Quintic CAS

Quintic is a content protection system for digital TV supporting all main ways of selling, delivering, ordering and paying for TV content.

Quintic is based on decades of pay-TV experience mixed with the latest technologies.
The resulting composite is light and powerful covering the needs from small- to large scale operations.


Key features of Quintic

  • Configurations for satellite, cable & terrestrial DVB, IP, CMMB & DVB-H mobile TV
  • Smart card security device for STBs and CAMs
  • SMD security device for cardless STBs and CAMs
  • SIM security device for mobile handsets
  • microSD card for mobile handsets, PCs, STBs
  • Supports all main ways of selling pay-TV content
  • Strong security based on dedicated hardware
  • Suite of functions for specific needs


Designing a fresh CAS

When designing Quintic, we had the luxury of the latest software technologies and tools to combine with experience with what operators need to sell pay-TV, with STBs and other terminals, with head-ends and back office systems and never to forget – with pirates.

These have made Quintic a very strong composite for the present and future content protection scenario.


Mobile TV and microSD card

Quintic was first designed for broadcast mobile TV – DVB-H. The broadcast mobile TV systems use MPEG4 encoding and IP combined with the relevant broadcast mobile transmission format: DVB-H, DMB, CMMB and more. The content encryption a.k.a. scrambling algorithm is AES128, and the format ISMACryp, SRTP and IP-Sec. ISMACryp is often favored as it supports both transport and storage security. AES128 and ISMACryp are the applicable content encryption techniques also for IPTV and OTT.

Working with broadcast mobile TV, Abel had SIMs and microSD cards as the target security device. The SIMs were targeted for mobile network operators and the microSD cards for TV distribution operators. In fact, Abel was in 2007 the first with microSD cards for pay-TV [link to. Pay-TV microSD cards have so far not been much deployed.

However, microSD slot is clearly the most common high speed external interface supported by consumer devices ranging from smart phones, tablets, PCs, connected TVs and some STBs. We believe it can be tomorrow’s universal pay-TV device.

Scalability and redundancy

Designing systems for potentially very large broadcast mobile TV operations means the software platform needs to be scalable to millions of subscribers, it needs to be robust in case a computer fails, and it needs to be very efficient on spectrum/bandwidth.

The low level scalability, portability and redundancy are supported by Quintic’s software platform comprising Java Enterprise Edition middleware and Oracle databases.

Bandwidth efficiency

The bandwidth efficiency is about authorizing a particular card for a particular service – Tom’s STB for a DTH package, Dick’s PC for a movie, and Harry’s smart-phone for his soccer team’s matches.
Just sending individual messages accordingly is possible, but it becomes very inefficient especially as in a one-way system the messages cannot be sent only once, they need to be repeated for hours, days, weeks to make sure devices that have been off-line get the authorization as soon as possible after they are tuned in again. Messages for all devices for all products may therefore be played out as long as the products are valid.

Lower [linear] bound is 1 bit per device per product. Sending authorization rights in single transport packets is in comparison very inefficient at 1500 bits per message. Why not send just a short code?
Well, it needs to be encrypted/authenticated, and for example an AES128 cipher text gives 128 bits as minimum message length and RSA512 512 bits. The solution is to use group messaging, various priorities and other techniques to create an optimal relation between bandwidth usage, probability of reaching the device and waiting time for the end-user.

In large systems this optimization between user experience and cost [of bandwidth] is not trivial. Broadcast mobile TV is with high subscriber potential and very low available bandwidth resources extremely sensitive to the CAS being efficient.

In a well-balanced configuration, Quintic can pack and play-out rights data well below 2 bits per device per product, and through priorities make urgent data reach fast.

DVB

Having developed a CAS supporting broadcast mobile TV and with it support for IPTV formats and -security, Quintic was extended to support fixed digital TV transmissions – DVB-S,-T and –C based on the DVB content protection framework including DVB-CSA, DVB-Simulcrypt and Common Interface [CI].

