iQIYI DRM training road

News 2023-06-21 16:18:36 views: null

01

   The definition and role of DRM

DRM, or digital rights management, is a technology, tool and process for protecting intellectual property rights in the process of digital content transactions. Its purpose is to prevent digital content from being copied, modified and distributed by unauthorized users to protect the rights of intellectual property owners. In our daily life, we often deal with DRM technology. For example, before a movie is released, we can't watch movies on video sites, we can only go to movie theaters. This is a result of content providers (distributors) managing their own digital content.

Initially, content providers provided services directly to users. For example, street performers, teachers teaching, concerts and so on. Later, media platforms appeared, and we can watch other people's performances on the Internet, and we can take classes and listen to concerts online. Media platforms pay copyright fees to content providers, and users watch digital content on media platforms through payment. But there are always some people who want to make a lot of money. They pirate digital content and distribute it to some users, and charge a lower fee than the genuine one. To prevent this from happening, DRM solutions have emerged.

For the online video industry, membership income and advertising income are two important sources of income. Taking iQiyi as an example, according to the financial report of Q4 in 2022, the number of iQiyi members has reached 120 million. If there is no copyright protection, the loss of content will not only cause the loss of users, but also affect the conversion of members and reduce the income of members. It will also indirectly affect the advertising revenue due to the loss of users. Piracy is a huge loss for iQiyi.

53c98742c59c410916735361cb88ad10.pngData source: iQiyi 2022Q4 financial report

Traditional digital media, such as optical discs, cable television and movie theaters, all use hardware devices to protect digital content. For example, a CD needs a CD player or a DVD player to play, and if you want to watch cable TV, you use a TV box to play it. If you want to watch a movie, you need to go to a movie theater, where there are special projection equipment. Traditional DRM usually relies more or less on specific physical devices and physical carriers for transmission and playback.

f979344b3cd1b03df5be06a267d16a10.png

However, network data does not require a specific physical carrier, nor is it limited to playing on certain devices. The types of devices are very diverse, such as mobile phones, tablets, Internet TVs, computers, etc. The volume is huge, the devices are relatively uncontrollable, and users have certain permissions Modify the device. Once cracked, piracy spreads very quickly.

02

   How DRM should be implemented

Early content providers provided content to the distribution platform, and the distribution platform distributed the content. At this time, users can watch movies at will without registration or purchase. At this time, the current DRM technology does not actually exist, and at most there will be some anti-leech protection. means. Because the distribution platform at that time was more focused on expanding its influence, similar to portal websites.

80b729836a65738dc839f48716fd7c78.png

However, the way of providing services for free is not sustainable, so later content providers provide content to distribution platforms, and platforms pay copyright fees. At this time, the value of the content is not only reflected in the wide spread, but also for the distribution platform, they also want to be exclusive. In order to watch a movie, users need to pay a certain fee, such as a membership fee, a ticket for a certain movie, or the distribution platform hopes that users can only watch it on their platform, and users who have not paid the fee will not be able to watch the video.

If it's profitable, someone is bound to try to profit from it. In the absence of a DRM system in place, pirates may pay a fee to obtain a film and redistribute it for a profit. There are many forms of piracy. You can use pirated video websites, short video platforms, online disks, hotlinks, etc., no matter which way, you can obtain our clear original code stream, and then redistribute it for profit.

20c7946c914e39ecf294fc8fdde28333.png

How to prevent content from being obtained by pirates? First, we need to authenticate the user, and then lock the content so that it cannot be spread. For example, our content can only be played on iQiyi and cannot be played on other devices. In this way, we can limit the content to a certain extent to mobile phones, TVs or tablets that only have the iQIYI APP, just like traditional DRM systems. In this way, there are two most basic functions in the DRM system including authorization and encryption. According to these two functions, we can gradually construct a simple structure of the entire DRM system.

04d2867fb8ffc6483a9d2c2c9c0f1451.png

Among them, in the DRM system shown above, a very important link is safe playback, so commercial DRMs will construct their own secure decryption SDK to ensure safe playback of content. The security decryption SDK currently has two forms, one is the hardware-level DRM TrustApp (TA) based on the hardware device TrustZone (TZ), and the other is a completely independent software-level DRM SDK.

Hardware-level DRM TA is relatively safer. In TrustZone (TZ), DRM TA can be run in the Trusted Execution Environment (TEE). In this way, during the decryption process, we only need to transfer the license and encrypted code stream to TA in TZ for decryption. Decrypt, and then directly call the hardware player to play the code stream, and the plaintext will no longer appear in the ordinary operating system.

Software-level DRM SDK does not depend on TEE at all, but uses software security components to prevent pirates from attacking. Software DRM will simulate and construct a set of software trusted execution space during operation to protect the entire plaintext code stream from being stolen. But its great weakness is that it cannot combine hardware to protect some places without permission control, such as system player and hardware output.

03

   Status of iQIYI’s DRM business

Generally speaking, the cost of hardware DRM TA equipment is high and strongly depends on the capabilities of the equipment, but the security is relatively high. At present, there is no effective way to attack TEE. The development cost of software DRM SDK is high, but it is more flexible than hardware DRM.

iQIYI's DRM product architecture consists of two parts: one is MultiDRM, which includes commercial DRM solutions such as widevine, playready, fairplay and intertrust, and the other is iQIYI DRM-S, a DRM solution independently developed by Native Code. Together, they provide comprehensive protection across browser, mobile, PC and TV.

649d726c422e43e2f35530f6c66aaf9a.png

After a DRM system is implemented, how to prove its security to the copyright owner? At this time, a third party is required to authenticate the system. Since 2018, iQIYI has been iteratively updating the DRM system and successively passed the ChinaDRM 1.0 security assessment, Riscure security assessment and Farncombe security assessment. Each assessment certification is not just an endorsement, but also an increase in our awareness of DRM technology. These are a process of continuous learning and continuous improvement.

9f718197eea6a435a877d57228c0203a.png

04

   iQIYI DRM Future Plan

What plans does iQIYI have for DRM in the future? It is not easy to fully answer this question. To quote a security senior: Security is not something once you purchase it's done, security is a journey. For future plans, since hardware DRM is highly dependent on devices, we need to be prepared for this and seek opportunities to explore more viable hardware DRM solutions. In addition, we will provide more comprehensive protection, support more cryptographic algorithms, and respond quickly when the security components in our SDK face attackers. Most importantly, we need to continuously optimize the protection scheme to ensure that our normal user rights are protected. Since digital rights management technology may prevent users from freely using digital content, DRM technology not only needs to improve the effect of copyright protection, but also needs to better balance the relationship between copyright protection and user experience.

The road is long and long, and I will search up and down.

Guess you like

Origin blog.csdn.net/weixin_38753262/article/details/130437186
Recommended
Arc Browser for Windows 1.0 officially GA
A programmer born in the 1990s developed a video porting software and made over 7 million in less than a year. The ending was very punishing!
Ranking
1. Select Sort
Create a thread thread
3 press to play ball that reach 6
Programmation CUDA (4) : gestion de la mémoire
SpringBoot database connection pool Druid error
E Diudiu App redesign summary
4EVERLAND Hosting now supports SNS+IPFS
About HTTPS
[vue3+vite+ts+element-plu+sass] uses bug records in sass
Interpretation of HUAWEI CLOUD GaussDB (for Influx): Best Practice Data Modeling
Daily
More
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)

Code World

© 2018 codetd.com