SmartRight™ 1 THOMSON multimedia 2001 ©28 November 2001 Copy Protection System for Digital Home Networks Deployment process CPTWG – November 28, 2001

SmartRight™ SmartRight™

1 THOMSON multimedia 2001 © 28 November 2001

Copy Protection System for Digital Home Networks

Deployment process

Copy Protection System for Digital Home Networks

Deployment process

CPTWG – November 28, 2001 CPTWG – November 28, 2001

SmartRight™SmartRight™

228 November 2001THOMSON multimedia 2001 ©

Agenda

Update on SmartRight progress and support from the industry DVB-CP call for proposals State of development

SmartRight business deployment



SmartRight’s answer to the DVB-CP CfP

Thomson proposed SmartRight as an answer to the DVB-CP CfP, together with many partners:

SmartRight clearly meets all DVB-CP specifications



State of development

Specifications 0.84 Global framework Protection mechanisms, protocols, and key management Algorithms IEEE1394 commands, ISO7816 commands

Prototype Network simulator software with real smart cards, shown at last CPTWG meeting

PC based platforms: December 2001 Embedded platforms (CE devices): 2Q2002



Potential deployment

Cost effective solution Off-the-shelf chip set SmartRight-compliant CE devices targeted for 2003



SmartRight business deployment

SmartRight Association

SmartRight Licensing Administration

SmartRight Key Management Center

What follows is a draft proposal to be discussed and finalized

with SmartRight early partners



SmartRight AssociationSmartRight Association

SmartRight Association & LA

Founding/core Technology members

Founding/core Technology members

Advisory groups (Content industry,

Broadcasters)

Advisory groups (Content industry,

Broadcasters)

SmartRight KeyManagement Center


SmartRight “CheckPoints”


Specification, and Logo licensing

smartcards Personalization


Content providers

Content providers

Content distributors

Content distributorsCE / IT

manufacturers

CE / IT manufacturers

Chip/module manufacturers

Chip/module manufacturers

CA / DRM providers

CA / DRM providers

Licensees

Certified keys

smartcards manufacturerssmartcards

manufacturers

Patents licensing

SmartRight Licensing

Administration

SmartRight Licensing

Administration

Essential patents holders

Essential patents holders



SmartRight Association: Mission Statement (1/2)

Develops / maintains SmartRight specifications

Controls the creation and distribution of certified keys to entities in charge of personalization of security modules (smart cards):

This task may be subcontracted, through an open tender

Insures devices’ compliance with SmartRight specifications and security requirements


Collects SmartRight fees and pays for SmartRight smart cards



SmartRight Association: Mission Statement (2/2)

Defines renewability / revocation rules

Checks that the system is not hacked (alarm ring)

Drives corrective actions in case of hacking (smart cards replacement / revocation)

Controls a network of CheckPoints (retailers and other distribution points) for smart cards replacement:


Licenses SmartRight specification and logo



SmartRight Association Revocation Policy


Revocation committeeReports from Alarm Ring

Revocation criteria may include:• Threshold of hacked Personal Private Networks• Threshold of clones of one smart card• Threshold of illegal copies of a piece of content by the same hack• Other types of hacks that are deemed worth a revocation

Launches the revocation process if the revocation

criteria are met



SmartRight Association Renewal Policy


Renewal committee

Renewal criteria may include:• Threshold of losses due to content piracy because of a breach in the SmartRight system

• A trade-off between the amount of losses and the cost of implementing a corrective action

Development of a new version of the system Deployment of a new system, incl. distribution of new smart cards

• Availability of a technical solution enabling a new and more secure version of the system

Launches the renewal process if the renewal criteria are met



SmartRight smart card distributionINITIAL smart cards

For other devices, the SmartRight card is packaged with device by manufacturers

SmartRight functionality included within CA/DRM card

PayTV / Internet service provider controls the distribution of the cards as usual



SmartRight Association

CA / DRM

SmartRight Checkpoints

SmartRight smart card distributionRENEWING smart cards

Launches renewal process



Association’s sub-contractor:SmartRight Key Management Center

SmartRight Association normally responsible for the tasks described hereafter

But, for organizational and/or economic reasons, it may decide to subcontract them to a SmartRight Key Management Center

One or several Centers per region (e.g. the USA, Europe, Asia),

The SmartRight system is likely to have technical differences according to the standards in force in each region.



Key Management Center’s functions




Control


centers


centers



Smart cards manufacturersSmart cards

manufacturers CE / IT manufacturers

CE / IT manufacturers

CA / DRM providers

CA / DRM providers

1 Manage secured keys

2 Provide authorizations and certificates for personalization

3 Provide compliance test services

4 Manage smart cards’ life cycle

5 Manage an a posteriori database to control renewal process



Control of the renewals Unique ID per smart card – not registered

No a priori database

SmartRight Checkpoints equipped with “terminals”

SmartRight terminal

“old” “new”

“New” card gets consumer’s network key from “old” card

Ability to read “old” content

Off-line operation

Checkpoint control: number of “new” cards distributed equal to number of “old” cards collected



Control of the replacements and other particular cases

Under the control of the SmartRight Association

SmartRight terminal

On-line operation, connected to SmartRight database

Each operation is logged in the database ! Alarm if operation different from pre-defined usage patterns, e.g.

Same consumer “losing” card too often Same network card in different places, from different consumers …

Active security Similar to mobile phones security models



Smartcards Life Cycle EventsCREATION

Smart card manufacturer

CE device manufacturerCA/DRM provider



Smartcards Life Cycle EventsREPLACEMENT

SmartRight Checkpoint

… replaced by a new one, with the same characteristics

Non-working, lost, destroyed card…



Smartcards Life Cycle EventsENHANCEMENT

SmartRight CheckpointA card is exchanged for a card with

extended features compared to the regular card, but with the same SmartRight version

e.g. when some changes in the consumers’ life, such as marriage or divorce, require

modifications in the topology of the network



Smartcards Life Cycle EventsREVOCATION

A card or a targeted set of cards must be disabled (invalidated)

SmartRight Association’sRevocation Committee



Smartcards Life Cycle EventsRENEWAL

All the cards of a region are exchanged for new ones, with a

new version of SmartRight

SmartRight Association’s

Renewal Committee

SR V1

old cards

SR V2

new cards

SR V2

New version of SmartRight

SmartRight Checkpointor CA/DRM



Contact names

Technical information: Eric DIEHL ([email protected])

Business information: Olivier LAFAYE ([email protected]) Solen JABOULET ([email protected]) Al BAKER ([email protected])

SmartRight™ SmartRight™

24 THOMSON multimedia 2001 © 28 November 2001

Thank you for your attention

This document is for background informational purposes only. Some points may, for example, be simplified. No guarantees, implied or otherwise, are intended

Documents

SmartRight™ 1 THOMSON multimedia 2001 ©28 November 2001 Copy Protection System for Digital Home Networks Deployment process CPTWG – November 28, 2001