{"id":229026,"date":"2024-10-19T14:53:48","date_gmt":"2024-10-19T14:53:48","guid":{"rendered":"https:\/\/pdfstandards.shop\/product\/uncategorized\/bs-iec-62766-72017\/"},"modified":"2024-10-25T09:01:14","modified_gmt":"2024-10-25T09:01:14","slug":"bs-iec-62766-72017","status":"publish","type":"product","link":"https:\/\/pdfstandards.shop\/product\/publishers\/bsi\/bs-iec-62766-72017\/","title":{"rendered":"BS IEC 62766-7:2017"},"content":{"rendered":"

This part of IEC 62766 specifies functions for content protection, service protection, service access protection, user identification, user authentication, and user authorisation.<\/p>\n

The following clauses contain features for which the criteria that determine under which circumstances these features are implemented are out of the scope of the present document or contain conditional normative statements referring to other parts of IEC 62766:<\/p>\n

    \n
  1. \n

    4.2 Terminal-centric approach<\/p>\n<\/li>\n

  2. \n

    4.2.5 Protected file formats<\/p>\n<\/li>\n

  3. \n

    4.2.6 Protection of MPEG-2 transport streams<\/p>\n<\/li>\n

  4. \n

    4.3.4 CI+ based gateway<\/p>\n<\/li>\n

  5. \n

    4.3.4.7 Protected streaming and file formats<\/p>\n<\/li>\n

  6. \n

    4.3.4.8 Personal video recorder<\/p>\n<\/li>\n

  7. \n

    4.3.4.9 Time shifting<\/p>\n<\/li>\n

  8. \n

    4.3.5 DTCP-IP based gateway<\/p>\n<\/li>\n

  9. \n

    4.3.5.6 Protected streaming and file formats<\/p>\n<\/li>\n

  10. \n

    5.4.4 HTTP digest authentication using IMS gateway<\/p>\n<\/li>\n

  11. \n

    5.4.5 GBA authentication using IMS gateway<\/p>\n<\/li>\n<\/ol>\n

    \n

    NOTE GBA authentication can be achieved using either the mechanism in 5.4.5 GBA authentication using IMS gateway or the, more general, mechanism in 5.4.4 HTTP digest authentication using IMS gateway. 5.4.4 allows the use of different authentication mechanisms in a way that is transparent to the OITF, including possible future authentication mechanisms, and should preferably be used. It is expected that 5.4.5 GBA authentication using IMS gateway will be deprecated and removed in future versions of this specification.<\/p>\n<\/blockquote>\n

