Keeping Your Streaming Assets Safe
DRM is a hot acronym; ignore it at the risk of your Internet economic future.
The potential benefits of Internet marketing and sales of media are already being realized, and with broadband implementation growing ineluctably, the chief impediment to complete commercialization of the Internet is no longer technology, but the absence of a ubiquitous way to protect digital property and profits.
While our concentration is on DRM for streaming media, this is actually only one part of the DRM puzzle: both the security of, and managing the marketing and distribution of downloadable data, constitute a much larger segment of the new industry, though there is a lot of crossover between the two areas.
A good example of a company concentrating on secure downloads is InterTrust Technologies Corp. Founded in 1990, InterTrust is the oldest player in this arena, and probably has the most comprehensive system for offering protection for all digital data, not just digital media. InterTrust installs an "InterRights Point," on a client's PC that does DRM processing, remotely managing the clients' digital rights. The InterRights point encrypts and stores protected information in a "DigiBox container" which a user's computer can download only if the computer has been set up as an InterRights Point that satisfies the provider's rules. The files in a DigiBox container are protected even after they're played, and the protection persists even if files are sent to another consumer. Potential consumers without InterRights Point software are prompted to get certified at the provider's site, thus allowing "superdistribution" of the media, yet providing persistent protection for the provider.
Exemplifying the business management aspect of DRM is Reciprocal Entertainment. Founded four years ago to function as a digital clearinghouse, Reciprocal creates and distributes permits that help track and control its clients' distribution of digital content.
Reciprocal's technology works by first allowing the provider to set the access rules and permit requirements a consumer needs to access the document. Permits can be free, traded for information or issued as part of a transaction. When a consumer downloads, the Reciprocal software checks the consumer's computer for a permit. If none exists, the user is prompted to buy one. Upon payment, the Reciprocal Digital Clearing Service sends the permit to the consumer, who can then view the media. An audit record is sent to Reciprocal, who uses it to generate tracking reports--including demographic and purchase data--and to distribute payments.
Streaming's Defense Mechanism
Some aspects of both of these schemes can work with both downloadable and streaming media, but streaming has its own demands, and there are companies specializing in it.
Streamed media has a certain level of built-in security: most commercial players don't save a streamed file to the user's disk. While this is enough to prevent the most casual of thefts, with only a somewhat greater degree of piratical ambition, anyone can build or download a custom player--called a "screen-scraper"--that saves whatever's displayed on the screen. Another way streamed material is purloined is by redigitizing the analog audio and video signals output through a sound/video card. Both these procedures render a degraded version of the original, but as bandwidth and technology improve the quality of streamed media, the product a pirate can grab will, in theory, improve as well. More sophisticated thieves, of course, can find ways to download the original files from a streaming provider's server, but this problem is shared by anyone with assets on an online server.
Probably the newest kid on the block is WideVineTechnologies (formerly Internet Direct Media, Inc.) Widevine concentrates exclusively on securing streaming media, not downloads, but includes a management function too. Early this month, Widevine introduced its streaming security solution, Cypher, designed to protect the provider's rights in all popular streaming technologies, remaining invisible to both provider and consumer. To accomplish this, Widevine puts its software into a hardware bridge that monitors any content streamed off a server and adds protection to each streaming file on the fly.
Founder Brian Baker said that the files Widevine secures can easily pass through all firewalls and other network impediments. The company also distributes a small software ‘shim' which is installed on the client side. "This shim handles both security and decryption. It works on the fly and is transparent to the user, processing each file uniquely each time it streams," says Baker."We can also monitor the client's performance and security via a 2-way channel the shim sets up." Baker adds, "This moves information about a transaction back to a file server or e-commerce server, allowing the content provider to conduct monitoring or micro-billing such as pay-per-minute or pay-per-view."
Only when the streamed file reaches the client computer does decryption occur, performed by software streamed with the file. This software monitors the client machine for attempts to hack the streaming file with screen-scraper technology. If such operations are detected, the widevine software shuts down the stream, preventing further hacking.
