Windows Media Technologies

(1)

6/21/2007

Davide Rogai

- Phd student

Dipartimento di Sistemi ed Informatica - DISIT

Windows Media Technologies

The Next Media Wave

Windows Media Server

Windows Media Audio/Video

Windows Media Player

Windows Media Encoder

Windows Media DRM

Windows Media SDK

Better Together

(2)

6/21/2007 Sistemi Distribuiti, Univ. Firenze, Seminario. Dr. D. Rogai, ref. Prof. P. Nesi 3

Windows Media Ecosystem

Portable Devices

License

Clearinghouse

Authorization

Content Creation

Content Packaging

Processing

Distribution

Web Retailer

Download

Streaming

Acquisition

Home Devices

Business

Consumer

Transfer

Transaction

Windows Media

Encoder

Protect Compressed

Digital Work

Labels, Studios,

Publishers, …

Windows Media Rights

Manager SDK

Issue Licenses

Track Transactions

Solution Providers

“PD DRM”

WinCE Platform Builder

WM DRM for Devices

WM DRM for Networks

Transfer and Play

Protected Media

Hardware Vendors

Application Developers

Windows Media Format

SDK, Windows Media

Device Manager

Render Protected Digital

Work, Transfer to Devices

Windows Media

Encoder

Create intellectual

property, digital media

content

Artists

Windows Streaming

Media Server or Web

Server

Host & Distribute

Protected Digital Work

Solution Providers

Sample Applications For

WM Technology

z

Consumer Electronics Devices

{

Portable audio and video players

{

CD and DVD players and burners

{

Digital Media Receivers

{

Mobile Phones

{

Set Top Boxes

z

IC Manufacturers, Technology Suppliers

{

Chips with WM Codecs or DRM built in

(3)

Ultimate Streaming Experience

Overview

z

Benefit

{

Eliminates buffering delays

{

Optimizes the experience

z

Features

{

Fast Streaming

{

Improved packet recovery techniques

{

Improved multi-bitrate (MBR) audio/video

{

Bandwidth detection improvements

{

Support for standards-based protocols

{

Requires the 9 Series player to obtain benefits

Ultimate Streaming Experience

Standards-based protocols

z

RTSP, RTP, SDP, RTCP protocols

z

UPnP support for NAT/firewall traversal

z

Multicast streaming - IGMPv3 support

(4)

Dynamic Content Programming

Server-side playlists

z

Author using SMIL 2.0-based syntax

z

Personalize for the specific user

z

Execute (& enforce) on the server

z

Change the client experience dynamically

z

Utilize for both live and on-demand content

z

Provide playlist functionality to non-SMIL devices

z

Track user experience through extensible logging

infrastructure

Dynamic Content Programming

Personalized dynamic ad entries

Player

Publishing Point:

Name: Training

Path: c:\wmpub\wmroot

Windows Media

Services Server

mms://server/Training/NewCourses.wsx

1 c:\wmpub\wmroot\NewCourses.wsx

NewCourses.wsx

<?wsx version="1.0"?>

2

3

(5)

Industrial Strength

Scale up

z

WMS 9 Series far more scalable than 4.1

{

Greatly improved TCP performance (2x)

{

Greatly improved broadband performance (2x)

{

Dramatically better disk i/o by caching

frequently accessed content (2x-8x+)

{

20,000 streams (using 20 Kbps content)

achieved on a single machine

{

900 Mbps of total throughput (using 1 Mbps

content) achieved on a single machine

z

Updated load simulation tool on Web

Industrial Strength

Scale out

z

Distribution improvements

{

UDP and multicast between servers

{

Remote logging support

(6)

Industrial Strength

Scale out

z

Cache/proxy

{

Plug-in model for ISVs

{

Plug-in dictates policy

{

Redirection support

{

Pre-stuff capabilities

{

Accelerated/decelerated download support

{

Sample cache/proxy plug-in available in SDK

Remote

Network B

Remote

Network B

Industrial Strength

Scale out

WMS

Cache/Proxy

D

ire

ct

WMS

Cache/Proxy

V

P

N

HQ Network

Remote

Network C

Remote

(7)

