ETSI - GS ECI 002
Embedded Common Interface (ECI) for exchangeable CA/DRM solutions; System validation
Organization: | ETSI |
Publication Date: | 1 April 2018 |
Status: | active |
Page Count: | 30 |
scope:
For implementations of an ECI Ecosystem as described in ETSI GS ECI 001-1 [1] the evaluation of the system architecture is of high importance with respect to verifying the correctness of the features described in the multi-part standard. The requirements for such a system are given in ETSI GS ECI 001-2 [2]. The present document contains a set of life-cycle oriented use cases reflecting the usage of components of an ECI system from its installation via its usage for content-protected media up to playout to an external device.
The ECI system aims at exchangeability of CA and DRM systems in the user's end device by defining appropriate interfaces between such systems and the device. End-users are enabled to install security clients on their devices to ensure interoperability with the services and devices of their choice. The platform operator, in collaboration with the content provider, can select the most suitable technology for a chosen application and can offer the corresponding application to his customers for download. The following features are supported by an ECI system:
• Provisioning of a software container for a CA respectively DRM kernel, called an ECI Client
• Implementation of multiple software containers in a device for the support of more than one protection scheme
• Installation of ECI Clients is separated from the installation of other CPE software
• Support for smartcard-less or smartcard-based protection systems
• Support for the user to discover and download the appropriate kernel
• Support for chip-set security, also known as Advanced Security
• Applicable to classical digital broadcasting, IPTV and OTT services
The fulfilment of these features is done via defined interfaces that are available for an ECI Client. The characteristics of these interfaces are described in clause 4 of the present document.
Afterwards, several test cases are described in order to show the correctness and the completeness of the ECI architecture as described in ETSI GS ECI 001-3 [3], ETSI GS ECI 001-4 [4], ETSI GS ECI 001-5.1 [5], ETSI GS ECI 001-5.2 [6] and ETSI GS ECI 001-6 [7]. Test cases described in clauses 5 to 8 include the installation of ECI Host and ECI Client, the installation of a second ECI Client and the decryption of protected content. Clause 9 shows the processing steps for a re-encryption of content whereas clause 10 describes the play-out of content to an external device. Besides these technically oriented tests cases the handling of security aspects and the provisioning of trust within an ECI Ecosystem is described in clause 11.