On the current state of interoperable content protection for internet video streaming

Over-the-top (OTT) media delivery or internet video streaming subscription services like Netflix and Amazon have become highly successful. Broadcasters and telecommunication companies are increasingly investing in creating video streaming platforms. This paper gives an overview of current media streaming and content protection standards. One of the main challenges for commercial content providers is to stream to as many devices (mobile, desktop, TV, etc.) as possible. Standards such as MPEG-DASH or HLS and related standards help to achieve this in an efficient and interoperable way. On the device side, different application platforms exist with different playback models. In order to distribute premium content, Digital Rights Management (DRM) systems are needed to protect the media streams. Using only one DRM system to protect the content is not enough to reach all relevant devices, because a platform or device is usually tied to the vendor’s DRM. As a result, a multi-DRM ecosystem is needed for OTT delivery in order to protect content with more than one DRM system - the MPEG Common Encryption (CENC) standard enables this. In a multi-DRM backend, different entities exist that exchange sensitive metadata such as DRM-specific information and encryption keys. This communication can be interoperable following the Content Protection Information Exchange Format (CPIX) specification by the DASH-IF.