Industrial Strength

Reliable

z

> 60 million streams served by MSNBC

z

Automatic connection recovery

guarantees up-time through network

glitches

z

Tested in Network Load Balancing

clusters

z

In-proc/out-of-proc support for plug-ins

WMS System Requirements

21 MB and adequate disk

space for content storage

21 MB and adequate disk

space for content storage

Free hard disk space

Gigabit Ethernet card

100 megabit Ethernet card

Network interface card

1 gigabyte (GB) of RAM or

higher

256 megabytes (MB) of RAM

Memory

Dual 550 megahertz (MHz)

processors (or higher)

Single 233 megahertz (MHz)

processor

Processor

Windows Server 2003,

Enterprise or Datacenter

Edition

Windows Server 2003,

Standard Edition

Operating system

Recommendation

Requirement

Component

(8)

What is DRM?

z

DRM stands for Digital Rights Management

z

DRM protects content from unauthorised use

z

DRM is a flexible solution that can implement a wide

range of business models

z

DRM protected files need a license to unlock them

How can I use DRM?

z

DRM supports the following business models:

{

Preview and purchase

{

Pay per view

{

Rental

{

Subscription

{

Controlled distribution of media assets

{

Can be tailored to any other model

(9)

What is a License?

z

A license consists of the following:

{

The KEY used to unlock the content

{

Rights that govern the use of content

{

A certificate that identifies the license issuer's authority

to create the license

z

A license is bound to the users PC, it cannot be

transferred

How is DRM Secure?

z

Encryption

DRM uses strong encryption (128 bit) that has never been cracked

z

Digital signatures

The content header is digitally signed to prevent tampering

z

Separation of licenses from content

Licenses are kept separate from content, so content can be widely and securely distributed

z

Revocation

There are various ways to prevent players from playing content

z

Individualisation

(10)

Individualisation

z

Individualisation is the process of making each player

unique by linking the player to the PC it is installed on

z

It prevents a hacked player from being widely distributed

over the internet

z

Content can be packaged so that it is only played on

individualised players

z

When a player that is not individualised tries to play

content that requires individualisation, the user is

required to get a security upgrade

(11)

How it works

1. Packaging

2. Rights

3. Distribution

4. License Acquisition

5. License Delivery

Packaging

z

Generate Content Header:

{

Key ID

A String to identify content and generate the KEY

{

License Acquisition URL

Location that specifies where to get licenses from

{

Individualisation Version

Minimum Individualisation a player must have to play the content (optional)

{

Content ID

Uniquely identifies the file (optional)

{

Additional Attributes

(12)

Packaging

z

Sign The Header

{

Private Signing Key

To prevent the header from tampering (Kept secret)

z

Generate the KEY

{

Key ID

Stored in the content header (public)

{

License Key Seed

Kept secret and not stored in content header (private)

{

Key ID + License Key Seed = KEY

z

Encrypt the file using the KEY

Packaging

z

Input formats

{

Any input source that can be converted to Windows

Media Format

{

WAV

{

AVI

z

Output formats:

(13)

Packaging

Supported Codecs

z

Windows Media Audio 1

z

Windows Media Audio 2

z

Windows Media Audio 7

z

Windows Media Audio 8

z

Windows Media Audio 9

z

Windows Media Audio 9

Professional

z

Windows Media Audio 9

Lossless

z

Windows Media Audio 9

Voice

z

Windows Media Video 7

z

Windows Media Video 8

z

Windows Media Video 9

z

Windows Media Video 9

Screen

z

Windows Media Video 9 Image

z

Microsoft MPEG-4 Video 1

z

Microsoft MPEG-4 Video 2

z

Microsoft MPEG-4 Video 3

z

Windows Media Screen 7

z

ISO-MPEG-4 (version) 1

Rights

z

Assign license rights to content

z

The license is separate from the packaged file

z

Rights in the license can be changed after a file is

(14)

