Various techniques exist that allow malicious entities, or attackers, to access and copy video content as it is being streamed through a computing device. Common types of attacks include copying the video content to system memory on a frame-by-frame basis, depressing a “Print Screen” key, copying with a graphics device interface GetDC function, utilizing DirectX calls, attacking video content crossing User Accessible Bus (UAB), or disabling the output protection such that the digital or analog output signals carrying the video content can be recorded. Typically, these “attacks” on the video content are unauthorized; thus, content providers of the video content are deprived of sales and, consequently, income. As such, preventing such attacks on the video content generated by these content providers is of great significance thereto.
In one solution, many video sources contain various licenses attached thereto that strictly require video content streaming from the video sources to be protected. Examples of these video sources that promote such requirements include Advanced Access Control System (AACS) playback (e.g., high-definition digital versatile disc (HD DVD), Blu-Ray Disc, and the like), DirecTV, Open Cable Unidirectional Receiver (OCUR), and international broadcast standards governing protections of video content. These requirements typically cover three different areas: protecting the keys used to decipher the video content when encrypted, protecting the video content once it is decrypted, and enforcing content specific policy such as applying an output protection technology to protect an output signal carrying the video content (e.g., High-bandwidth Digital Content Protection (HDCP), Macrovision®, Copy Generation Management System-Analog (CGMS-A)).
However, trusted traditional approaches for securing video content only partially protect the video content. For instance, one traditional approach is applying software security techniques to the video content. These software security techniques cannot guarantee the integrity of the video content as it passes between interconnected components within a computing device. For example, software security techniques are frequently defeated by malicious code that clears protective flags attached to the video content. Accordingly, these software security techniques, at times, can be bypassed and expose de-encrypted media within the video content to nontrusted systems (e.g., operating system, drivers, unsecured memory, and other unlocked environments), which allow creation of unauthorized copies of the de-encrypted media.
Software security techniques that attempt to tightly protect video content by increasing obfuscation, such as applying security variables to the video content, or applying additional routines that resist a downstream attack once video content is decrypted, are not always effective and have a very high performance overhead associated therewith. The high performance overhead will slow down the security software and cause delays when rendering at graphical displays. Hence, the software security techniques, or other software-based protection mechanisms, do not offer sufficiently robust security while maintaining performance.
In another instance, a second traditional approach is to utilize a graphics processing unit (GPU) to protect the video content. But, because the GPU can address substantially all of the memory within a computing device, including protected memory and non-protected memory, access points to the GPU must be gated by security checks to ensure that protected content is not improperly accessed. Due to the high frequency at which GPUs are accessed for rendering purposes, the impact of implementing these security checks on performance is unacceptable.
Accordingly, present schemes for protecting video content against downstream attacks remain inefficient and deliberate in execution.