"Since our technology resides on small bridge between the media server and the network, we're outside the streaming servers themselves, we can be format-agnostic and can support anything streaming from any kind of server: Darwin, Apple QT, RealServer or anything else," says Baker.
Although its client negotiations are still under wraps, Widevine is in the process of securing business from large media studios, large hosting and network providers, and streaming services houses. Baker says this technology has, "major implications for media companies who are using the Internet for a broadcast medium and for corporations who use the Internet or an intranet for inter-company communications of material such as sensitive executive broadcasts, distance learning and other material."
A second approach is embodied by SecureMedia. According to founder and CEO Jack Oswald, when the company started, "we weren't focused so much on digital media, but on cryptography. We began concentrating on streaming media about two and a half years ago, but our cryptography background is still a basis for differentiating us from all the others. We come at it from the bit-scrambling approach."
SecureMedia has so far focused on working with RealServer applications but, Oswald adds, they could easily implement their technology with other formats. SecureMedia's approach is to encode the files to be streamed at the server, before streaming begins. Decryption occurs via a plug-in to the RealPlayer, which users can install when they go to the site of a provider who is a client of SecureMedia. Oswald says this prevents screen-scraping, since no screen-scraping player will have the plug-in. Furthermore, he pointed out that screen-scraping inevitably yields degraded copies, and a greater concern is pirates who "tap into the tcp/ip stack" and take a good digital copy. The SecureMedia plan ensures that all media at the digital level is encrypted.
Regarding piracy via the analog route, Oswald says, "We spent a good deal of last year talking with the technical executives of the five major networks making sure we knew their requirements," and they were unconcerned about this threat. He also made the point that the delivery platform of the near future will not be a computer containing a variety of piracy tools. "The media won't be available on a PC but for a home entertainment center that requires an authenticatable device engineered to protect rights of owners." The device will enable streaming into home entertainment systems. In light of this, Oswald believes the biggest threat of piracy will be people who build settop decoders," like the satellite decoders of today. They might use some device that lets people tune in for free."
The DRM device used by Vyou.com operates simply. It can work with all popular players, and if a user clicks outside of the streaming window, the media immediately stops streaming. This prevents casual, digital piracy, but does not extend to recording the analog output onto a connected device.
In addition to entertainment and other media streamed to the general consumer, Vyou focuses on valuable documents made available to specific customers for specific purposes. Vyou's Steve Landau, used the example of Charles Schwab, or some other financial institution that shows important material to a select audience. "This used to be done on paper handouts which were collected at the end of a meeting. It's trickier to do this on the Web," adds Landau.
Another danger Landau mentioned is that "some people can get to a server and take an original file if the path to the file is contained in the original streamed file, or they can get it with some kind of hijacker file." Vyou's technology is also designed to prevent this kind of release of an original file, as well as one released by the Vyou server.
Awaiting the Shakeout
Each approach in this new industry has its own strengths and weaknesses, and the inevitable shakeout has yet to occur. One of the most interesting and pervasive factors here is that all parties seem to dismiss piracy via the analog recording route. This may be due to the fact that the quality of streamed media today is not all that great. This means that any material that is streamed, converted to analog then reconverted to digital is bound to be a garbage-in-garbage-out victim, at least to some degree. Nonetheless, millions of dollars are now working furiously to change the weak link in this situation—the quality of the media as delivered, not the reconversion. And the moment that high-quality streaming makes the conversion process acceptable, it's a sure bet that pirates will be at work pumping streamed media from output port to input, creating pretty good digital copies of the original.
The movie studios and record companies believe the difference in quality between the original and this kind of copy is their safeguard. Still, people have historically embraced delivery systems from MP3 to small black and white TVs, to even smaller AM radios, despite the less-than-perfect reproduction quality of these media. If it turns out that the content, and not the media, is the message after all, we're in for interesting times.
Companies and Suppliers Mentioned