License Rights

{

Allow Backup Restore

{

Allow Burn To CD

{

Allow Play On PC

{

Allow Transfer To Non

SDMI

{

Allow Transfer To SDMI

{

Begin Date

{

Burn To CD Count

{

Delete On Clock Roll back

{

Disable On Clock

Rollback

{

Exclude Application

{

Expiration After First Use

{

Expiration Date

{

Expiration On Store

{

Minimum App Security

{

Minimum Client SDK

Security

{

Play Count

{

PM App Security

{

PM Expiration Date

{

PM Rights

{

Transfer Count

Using The Rights

z

Pay per view

{

Play count

z

Rental

{

Expiration after first use

Useful for different time zones

{

Expiration on store

Useful for different time zones

{

Begin & expiration dates

z

Subscription

(15)

Distribution

DRM protected content can be distributed using

conventional methods:

Web Server

Streaming Server

CD (WM format)

Distribution

z

DRM v9 is supported on the following Operating

Systems:

{

Windows 98 SE

{

Windows 2000

{

Windows ME

{

Windows XP

z

DRM v9 is supported on Windows Media Player 7 and

(16)

License Acquisition

z

Process of authenticating

user

Does this user have a right to view the

content?

z

Depends on business model

z

Examples include:

{

Payment

{

Login

{

One time access codes

{

Free, no authentication

License Server

WM Player

License Delivery

z

Verify the content header with the Public Signing Key

z

Generate the KEY

{

Get the Key ID from the content header

{

Get the License Key Seed from the system

z

Specify the rights for the license

(17)

License Delivery

z

A license is only delivered if the user is authorised to

view the content

z

Post Delivery:

1. Content is distributed first

2. License delivered second

z

Pre delivery:

1. License is delivered first

2. Content is distributed second

(18)

Case Study: Preview and Purchase

z

Client

{

Online Music store

z

Client requirements

{

Offering users a free preview of selected content upon registration

{

Normal purchase required after preview

z

Technical requirements

{

Use of pre delivery for preview license

{

Use of post delivery for normal purchases

z

Challenges

{

Supporting both pre delivery and post delivery for same content

{

Preventing users from getting multiple preview licenses

z

Result

{

Preview license pre delivered through browser after registration

{

Once preview license expired, purchase is required through post delivery

Case Study: Pay per View

z

Client

{

Website owner

z

Client requirements

{

Pay per view

{

Files should be self contained

z

Technical requirements

{

Integration of payment into DRM popup

z

Challenges

{

Integrating with a payment provider that gives instant notification on payment

status

z

Result

(19)

Case Study: Rental

z

Client

{

Online video rental

z

Client requirements

{

Payments made using existing payment methods on website

{

Rental period of 3 days

{

Good user experience

z

Technical requirements

{

Integration with client website

{

License will use expiration on store (72 hours)

{

Identifying users through use of cookies and silently delivering licenses

z

Challenges

{

Sharing authentication information with client website, transparent to the user

{

Identifying user silently through use of cookies

z

Result

{

Client website shares authentication information through background http

requests

{

Users pay at website for a rental and later licenses are delivered silently

Case Study: Subscription

z

Client

{

Major Satellite channel

z

Client requirements

{

Live streaming of satellite channel feed

{

Live stream only accessible on subscriptions of 1 day, 1 month or 1 year

z

Technical requirements

{

Use of DRM profile to encrypt stream in real time

{

License will use begin dates and expiration dates

{

Integration with client website

z

Challenges

{

To prevent users from rolling their clock back to get round license terms

{

Managing 3 different licenses for same content

z

Result

{

Only subscribers allowed access to live stream

{

3 different subscription periods available

(20)

Case Study: Controlled Access

z

Client

{

Investment bank

z

Client requirements

{

No payment or authentication required for access

{

To be able to restrict access to content immediately at an unknown future date

{

Statistics on number of plays

z

Technical requirements

{

Each play of content will need a license (play count of 1)