    PDF Catalog<\/h4>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
    PDF Pages<\/th>\nPDF Title<\/th>\n<\/tr>\n
    2<\/td>\nundefined <\/td>\n<\/tr>\n
    4<\/td>\nCONTENTS <\/td>\n<\/tr>\n
    8<\/td>\nFOREWORD <\/td>\n<\/tr>\n
    10<\/td>\nINTRODUCTION <\/td>\n<\/tr>\n
    11<\/td>\n1 Scope
    2 Normative references <\/td>\n<\/tr>\n
    13<\/td>\n3 Terms, definitions and abbreviated terms
    3.1 Terms and definitions <\/td>\n<\/tr>\n
    15<\/td>\n3.2 Abbreviated terms <\/td>\n<\/tr>\n
    17<\/td>\n4 Content and service protection
    4.1 General
    4.2 Terminal-centric approach
    4.2.1 General <\/td>\n<\/tr>\n
    18<\/td>\n4.2.2 Interfaces for CSP and CSP-T server
    Figures
    Figure 1 \u2013 CSP-T system overview <\/td>\n<\/tr>\n
    20<\/td>\nFigure 2 \u2013 Node acquisition sequence <\/td>\n<\/tr>\n
    22<\/td>\nFigure 3 \u2013 Link acquisition sequence <\/td>\n<\/tr>\n
    24<\/td>\nFigure 4 \u2013 Deregistration sequence <\/td>\n<\/tr>\n
    26<\/td>\nFigure 5 \u2013 Licence acquisition sequence <\/td>\n<\/tr>\n
    27<\/td>\n4.2.3 Protected content usages <\/td>\n<\/tr>\n
    28<\/td>\nFigure 6 \u2013 Licence evaluation sequence <\/td>\n<\/tr>\n
    29<\/td>\nFigure 7 \u2013 Scramble key decryption sequence <\/td>\n<\/tr>\n
    30<\/td>\n4.2.4 Content encryption
    Figure 8 \u2013 Content on demand encryption sequence using content key(for (P)DCF OMArlin or Marlin IPMP Marlin FF)
    Figure 9 \u2013 Content on demand encryption sequence using content key (for MPEG-2 TS) <\/td>\n<\/tr>\n
    31<\/td>\n4.2.5 Protected file formats
    Figure 10 \u2013 Scheduled content encryption sequenceusing scramble key (for MPEG-2 TS) <\/td>\n<\/tr>\n
    32<\/td>\n4.2.6 Protection of MPEG-2 transport streams
    Figure 11 \u2013 Conditional access descriptors signalling ECM and EMM messages <\/td>\n<\/tr>\n
    34<\/td>\nTables
    Table 1 \u2013 Recording Control access_criteria_descriptor
    Table 2 \u2013 Bit assignments of recording_control_information_byte
    Table 3 \u2013 DNR and DNTS combinations <\/td>\n<\/tr>\n
    35<\/td>\nTable 4 \u2013 Parental_Control_URL parameter syntax <\/td>\n<\/tr>\n
    36<\/td>\n4.2.7 Operation of Marlin technologies <\/td>\n<\/tr>\n
    37<\/td>\n4.2.8 DRM data
    Table 5 \u2013 DRMControlInformation mapping for Marlin <\/td>\n<\/tr>\n
    38<\/td>\nTable 6 \u2013 DRMControlInformation mapping for Marlin simple secure streaming <\/td>\n<\/tr>\n
    39<\/td>\nFigure 12 \u2013 Outline of DRMControlInformationtype with MarlinPrivateData
    Table 7 \u2013 MarlinPrivateData structure <\/td>\n<\/tr>\n
    40<\/td>\nFigure 13 \u2013 Outline of MIPPVControlMessage <\/td>\n<\/tr>\n
    41<\/td>\n4.3 Gateway-centric approach
    4.3.1 General
    4.3.2 Capabilities
    4.3.3 CSPG-DAE interface
    Table 8 \u2013 MIPPVControlMessage format <\/td>\n<\/tr>\n
    42<\/td>\n4.3.4 CI+ based gateway
    Figure 14 \u2013 CSPG-CI+ overview <\/td>\n<\/tr>\n
    43<\/td>\nFigure 15 \u2013 CSPG-CI+ context <\/td>\n<\/tr>\n
    44<\/td>\nTable 9 \u2013 OIPF private_host_application_ID
    Table 10 \u2013 SAS_async_msg() APDU syntax
    Table 11 \u2013 Generic message_byte() syntax <\/td>\n<\/tr>\n
    45<\/td>\nTable 12 \u2013 OIPF specific messages and command_id values
    Table 13 \u2013 OIPF specific datatype_id values <\/td>\n<\/tr>\n
    46<\/td>\nTable 14 \u2013 Mapping to DAE API or events <\/td>\n<\/tr>\n
    47<\/td>\nTable 15 \u2013 send_msg message data types
    Table 16 \u2013 reply_msg message data types <\/td>\n<\/tr>\n
    48<\/td>\nTable 17 \u2013 resultCode and oipf_status mapping <\/td>\n<\/tr>\n
    49<\/td>\nTable 18 \u2013 parental_control_info message data types <\/td>\n<\/tr>\n
    50<\/td>\nTable 19 \u2013 oipf_access_status field and blocked attribute mapping
    Table 20 \u2013 rights_info message data types <\/td>\n<\/tr>\n
    51<\/td>\nTable 21 \u2013 oipf_access_status field and errorStatte attribute mapping
