[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Security-Requirements: alternatives?

Title: RE: Security-Requirements: alternatives?
Hi Art,
 
Many thanks for your input:
 
********************
* Conditional access for digital TV broadcasting is one example that
exists today.  This system is optimised for TV broadcast services only,
and is not suitable for IP packet transmissions and difficult to
interwork with ULE.
AA> See ATSC A/70A. I strongly disagree with assertion about the
difficulty to interwork with ULE. The ULE can be put in a virtual
channel in the ATSC system and the standard directly applied.
*******************
 
I completely agree with you that  A/70A (Conditional Access System for Terrestrial Broadcast, Revision A) can interwork with ULE, where encryption is based on PIDs, which sometimes means bundling many IP flows with one PID.  In our draft (ULE requirements), we aim for more fine grain security and securing every IP flow individually and try to re-use existing work in the IETF on key management.
 
Accidentally reading through A/70A, it looks much better than the  DVB Conditional Access.  I personally do not have much faith in DVB Conditional Access (DVB CA): You might probably know that DVB CA has been surrounded by controversy for many years due to the spread of counterfeit smart cards.  For example, in late 1999, Italy was flooded with cheap counterfeit cards that enabled viewers use Canal Plus for free.  In March 2002 Canal Plus Group filed a  lawsuit against NDS Group, accusing it of cracking its digital television smart cards and putting the confidential information on the Internet.  Since then, I have not seen any major changes in DVB CA to cater for these challenges. 
 
Haitham
----
Dr. Haitham S. Cruickshank
Lecturer
Communications Centre for Communication Systems Research (CCSR)
School of Electronics, Computing and Mathematics
University of Surrey, Guildford, Surrey GU2 7XH, UK
 
Tel: +44 1483 686007 (indirect 689844)
Fax: +44 1483 686011
e-mail: H.Cruickshank@surrey.ac.uk
http://www.ee.surrey.ac.uk/Personal/H.Cruickshank/

From: owner-ipdvb@erg.abdn.ac.uk on behalf of Allison, Art
Sent: Thu 22/06/2006 20:02
To: ipdvb@erg.abdn.ac.uk; gorry@erg.abdn.ac.uk; Iyengar S Mr (CCSR); P.Pillai@Bradford.ac.uk
Subject: RE: Security-Requirements: alternatives?

See below.


_____________
Art Allison
Director, Advanced Engineering
Science & Technology
National Association of Broadcasters
1771 N Street, NW
Washington, D.C. 20036
Phone: 202.429.5418
Fax: 202.777.4981
aallison@nab.org

The National Association of Broadcasters is a trade association that
advocates on behalf of more than 8,300 free, local radio and television
stations and also broadcast networks before Congress, the Federal
Communications Commission and the Courts.

-----Original Message-----
From: owner-ipdvb@erg.abdn.ac.uk [mailto:owner-ipdvb@erg.abdn.ac.uk] On
Behalf Of H.Cruickshank@surrey.ac.uk
Sent: Thursday, June 22, 2006 2:09 PM
To: gorry@erg.abdn.ac.uk; ipdvb@erg.abdn.ac.uk; S.Iyengar@surrey.ac.uk;
P.Pillai@Bradford.ac.uk
Subject: RE: Security-Requirements: alternatives?

 Hi Gorry,

This issue has been addressed in the security draft.   Some text has
been added to section 5.1 to this effect:

Basically, in practice there are not many L2 security systems for MPEG
transmission networks.  Two major examples are:

* Conditional access for digital TV broadcasting is one example that
exists today.  This system is optimised for TV broadcast services only,
and is not suitable for IP packet transmissions and difficult to
interwork with ULE.
AA> See ATSC A/70A. I strongly disagree with assertion about the
difficulty to interwork with ULE. The ULE can be put in a virtual
channel in the ATSC system and the standard directly applied.

* Some other L2 security systems are specified in standards such the MPE
for DVB system . However, MPE security incomplete and there are no known
implementations of such security system.

* For DVB-S2 Generic Streams, where IP encapsulation could be similar to
ULE. The authors believe that ULE security format can be used for
Generic Streams as well.

We would like to ask the ipdvb WG if anybody knows any other existing L2
security systems that might be suitable for ULE.

AA> See ATSC A/70A for ULE when sent in conformance with ATSC Standards.

Haitham
----

Dr. Haitham S. Cruickshank

Lecturer
Communications Centre for Communication Systems Research (CCSR) School
of Electronics, Computing and Mathematics University of Surrey,
Guildford, Surrey GU2 7XH, UK

Tel: +44 1483 686007 (indirect 689844)
Fax: +44 1483 686011
e-mail: H.Cruickshank@surrey.ac.uk
http://www.ee.surrey.ac.uk/Personal/H.Cruickshank/



-----Original Message-----
From: Gorry Fairhurst [mailto:gorry@erg.abdn.ac.uk]
Sent: 22 June 2006 15:37
To: Cruickshank HS Dr (CCSR); ipdvb@erg.abdn.ac.uk; Iyengar S Mr (CCSR);
P.Pillai@Bradford.ac.uk
Subject: Security-Requirements: alternatives?

Haitham, I-D Authors, List,

One of the issues we need to be clear about in preparing for a WG
adoption of the security requirements I-D is the possible alternatives
that have been proposed/implemented in other standards organisations.

Could you summarise the methods that have been proposed for MPEG-2
transmission networks that provide equivalent L2 security functions, and
say which to your knowledge has actually have been implemented in
systems?

Thanks,

Gorry