File-based and streaming content (e.g. movies and TV programs) have high cost and value associated with its creation and sales. For that reason content protection systems like Digital Rights Management (DRM) and Conditional Access (CA) systems are available to protect the content against unauthorized distribution and to only allow authorized users and systems accessing it.
Content Providers generate content but rarely deliver it directly to consumers. Instead, a content provider outsources the content delivery of the content to a consumer to an intermediate party, a content distributor. When outsourcing the delivery of the content, a certain trusted relation between the content provider and the content distributor, such as a content delivery network (CDN), is needed such that the content provider can rely on the content distributor that the content is delivered in accordance to certain predetermined conditions, e.g. secure delivery, and that the content provider is correctly paid for each time that a consumer requests a particular content item from the content distributor.
The importance of a trusted relation between the content provider and the content distributor gets even more prominent if a content distributor may or, in certain circumstances, must outsource the delivery of a content item to a consumer via one or more further content distributors, e.g. via a network of interconnected CDNs. In such situations, the process of delivery and billing of content items to large groups of consumers may easily become a very complex and non-transparent process. Moreover, the more distributors between the content provider and the consumers, the larger the chance that the security may be compromised by unauthorized parties.
A content distributor may use a content protection system for protecting the content against unauthorized access. If however the security system of the content distributor is compromised, then all stored and handled content may be potentially compromised.
US20100088505 describes a known content delivery system comprising a content protection system, which is configured to encrypt content that is stored within the CDN. In this scheme, the CDN is in direct control of the keys the content protection system needs to encrypt and decrypt the content in the CDN so that when a consumer request a content item from such CDN, the content decrypted by the CDN before it is sent to the consumer. When such CDN is compromised by an unauthorized party, such party may directly access the keys for decrypting the content. Moreover, the content protection system does not provide a scheme, which allows involvement of the content provider in the process of delivery of a content item to a consumer such that the content provider may (partly) control or at least monitor the secure delivery process of the content item for billing and/or security reasons.
Hence, methods and systems are desired which allow secure delivery of content originating from a content provider, via a content distributor or a network of content distributors to a large group of consumers. Moreover, methods and systems are desired which allow a content distributor to control or at least monitor the secure delivery of content originating from a content provider, via a content distributor or a network of content distributors to a large group of consumer and to detect a security breach during said secure delivery of content to said consumers.