    Table 22 \u2013 system_info message data types <\/td>\n<\/tr>\n
    52<\/td>\nTable 23 \u2013 can_play_content_req message data types
    Table 24 \u2013 can_play_content_reply message data types <\/td>\n<\/tr>\n
    53<\/td>\nTable 25 \u2013 can_record_content_req message data types
    Table 26 \u2013 can_record_content_reply message data types <\/td>\n<\/tr>\n
    55<\/td>\nTable 27 \u2013 Scrambling modes <\/td>\n<\/tr>\n
    56<\/td>\nTable 28 \u2013 DRMControlInformation mapping for CSPG-CI+ <\/td>\n<\/tr>\n
    57<\/td>\n4.3.5 DTCP-IP based gateway
    Table 29 \u2013 HexBinaryPrivateData structure <\/td>\n<\/tr>\n
    58<\/td>\nFigure 16 \u2013 CSPG-DTCP overview
    Figure 17 \u2013 Overview of involved reference points <\/td>\n<\/tr>\n
    60<\/td>\nTable 30 \u2013 CA_descriptor <\/td>\n<\/tr>\n
    62<\/td>\n5 User identification, authentication, authorisation and service access protection
    5.1 General principles
    Figure 18 \u2013 General message flow for service access protection and user authentication <\/td>\n<\/tr>\n
    63<\/td>\n5.2 Interfaces
    5.2.1 General
    5.2.2 HNI-INI <\/td>\n<\/tr>\n
    64<\/td>\n5.2.3 HNI-IGI
    5.2.4 Common requirements
    5.3 Service access protection
    5.3.1 SAA co-located with service <\/td>\n<\/tr>\n
    65<\/td>\n5.3.2 SAA standalone
    Figure 19 \u2013 SAA co-located with requested service
    Figure 20 \u2013 Standalone SAA, redirection mode <\/td>\n<\/tr>\n
    66<\/td>\n5.4 OITF authentication mechanisms
    5.4.1 HTTP basic and digest authentication
    Figure 21 \u2013 HTTP basic and digest authentication <\/td>\n<\/tr>\n
    67<\/td>\n5.4.2 Network-based authentication
    5.4.3 Web-based authentication
    Figure 22 \u2013 Network-based authentication <\/td>\n<\/tr>\n
    68<\/td>\nFigure 23 \u2013 Web-based authentication with form <\/td>\n<\/tr>\n
    69<\/td>\n5.4.4 HTTP digest authentication \u2013 Using IMS gateway <\/td>\n<\/tr>\n
    70<\/td>\nFigure 24 \u2013 Initial procedure <\/td>\n<\/tr>\n
    71<\/td>\nFigure 25 \u2013 Authentication between an OITF and an SAA basedon HTTP credentials stored in IG <\/td>\n<\/tr>\n
    73<\/td>\nFigure 26 \u2013 Authentication between an OITF and an SAA based on GBA credentials <\/td>\n<\/tr>\n
    74<\/td>\n5.4.5 GBA authentication \u2013 Using IMS gateway <\/td>\n<\/tr>\n
    75<\/td>\nFigure 27 \u2013 Initial GBA registration <\/td>\n<\/tr>\n
    76<\/td>\nFigure 28 \u2013 Authentication between an OITF and an SAA based on GBA keys <\/td>\n<\/tr>\n
    77<\/td>\n5.5 IMS registration \u2013 OITF
    5.5.1 General
    5.5.2 Relevant functional entities and reference points <\/td>\n<\/tr>\n
    78<\/td>\n5.5.3 Prerequisites
    Figure 29 \u2013 OIPF functional entities and reference points involved in IMS registration <\/td>\n<\/tr>\n
    79<\/td>\n5.5.4 SIP digest message flows
    Figure 30 \u2013 SIP digest message flow interlaced into IMS registration <\/td>\n<\/tr>\n
    80<\/td>\n5.5.5 IMS AKA message flows <\/td>\n<\/tr>\n
    81<\/td>\nFigure 31 \u2013 User identification and authentication based on the IMS AKA procedure <\/td>\n<\/tr>\n
    82<\/td>\n5.6 Session management and single sign on
    5.6.1 General
    5.6.2 Cookie session <\/td>\n<\/tr>\n
    83<\/td>\n5.6.3 URL parameters
    Figure 32 \u2013 Session management using cookie <\/td>\n<\/tr>\n
    84<\/td>\n5.6.4 HTTP authentication session
    Figure 33 \u2013 Session management using URL parameters <\/td>\n<\/tr>\n
    85<\/td>\n5.6.5 SAML Web-based SSO
    Figure 34 \u2013 HTTP authentication session <\/td>\n<\/tr>\n
    86<\/td>\n6 Forced play-out using media zones
    Figure 35 \u2013 SAML Web-based SSO <\/td>\n<\/tr>\n
    88<\/td>\nAnnex A (informative)Link of user authentication and DRM device authentication
    Figure A.1 \u2013 User authentication for CSP, CSP-T server communication <\/td>\n<\/tr>\n
    90<\/td>\nAnnex B (normative)XML schemas
