Marlin DRM Exploits Concern Over OTT Security Fragmentation

The announcement last month by the Marlin DRM group of support for enhanced content protection conforming with industry standard specifications for ultra HD would have created only a ripple a few years ago.

But the proliferation of OTT services distributed over the Internet and associated need to reach different device categories has revived interest in the Marlin DRM which was after all developed from the outset for broadband networks. As service providers now have to cope with several proprietary DRMs the prospect of converging around just one is increasingly appealing.

Of course, on the face of it, Marlin is yet another DRM to support but the company that was one of its founders and has based many of its security products on it, Intertrust, has developed a multi-DRM approach. So as well as supporting Marlin, Intertrust’s Universal DRM embraces the big three of Apple FairPlay, Google Widevine and Microsoft PlayReady, as well as Adobe Access, which is fading from the market. There are also multi-DRM offerings from the major CA vendors such as Verimatrix and Nagra, which all eliminate the need to distribute multiple versions of protected assets and helps address the diverse device landscape. As Intertrust CEO Talal Shamoon, pointed out, multi-DRM stacks allow operators to select the license most appropriate for each target device.

This raises the question of why chose Intertrust’s Universal DRM, which is part of its ExpressPlay portfolio, rather than one of its CA rivals. Shamoon argues that service providers would like to adopt a standard DRM because they are fed up with having to implement proprietary DRMs even though they know they have to do so in the real world. “If you’re a service provider you want something immune to a proprietary agenda, but you also want to support native licences for devices like iPhone,” said Shamoon. The argument here is that service providers would then use Marlin where they can.

Service providers service are fed up having to implement proprietary DRMs, according to Intertrust CEO Talal Shamoon.

Service providers service are fed up having to implement proprietary DRMs, according to Intertrust CEO Talal Shamoon.

Marlin was introduced as an interoperable DRM in 2005 by the Marlin Developer Community, founded by five companies, Intertrust, Panasonic, Philips, Samsung and Sony. Intertrust in turn had been established earlier by those other four founders, which partly explains why Marlin has enjoyed much wider adoption in the Far East than elsewhere.

This includes Japan, where it was adopted as the national IPTV standard in 2007 and deployed by web portal Actvila at the same time, as well as China where Huawei Technologies has licenced it as well as some consumer services such as Baidu-owned iQIYI and PPTV.

Marlin has also enjoyed scattered successes elsewhere, especially Europe, being the DRM for the Italian Internet TV services platform developed by the Tivu consortium, as well as for TNT 2.0 specifications from the HD Forum in France. In the UK Marlin was adopted for the YouView hybrid set top box used for services from BT and TalkTalk as well as being sold separately. It is also used for the UltraViolet digital rights authentication and cloud-based distribution system developed by the Digital Entertainment Content Ecosystem (DECE), but that has rather fallen by the wayside. Most recently Panasonic, one its founders, has promoted Marlin for delivery of inflight entertainment.

Inflight entertainment system.

Inflight entertainment system.

Marlin has seen little penetration in the Americas but these other deployments have sustained development so that now Intertrust is convinced the time for a second wave of expansion has arrived. This is one reason for the interest in the announcement of a compliance and robustness (C&R) framework around Marlin for enhanced content protection (ECP) of Ultra HD content. As the weekly analysis site Faultline Online Reporter published by Rethink Technology Research pointed out, C&R helps satisfy premium content owners by enforcing rules over trust on chipsets and associated hardware-based trusted environments. C&R is associated specifically with DRMs and defines what they should do when handling content access and playback on the client device. The most significant enhancements in C&R for ultra HD are in support for forensic watermarking and execution of content protection logic in hardware-based trusted execution environments (TEE). Content processing is then only allowed to take place in a secure video path (SVP) rooted in the TEE and a hardware root of trust.

Let us know what you think…

Log-in or Register for free to post comments…

You might also like...

Verimatrix Looks for Content Security Converts on Back of AWS API Integration

Verimatrix is seeking to win major customers in broadcasting and pay TV on the back of API integration of its MultiRights OTT multi-DRM with Amazon Web Services (AWS). As AWS continues its strong advance into video services by claiming some…

DPP - The Live Explosion

Away from traditional broadcasting a revolution is happening. Live internet streaming is taking the world by storm with unprecedented viewing figures and improved accessibility for brands looking to reach better targeted audiences. The Live Explosion, hosted by the DPP in…

EBU Teams Up With Digital Production Partnership Over Mastering and Security

The EBU (European Broadcasting Union) has struck a partnership with the Digital Production Partnership Ltd (DPP), a UK based business change network, to promote open standards for interoperability between all components of the video cycle as the industry continues its…

Samsung Gains First Pay TV Customer for Smart TV Security Dongle

Samsung has announced Germany’s HD+ satellite service as the first customer for the TVkey security USB dongle developed in partnership with content protection technology vendor Nagra. The dongle works in conjunction with a chip in Samsung’s latest smart TVs…

EBU Calls on Broadcasters and Technology Vendors to Strengthen Cyber Security

The EBU (European Broadcasting Union) has called on broadcasters and their technology suppliers to work together over cyber security and adopt best practices already available or evolving in the IT world. The organization representing broadcasters across Europe and in many…