The Marlin interoperable DRM has been in almost perpetual limbo since its foundation in 2005, but has just refused to die and now there are signs that it may even come back to life in the era of OTT, hybrid services and UHD. At around the same time Coral emerged as an alternative approach facilitating interoperability between existing DRMs rather than proposing a new universal one, but that did die in December 2012 when the umbrella consortium was finally dissolved. That never gained much traction at all despite sharing many of the same backers, including Intertrust itself.
Given that Marlin, the organization, was founded by Intertrust, its two owners, Philips and Sony, as well as Panasonic and Samsung, it was perhaps not surprising that it has enjoyed greatest take up in the Far East, especially Japan. Marlin was adopted as the national IPTV standard for Japan in 2007 and was deployed by web portal Actvila at the same time, which was backed by Hitachi, Panasonic, Sharp, Sony, and Toshiba, all contributing internet-enabled TVs. Sony then used Marlin in its PlayStation Network to enforce rights for sharing purchased or rented content on PS3, PS4 and PSP systems after download. Philips also stepped in by implementing Marlin within its Net TV service.
Marlin also enjoyed a few successes in Europe, being chosen as the DRM for the Italian internet TV services platform developed by the Tivu consortium, in France for the TNT 2.0 specifications from the HD Forum and in the UK by the YouView open connected platform which has been adopted by BT. But the only other notable scalp was the UltraViolet digital rights authentication and cloud-based distribution system developed by the Digital Entertainment Content Ecosystem.
While these various successes have kept the Marlin flame flickering, most date back at least a few years and meanwhile the DRM world has crystallized around the big three browser owners, of Apple’s FairPlay, Microsoft’s PlayReady and Google Widevine. It therefore became important for platforms and services that want to reach the vast majority of target devices to support all three, plus perhaps until recently at least Adobe Access. In the case of Widevine and PlayReady this can be achieved through Common Encryption (CENC) and MPEG-DASH, which both support, enabling content to be encrypted and packaged just once and then decrypted via either of the two DRMs. FairPlay on the other hand uses the SAMPLE-AES encryption and Apple’s HLS packaging, so content does still need to be encrypted and packaged twice to achieve widespread reach.
Over the last few years video content security has expanded beyond its roots in CA (Conditional Access) and DRM to become increasingly entangled with other aspects of video service delivery, especially analytics and monetization. This is partly because security systems themselves are valuable sources of audience and service data but also reflects the rising prominence of privacy and compliance. The other factor is the emergence of content redistribution over the internet as a major medium for piracy, coupled with forensic watermarking as an essential component in tracing illicit streams quickly back to their source.
This has led to development of larger packages that have multi-DRM support at their core but have built upon this to converge with CA and add all those other components to create a complete video service package. Traditional CA vendors, notably Irdeto, Kudelski’s Nagra and Verimatrix, have come in with such packages in the hope of compensating for declining margins in their traditional business, while Intertrust is also competing with various offerings built around Marlin.
In fact, Intertrust was early off the draw with its cloud-based ExpressWay DRM around 2014, which is now the brand enveloping the underlying Marlin technology in various guises. This was enhanced, or hardened, in April 2015 with a hardware-based extension to support UHD content and meet MovieLabs’ specifications, including a licensing framework that is supported by major content providers. This may have been ahead of its time but has helped re-establish Marlin as a force, even if it is under a new brand so that customers may be unaware they are using it.
Fast forward to IBC 2017 and Intertrust was more in evidence than for some years, parading its latest ExpressPlay CA, a CAS for smart devices designed to play alongside ExpressPlay DRM in hybrid services. Both share the same content protection engine originally developed around Marlin, blurring further the distinction between CA and DRM.
Intertrust now has four modules under the ExpressPlay portfolio, starting with the Universal DRM, which supports Adobe Access, Apple FairPlay, Google Widevine, Microsoft PlayReady and its own Marlin. Like its counterparts from the CA vendors, this eliminates need to distribute multiple versions of protected assets and helps address the diverse device landscape.
The ExpressPlay CA then provides card-free CAS capabilities using the same Marlin DRM technology developed for broadband DRM. Then another recent addition is ExpressPlay Audience, which was inspired by the Marlin model of directed graphs connecting users, devices and services. The idea of the original graph was to help with design of DRM implementations through an intuitive approach, where in effect the high-level logic design flows straight into the lower level system specification comprising permissions associating services, users, devices, locations and times of day.
This customer data platform then exploits Intertrust’s graphical Personagraph consumer data platform, allowing analytics, device graphs, and retail or marketing technology functions to be deployed within the secure Marlin approach. The fourth module, ExpressPlay Ads, then builds on the third to allow insertion of personalized ads into protected content streams on mobile, TV, and web platforms. This supports both server-side and client-side ad insertion technology to reach the Marlin constellation of devices.
The latest development might sound rather academic, the announcement of a compliance and robustness (C&R) framework around Marlin for enhanced content protection (ECP) of Ultra HD content. The point about this, three years after Intertrust’s first foray into UHD protection, is that it helps satisfy the premium content owners by enforcing rigorous rules over trust on chipsets and associated hardware-based trusted environments.
C&R is associated specifically with DRMs and really amounts to the system specification, defining clearly how it should behave in all conceivable situations relating to how content is handled at the client end. It must be capable of handling audio and video either separately or as integrated parts of an AV stream for example. It must be able to enforce restrictions over what devices the content can play on and under what circumstances. As Jack Lacy, SVP Standards and Technology Initiatives at Intertrust, told us, the C&R enforce the ECP requirements, some of which have changed radically for UHD content. “The most fundamental changes embodied in the enhanced content protection specifications and technical requirements are the requirement that content protection logic be executed in hardware-based trusted execution environments (TEE) and that content processing occur only in a secure video path (SVP) rooted in the TEE and a hardware root of trust,” Lacy stressed.
Other recent additions include provision for watermarking, where MovieLabs rules would stipulate that the implementation incorporating the DRM must not interfere in any deliberate way with the marks. However, legitimate operations such as zooming and cropping must be allowed, even at risk of interfering with the marks – it is up to the watermark technology developer to ensure that they are robust against such transformations.
Each DRM has a C&R set and it is quite a long document even before adding new provisions for UHD, PlayReady’s, for example, running to 78 pages. It is worth reiterating that the DRM is only part of the picture and so the C&R rules do not and cannot ensure all aspects of ECP as defined originally by MovieLabs and subsequently enhanced in the light of UHD evolution, such as the development of HDR specifications.
Aspects that do relate to the DRM include limiting security compromises as far as possible to the platform on which they occurred. The ECP specifies that a system playing UHD content must be able to bind the ability to decrypt a license key to a particular device, whether this is a host or storage system. License keys should be encrypted in such a way that they cannot be decrypted without the keys of the individual device for which the license was issued, which is very much in the domain of the DRM.
Another key change relevant for the DRM highlighted by Lacy are new constraints over output to enhance security, notably that they must conform with HDCP (High-bandwidth Digital Content Protection) 2.2, or future versions of this. HDCP 2.2 is designed to prevent illegal copying of Ultra HD content and it will cause non-complaint devices to fall back to normal full HD.
However, other aspects such as software diversity apply to the whole platform and not just the DRM. The idea here again is to restrict attacks to the local system or service where they took place by making it unlikely they would work elsewhere because software is implemented differently.
All the major DRM providers are naturally working on UHD support but Intertrust has now put a firm stake in the ground for Marlin, or rather ExpressPlay as we must now call it.