    B.1 General
    B.2 XML schema for MarlinPrivateDataType structure <\/td>\n<\/tr>\n
    91<\/td>\nB.3 XML schema for MIPPVControlMessage format
    B.4 XML schema for HexBinaryPrivateDataType structure <\/td>\n<\/tr>\n
    92<\/td>\nAnnex C (informative)DRM messages used in DAE
    Table C.1 \u2013 DRM messages used in the DAE <\/td>\n<\/tr>\n
    93<\/td>\nAnnex D (informative)CSPG-CI+ usage examples
    D.1 General
    D.2 CSPG-CI+ initial power-on
    D.3 CSPG-CI+ normal power-on
    Figure D.1 \u2013 CSPG-CI+ first power-on <\/td>\n<\/tr>\n
    94<\/td>\nD.4 Live session example
    Figure D.2 \u2013 CSPG-CI+ normal power-on
    Figure D.3 \u2013 CSPG-CI+ live session example <\/td>\n<\/tr>\n
    95<\/td>\nD.5 Parental control management example
    Figure D.4 \u2013 Parental control management example <\/td>\n<\/tr>\n
    96<\/td>\nD.6 No-rights event and purchase example
    Figure D.5 \u2013 No-rights event and purchase example <\/td>\n<\/tr>\n
    97<\/td>\nD.7 VoD session example
    Figure D.6 \u2013 VoD session example <\/td>\n<\/tr>\n
    98<\/td>\nAnnex E (informative)CSPG-DTCP session setup sequence examples
    E.1 General
    E.2 Multicast streaming with SIP session management <\/td>\n<\/tr>\n
    99<\/td>\nFigure E.1 \u2013 Session setup sequence for multicast streamingwith SIP session management <\/td>\n<\/tr>\n
    100<\/td>\nE.3 Unicast streaming with SIP session management
    Figure E.2 \u2013 CSPG-DTCP initiated teardown sequencefor multicast streaming with SIP session management <\/td>\n<\/tr>\n
    101<\/td>\nE.4 Unicast streaming with RTSP session management
    Figure E.3 \u2013 Session setup sequence for unicast streamingwith SIP session management <\/td>\n<\/tr>\n
    102<\/td>\nE.5 HTTP streaming and download
    Figure E.4 \u2013 Session setup sequence for unicast streamingwith RTSP session management
    Figure E.5 \u2013 Session setup sequence for HTTP streaming and download <\/td>\n<\/tr>\n
    103<\/td>\nAnnex F (informative)Embedded CSPG
    F.1 General
    Figure F.1 \u2013 Possible CSPG deployments <\/td>\n<\/tr>\n
    104<\/td>\nFigure F.2 \u2013 CSPG embedded in the same device as OITF <\/td>\n<\/tr>\n
    105<\/td>\nF.2 Application to simple and secure streaming
    Figure F.3 \u2013 Simple and secure streaming with CSPG <\/td>\n<\/tr>\n
    107<\/td>\nBibliography <\/td>\n<\/tr>\n<\/table>\n","protected":false},"excerpt":{"rendered":"

    Consumer terminal function for access to IPTV and open internet multimedia services – Authentication, content protection and service protection<\/b><\/p>\n\n\n\n\n
    Published By<\/td>\nPublication Date<\/td>\nNumber of Pages<\/td>\n<\/tr>\n
    BSI<\/b><\/a><\/td>\n2018<\/td>\n108<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n","protected":false},"featured_media":229029,"template":"","meta":{"rank_math_lock_modified_date":false,"ep_exclude_from_search":false},"product_cat":[706,2641],"product_tag":[],"class_list":{"0":"post-229026","1":"product","2":"type-product","3":"status-publish","4":"has-post-thumbnail","6":"product_cat-35-240-95","7":"product_cat-bsi","9":"first","10":"instock","11":"sold-individually","12":"shipping-taxable","13":"purchasable","14":"product-type-simple"},"_links":{"self":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product\/229026","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product"}],"about":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/types\/product"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/media\/229029"}],"wp:attachment":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/media?parent=229026"}],"wp:term":[{"taxonomy":"product_cat","embeddable":true,"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product_cat?post=229026"},{"taxonomy":"product_tag","embeddable":true,"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product_tag?post=229026"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}