine and Microsoft PlayReady, as well as Adobe Access, which is fading from the market. There are also multi-DRM offerings from the major CA vendors such as Verimatrix and Nagra, which all eliminate the need to distribute multiple versions of protected assets and helps address the diverse device landscape. As Intertrust CEO Talal Shamoon, pointed out, multi-DRM stacks allow operators to select the license most appropriate for each target device.

This raises the question of why chose Intertrust’s Universal DRM, which is part of its ExpressPlay portfolio, rather than one of its CA rivals. Shamoon argues that service providers would like to adopt a standard DRM because they are fed up with having to implement proprietary DRMs even though they know they have to do so in the real world. “If you’re a service provider you want something immune to a proprietary agenda, but you also want to support native licences for devices like iPhone,” said Shamoon. The argument here is that service providers would then use Marlin where they can.

Service providers service are fed up having to implement proprietary DRMs, according to Intertrust CEO Talal Shamoon.

Service providers service are fed up having to implement proprietary DRMs, according to Intertrust CEO Talal Shamoon.

Marlin was introduced as an interoperable DRM in 2005 by the Marlin Developer Community, founded by five companies, Intertrust, Panasonic, Philips, Samsung and Sony. Intertrust in turn had been established earlier by those other four founders, which partly explains why Marlin has enjoyed much wider adoption in the Far East than elsewhere.

This includes Japan, where it was adopted as the national IPTV standard in 2007 and deployed by web portal Actvila at the same time, as well as China where Huawei Technologies has licenced it as well as some consumer services such as Baidu-owned iQIYI and PPTV.

Marlin has also enjoyed scattered successes elsewhere, especially Europe, being the DRM for the Italian Internet TV services platform developed by the Tivu consortium, as well as for TNT 2.0 specifications from the HD Forum in France. In the UK Marlin was adopted for the YouView hybrid set top box used for services from BT and TalkTalk as well as being sold separately. It is also used for the UltraViolet digital rights authentication and cloud-based distribution system developed by the Digital Entertainment Content Ecosystem (DECE), but that has rather fallen by the wayside. Most recently Panasonic, one its founders, has promoted Marlin for delivery of inflight entertainment.

Inflight entertainment system.

Inflight entertainment system.

Marlin has seen little penetration in the Americas but these other deployments have sustained development so that now Intertrust is convinced the time for a second wave of expansion has arrived. This is one reason for the interest in the announcement of a compliance and robustness (C&R) framework around Marlin for enhanced content protection (ECP) of Ultra HD content. As the weekly analysis site Faultline Online Reporter published by Rethink Technology Research pointed out, C&R helps satisfy premium content owners by enforcing rules over trust on chipsets and associated hardware-based trusted environments. C&R is associated specifically with DRMs and defines what they should do when handling content access and playback on the client device. The most significant enhancements in C&R for ultra HD are in support for forensic watermarking and execution of content protection logic in hardware-based trusted execution environments (TEE). Content processing is then only allowed to take place in a secure video path (SVP) rooted in the TEE and a hardware root of trust.

You might also like...

Protecting Premium Content OTT & VOD Distribution - Part 2

Protecting high value media content is a major priority for any broadcaster working with OTT and VOD. In the previous article in this series we looked at the three challenges facing broadcasters and in this article we dig deeper into…

Protecting Premium Content OTT & VOD Distribution - Part 1

The complexity of modern OTT and VOD distribution has increased massively in recent years. The adoption of internet streaming gives viewers unparalleled freedom to consume their favorite live and pre-recorded media when they want, where they want, and how they…

TV Industry Can Claw Back $28 Billion Per Year From Sports Pirates

The TV industry, including pay TV operators, rights holders and new streaming providers, could recoup $28.3 billion a year from pirates by luring consumers back to legitimate video services.

MovieLabs Updates Enhanced Content Protection Specification

MovieLabs has released the latest Version 1.3 of its enhanced content security specifications for 4K, HDR and premium window content, with additional guidance on disabling debugging interfaces and handling security software updates.

The Sponsors Perspective: Protecting Content Is A Never-Ending Battle

For content providers (studios, content owners, content aggregators, or other content licensors) and their licensees (affiliates) operating in a multiplatform world - and pirates looking to obtain illegal access to the most popular content - it’s an unrelenting game o…