CDSA Device and Credential Recoverability Review

 
This document has been prepared by the Renewal and Provisioning Working Group of the CDSA.

The working group has contributors from Content creators, streaming service providers, DRM providers and IP-technology providers and meets regularly.

The working group has a mission to understand how streaming devices can mitigate the risk of content being misused, or services providing that content being abused. The knowledge developed by the group is used to create security expectations and functional requirements for how devices protect services and content. These are reviewed with streaming device manufacturers to ensure expectations are clear and requirements are practical. Input is also sought on how any recommendation will affect the user experience.

The topic under consideration by the working group leading to the following implementation guidelines has been to examine the issues associated with establishing the current state of the DRM Trusted Computing Base (TCB). The TCB consists of hardware, firmware and software components that implement and support the DRM system. The challenges examined by the working group were to consider:

  • How to securely update in the field any compromised DRM TCB or credentials in the field.
  • How to ensure such updates cannot be rolled back to vulnerable firmware versions.

This builds upon previous work which produced platform agnostic recommendations for device to achieve a Root of Trust (RoT). The device RoT enables establishment and measurement of the TCB to determine whether the state is adequate and if it is not, support restoring the state to a trustworthy one and then provisioning suitable DRM credentials to the secured environment.

Click the links below to view and download these documents:

CDSA Device and Credential Recoverability Review – Public Review

CDSA Device and Credential Recoverability Implementation Guidelines V1.1