{

Silent license delivery

{

Counting licenses delivered

z

Challenges

{

To be able to restrict access to content at an unknown time when none of the

rights can be preconfigured to do this

z

Result

{

Each time the content is played a license request is needed

{

Client can restrict access to content immediately with a click of a button, the

license server stops issuing licenses for content

{

Statistics on content access

Online Music Store Example

z

The steps required are as follows:

{

Defining the business model

{

Develop database that will support business model

{

Website integration

{

Encoding of content into Windows Media

{

Packaging content

(21)

Online Music Store Example

z

Defining the business model

{

Subscriptions

z

Subscriptions will start from the registration date

z

Subscriptions will end 1 calendar month after start

date

z

Subscriptions will allow access to all content

{

Credits

z

Monthly subscriptions are credited with 400 credits

z

Content will cost 5 credits per play

z

Once credits expire content will not be playable

Online Music Store Example

z

Develop database that will support

business model

{

User id

{

Username

{

Password

{

Start date

{

End date

{

Credits

(22)

Online Music Store Example

z

Website Integration

{

Payments made at website

{

Website maintains subscription database

{

Website can uniquely identify user (registration)

{

Logging on/registration stores cookie on users computer

(user id)

Online Music Store Example

z

Encoding of content into Windows Media

{

Encoded into WMA or WMV

{

Encoding specifications tailored to target

(23)

Online Music Store Example

z

Packaging content

{

For this example:

z

Files can be

encrypted with

unique keys

z

All files can be

encrypted with one

key

Online Music Store Example

z

License terms

{

Static rights

z

Play on PC

z

Play count = 1

z

Allow burn to CD = false

z

Disable on clock rollback

{

Dynamic rights (pulled from database)

z

Begin date

z

Expiration date

(24)

Online Music Store Example

z

License delivery

Online Music Store Example

z

Issues

{

Every clients requirements are unique

{

Clients may already have existing website and

membership databases

z

Need to tailor solution to existing infrastructure

z

Share only authentication information

• Filename (needed for keys)

(25)

How To Obtain A License

z

Some WM components can be downloaded

from the web

{

Many of these are self-licensing

{

See

www.microsoft.com/windowsmedia/download

z

Other WM components can be requested via

license application

{

Components are provided on completion of application

{

See

http://wmlicense.smdisp.net/licenserequest/

Windows PC Applications

z

Windows PC Applications may

{

Download content and licenses from the web

{

Play or burn content

{

Render streaming content

{

Transfer content to a portable player

{

Stream content to a Digital Media Receiver

z

Examples

{

Jukebox and Media Player applications

{

Active web pages

z

PC apps can be built from

{

Windows Media Player SDK, or

(26)

Windows PC Applications

Windows application obtains content and

licenses, plays or burns content, and

may transfer to portable device

z

Technologies and Licenses you may need

{

Windows Media Player SDK

z

Self-licensing (no fees or royalties)

z

<opt>

Windows Media Player Distribution Agreement

• Request via license application. No royalties or fees

{

WMF SDK

z

Self-licensing (no fees or royalties)

z

<opt>

Protected content requires

DRM Certificates

• DRM Client Certificate Agreement for WMFSDK 9s

y

For applications which play or burn protected content

y

Request via license application. No royalties or fees

• DRM Transfer Certificate Agreement for WMFSDK 9s

y

For applications which transfer protected content to portable devices

y

Request via license application. No royalties or fees

Consumer Electronics Devices

z

Consumer Electronics devices may

{

Use WM audio/video codecs to create or play content

{

Render content protected by WM Digital Rights Management

{

Be built on various chipset and operating systems

z

Examples

{

Digital cameras

{

Portable audio and video players

{

Mobile phones

(27)

Digital Camera

z

Technologies and Licenses you may need:

{

Media Transfer Protocol (MTP)

specification

z

MTP Development and Distribution Agreement

(no royalties for most uses)

Camera connects and

transfers images to Windows

PC without custom driver

Portable Audio/Video Players Or

Mobile Phones

z

Technologies and Licenses you may need:

{

WM Audio/Video Codec

sources or object code

z

WMFC Source Dev Agreement (source fee, no royalties)

z

WMFC Distribution Agreement (reasonable royalties)

{

Media Transfer Protocol

specification

z

MTP Development and Distribution Agreement (no fees or royalties)

{

<legacy>

WM Portable Device DRM (PDDRM)

object code

z

WMFC Distribution Agreement (reasonable royalties)

{

<new>

Next Generation DRM for Portable Devices

sources or object code

z

WM DRM for Devices Development and Interim Product Distribution Agreement

(source fee, no royalties)

z

WM DRM for Devices Distribution Agreement (reasonable royalties)

{

<opt>

DRM for WinCE 4.2

object code

Devices obtain content and

licenses directly from network

or through Windows PC

(28)

Digital Media Receivers

Devices play protected

content from PC to

entertainment systems

z

Technologies and Licenses you may need

{

WM Audio/Video Codec

sources or object code

z

WMFC Source Dev Agreement (source fee, no royalties)

z

WMFC Distribution Agreement (reasonable royalties)

{

Next Generation DRM for Network Devices

sources or object code, plus

{

Next Generation DRM for Portable Devices

sources or object code

z

WM DRM for Devices Development and Interim Product Distribution

Agreement (source fee, no royalties)

z

WM DRM for Devices Distribution Agreement (reasonable royalties)

Set Top Boxes

Devices receive protected content

and licenses from network; render

to entertainment system

z

Technologies and Licenses you may need

{

WM Audio/Video Codec

sources or object code

z

WMFC Source Dev Agreement (source fee, no royalties)

(29)

CD And DVD Players

Devices include built

-

in support

for WMA or WMV encoding

z

Technologies and Licenses you may need

{

WM Audio/Video Codec

sources or object code

z

WMFC Source Dev Agreement (source fee, no royalties)

z

WMFC Distribution Agreement (reasonable royalties)

{

HighMAT

specification

z

Web download (reasonable royalties)

z

See

www.HighMAT.com

Media Services Infrastructure

z

Media Services Infrastructure includes

{

Content encoding

{

Content protection/encryption

{

Content distribution

{

License generation

z

Windows applications and SDKs are available on

the web or via license request

z

Protocol specifications for non-Windows

applications are available through the Microsoft

Communications Protocol Program (MCPP)

(30)

Content Packaging

Systems compress content into

WMA or WMV format and/or

encrypt content in DRM

z

Technologies and Licenses you may need:

{

WM Encoder 9S

is a Windows application which compresses

and/or encrypts content

• Web download

• Self-licensing. No royalties or fees

{

WM Rights Manager SDK 9S

creates a Windows-based server

which encrypts content (and can deliver DRM licenses)

• WM Rights Manager SDK 9S Agreement

• Request via license application. No royalties or fees

License Management

Systems generate licenses for

protected content as needed by

consumers, honoring rules of

content owners

z

Technologies and Licenses you may need

{

WM Rights Manager SDK 9S

creates a Windows-based

server which (encrypts content and) can deliver

(31)

Content Distribution

z

Technologies and Licenses you may need

{

To create a Windows-based web server

• Use

Internet Information Services

• License included in Windows Server 2003

{

To create a Windows-based streaming media server

• Use

Windows Media Services

• License included in Windows Server 2003

Web and streaming servers

deliver content to consumers

Riepilogo

z

Soluzione Windows Media

{

Streaming efficiente

z

Basato sulla conoscenza di Streaming Server e

Media Player

{

Scalabilità

z

Presenza di sottoreti di distribuzione e cache/proxy

{

DRM

z

Licenze

z

Autenticazione dei client

z

Uso della crittografia