Quintic in the pay-TV eco system

Quintic is designed to be as self-contained and independent from transmission data as possible. We want out CAS messages to be indifferent to which network they are passing through. This clear separation has also the effect of making head end, STB and CAM integrations as simple [and robust] as they can be.
For head-ends, the DVB Simulcrypt interface applies, and for STBs and CAMs Abel has a kit for manufacturers to integrate support for Quintic. The interface to the CAS from the CRM or other order request sources is based on Web-services – the most common server-to-server communication.

Smart cards and alternative form factors

Smart cards continue to be the most used security devices for pay-TV. They give the highest level of security and indeed replaceable security. Smart cards give clear separation of CAS and STB making it easier for STB manufacturers to integrate support for a CAS – and vice versa. This gives operators choice of STBs with a particular CAS which in turn encourages competition and prevents lock-in to a particular CAS/STB.

In certain scenarios, other form factors than smart cards are relevant. SIMs and microSD cards are mentioned above for the choices for personal general purpose devices like PCs, smartphones and tablets. In addition to the content protection features, microSD cards also have the large flash memory that can be used for content recording and play-back – microSD PVR.

The smart card chip may also be delivered as a chip to be embedded in the STB, handheld terminal or CAM. Such Surface Mount Device (SMD) CAS chips are supported by Quintic. SMDs make the devices proprietary, but in some cases this can be acceptable. For example CAMs containing SMD instead of smart cards, can be more convenient to deploy, manage in the field and replace than the normal CAM + smart card combination. Abel’s SMD CAMs do for example have auto-pairing thus removing pairing of CAMs and smart cards from the daily operation.

Pairing

Control word sharing emerged as a practical threat some years ago. The main countermeasure is to protect the communication between the smart card and the STB/CAM – so-called pairing. Quintic has implemented support for several types of pairing mechanisms.

Down-dimension for smaller operations

Having identified medium and smaller operators as a specific segment in need for professional CAS options, Abel has taken care to make Quintic also “downscalable” to dimensioning and use appropriate for small operations.

Dimensioning is about using minimum number of computers on the head-end, and no specific [crypto] hardware. Quintic can be run on a PC platform under Windows – the computer platform the most technicians are familiar with. Not requiring specific crypto hardware needs to be designed in from outset. With Quintic even if the transmit side computers are compromised, the cards are not, and the transmit side can be upgraded to shut out hackers.

This design enables another cost cutting measure besides the inexpensive computers, namely, to arrange for remote installation and support of the CAS. The operator buys the computer(s) locally, rigs them with the head-ends, and Abel can install and prepare the CAS for operation. This saves traveling costs and expensive engineering time.

Pay as you go

Beyond supporting the normal content sales modes of subscription and pay-per-view, Quintic supports “pay-as-you-go” in an efficient manner. Whereas very intuitive, it is challenging to implement for large operations as pay-as-you-go basically is individual delivery implying large bulk of authorization rights data jeopardizing group messaging and other efficiency measures used for the quite static “monthly subscription” scenario. Quintic implements a pay-as-you-go support that optimizes the important fast first delivery of the rights and group messaging. We believe we are among the best in class here.

Pay-as-you-go is important going forward as more content will be bought and expected delivered after a click in a PC, tablet or smart-phone browser. However, pay-as-you-go is indeed also how many analogue pay-TV systems works: turn on / off the STB individually. Quintic thus supports easy “behavior migration” from analogue to digital TV.

Security and more

Security and anti-piracy measures is the backbone of a CAS. Quintic relies on 20 years of experience in pro-active content protection – with upgrade options in case of piracy.

There is more to Quintic than we can write here– please contact us if there are specific aspects you want to clarify.

 

Quintic leaflet




Digital bridge leaflet



CAM leaflet




GUI screen shots




MicroSD leaflet




Copyright © 2011. Abel DRM Systems.
All Rights Reserved.

Designed by Prominence.