In order to leverage investments content providers constantly develop new types of multimedia services. With the emergence of digital video recording (DVR) and mobile television, one type of such new services regards combining broadcast services with download services. For example a subscriber may obtain a subscription to receive a streamed service and—in addition—to store the streamed service for playback. Such functionality may be implemented using one or more consumer electronic devices e.g. a set-top box for access to a broadcast signal and a (portable) media player, which may be configured to connect to the set-top box for downloading a media file comprising the content.
Broadcast platform typically use a Conditional Access (CA) system for access control to content in the broadcast stream. In order to scramble the content in the stream, the CA system uses control words (CW) which are periodically updated in order to enhance the security. CA receivers may descramble the scrambled content using so-called entitlement control messages (ECM) which are sent by the CA system along with the scrambled content stream to the CA receivers. An ECM comprises one or more CWs in encrypted form which may be decrypted by the CA receiver using a private key stored in a secure device (e.g. a smart card or the like). The ECMs may further comprise subscriber rights for accessing one or more programs in the scrambled content stream.
On the other hand, personal computers and/or portable media players typically use a digital rights management (DRM) system for access control to content such as DVDs, MPEG files etc. In a DRM system, e.g. the OMA DRM system of the Open Mobile Alliance used in mobile phones or the Windows Media DRM system for access control to paid content, a DRM rights issuer may issue a rights object (i.e. a license comprising the terms and conditions) associated with the use of a single piece of encrypted content, to a device. Such rights object may be delivered to the device separately from the content.
Hence, combining broadcast streaming with download services requires an interface between the different access control systems such that the required level of security may still be ensured. For example one type of interface may be configured for transcoding a CA protected broadcast file into a DRM protected media file. Interfaces between two access control systems, so-called bridges, are known and described for example in WO2009/002643 and EP1564622.
One problem associated with known interfaces is the management of keys used to re-encrypt a CA broadcast under a DRM system and to associate a right object to the content for managing the stored content once it has been transformed into a DRM format. The generation of rights objects within a consumer electronics device, e.g. a set-top box or a portable media player, may pose a significant security risk as access to the keys may allow the creation of right objects for any content that has been distributed. Hence, these DRM keys require high level security processing.
Another problem relates to the requirement that during a broadcast a recording may be started at a random point in time. Hence, at every point in time during a broadcast transmission all information needed for recording and consuming an event should be available to all authorized CA receivers in the system. This information should be provided to these receivers without compromising the bandwidth of the broadcast network.
Yet a further problem relates to the fact that a set-top box may require a connection to different media players supported by different DRM systems while at the same maintaining the required level of security. A bridge should thus be capable of transmitting content to devices having different DRM technology implemented therein (e.g. Windows Media DRM in portable media players and OMA DRM in mobile phones).
Hence, there is a need in the art for improved methods and systems for processing recordable content in a stream. Further, there is a need in the art for an interface between a CA system and a DRM system which provides a secure key management system and/or enhanced interoperability.