ECI * Activity Report

ECI Activity Report 2016

Chairman: Klaus Illgner, IRT

Established to produce technical specifications for content protection, specifically a software embedded common interface for Conditional Access (CA)/Digital Rights Management (DRM) solutions which will allow CA/DRM clients to be downloaded and to connect to this software interface

Service and content protection realised by CA and DRM are essential in the rapidly developing world of digital media broadcast and media delivered via broadband. Solutions on the market today encompass CA as well as DRM functionality. Most CA/DRM systems used for classical digital broadcasting, Internet Protocol television (IPTV) or new over-the-top (OTT) services bind proprietary security-related elements to consumer equipment. As a result, for example, consumer equipment configured for use in one network or platform cannot be used in another. Such ‘lock-in’ effects restrict the freedom of many players in digital multimedia content markets. In addition, device specifications differ not only by country, but also by platform. As a result, the consumer electronics market for digital TV is seriously fragmented. Consumers also expect to use media services on a variety of devices, including portable and mobile equipment, which the service provider needs to serve with minimum effort.

ETSI’s Industry Specification Group on the Embedded Common Interface for exchangeable CA/DRM solutions (ISG ECI) is specifying a framework for software-based, easy-to-change protection and rights mechanisms for the delivery and consumption of media content on several types of user equipment. The core of the concept is the ECI software interface to which CA/DRM clients can be attached after being downloaded to the device. Devices may support multiple clients in parallel. 

This will improve substantially interoperability between services and devices in the market. Greater flexibility and scalability is also anticipated due to the software-based implementation, leading eventually to cost reductions for both the service provider and the consumer. ISG ECI’s specifications will help foster market development by providing an open eco-system, while CA/DRM vendors will still be able to provide their individual solutions within an ECI client.

Throughout 2016, ISG ECI worked intensively on the multipart core Group Specification (GS). Part 3, which covers the CA/DRM container, loader, interfaces and revocation mechanisms, and Part 5-1 on advanced security, which deals with the ECI-specific functionalities which are necessary for re-encryption and export control, were both expected to be finished by mid-2017. Work also continued on the advanced security key ladder technology necessary to establish a secure key management and authentication mechanism and on the virtual machine (which will allow multiple clients to run in parallel on the same device). 

Further specification work will focus on a trust regime as well as a thorough security analysis of the complete system, resulting in GSs on trust environment, extended requirements, system validation and test cases. These specifications are important to ensure the end-to-end security of the whole system. An additional Group Report (GR) will provide implementation guidance concerning the ECI eco-system.