US20220224974A1 - Distributed media player for digital cinema - Google Patents

Distributed media player for digital cinema Download PDF

Info

Publication number
US20220224974A1
US20220224974A1 US17/144,539 US202117144539A US2022224974A1 US 20220224974 A1 US20220224974 A1 US 20220224974A1 US 202117144539 A US202117144539 A US 202117144539A US 2022224974 A1 US2022224974 A1 US 2022224974A1
Authority
US
United States
Prior art keywords
data stream
encrypted data
media
digital content
content
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
US17/144,539
Other versions
US11405684B1 (en
Inventor
Brian CLAYPOOL
Kevin Draper
John Hudson
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Christie Digital Systems USA Inc
Original Assignee
Christie Digital Systems USA Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Christie Digital Systems USA Inc filed Critical Christie Digital Systems USA Inc
Priority to US17/144,539 priority Critical patent/US11405684B1/en
Assigned to CHRISTIE DIGITAL SYSTEMS USA, INC. reassignment CHRISTIE DIGITAL SYSTEMS USA, INC. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: CLAYPOOL, Brian, HUDSON, JOHN, KEVIN, KEVIN
Assigned to CHRISTIE DIGITAL SYSTEMS USA, INC. reassignment CHRISTIE DIGITAL SYSTEMS USA, INC. CORRECTIVE ASSIGNMENT TO CORRECT THE ASSIGNOR'S NAME PREVIOUSLY RECORDED FOR PATENT APPLICATION NO. 17/144539 PREVIOUSLY RECORDED AT REEL: 054859 FRAME: 0926. ASSIGNOR(S) HEREBY CONFIRMS THE ASSIGNMENT. Assignors: CLAYPOOL, Brian, HUDSON, JOHN, DRAPER, KEVIN
Priority to JP2022001246A priority patent/JP2022107526A/en
Priority to EP22150578.7A priority patent/EP4027646A1/en
Priority to CN202210015118.6A priority patent/CN114760499A/en
Publication of US20220224974A1 publication Critical patent/US20220224974A1/en
Application granted granted Critical
Publication of US11405684B1 publication Critical patent/US11405684B1/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/438Interfacing the downstream path of the transmission network originating from a server, e.g. retrieving encoded video stream packets from an IP network
    • H04N21/4385Multiplex stream processing, e.g. multiplex stream decrypting
    • H04N21/43853Multiplex stream processing, e.g. multiplex stream decrypting involving multiplex stream decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/23Processing of content or additional data; Elementary server operations; Server middleware
    • H04N21/234Processing of video elementary streams, e.g. splicing of video streams or manipulating encoded video stream scene graphs
    • H04N21/2347Processing of video elementary streams, e.g. splicing of video streams or manipulating encoded video stream scene graphs involving video stream encryption
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/84Protecting input, output or interconnection devices output devices, e.g. displays or monitors
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0457Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply dynamic encryption, e.g. stream encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/23Processing of content or additional data; Elementary server operations; Server middleware
    • H04N21/236Assembling of a multiplex stream, e.g. transport stream, by combining a video stream with other content or additional data, e.g. inserting a URL [Uniform Resource Locator] into a video stream, multiplexing software data into a video stream; Remultiplexing of multiplex streams; Insertion of stuffing bits into the multiplex stream, e.g. to obtain a constant bit-rate; Assembling of a packetised elementary stream
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/41Structure of client; Structure of client peripherals
    • H04N21/414Specialised client platforms, e.g. receiver in car or embedded in a mobile appliance
    • H04N21/41415Specialised client platforms, e.g. receiver in car or embedded in a mobile appliance involving a public display, viewable by several users in a public space outside their home, e.g. movie theatre, information kiosk
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/41Structure of client; Structure of client peripherals
    • H04N21/426Internal components of the client ; Characteristics thereof
    • H04N21/42607Internal components of the client ; Characteristics thereof for processing the incoming bitstream
    • H04N21/42623Internal components of the client ; Characteristics thereof for processing the incoming bitstream involving specific decryption arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/434Disassembling of a multiplex stream, e.g. demultiplexing audio and video streams, extraction of additional data from a video stream; Remultiplexing of multiplex streams; Extraction or processing of SI; Disassembling of packetised elementary stream
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/434Disassembling of a multiplex stream, e.g. demultiplexing audio and video streams, extraction of additional data from a video stream; Remultiplexing of multiplex streams; Extraction or processing of SI; Disassembling of packetised elementary stream
    • H04N21/4347Demultiplexing of several video streams
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/436Interfacing a local distribution network, e.g. communicating with another STB or one or more peripheral devices inside the home
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/436Interfacing a local distribution network, e.g. communicating with another STB or one or more peripheral devices inside the home
    • H04N21/4367Establishing a secure communication between the client and a peripheral device or smart card
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/44Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs
    • H04N21/4402Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs involving reformatting operations of video signals for household redistribution, storage or real-time display
    • H04N21/440218Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs involving reformatting operations of video signals for household redistribution, storage or real-time display by transcoding between formats or standards, e.g. from MPEG-2 to MPEG-4
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/44Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs
    • H04N21/4405Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs involving video stream decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/44Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs
    • H04N21/4408Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs involving video stream encryption, e.g. re-encrypting a decrypted video stream for redistribution in a home network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/60Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client 
    • H04N21/63Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
    • H04N21/643Communication protocols
    • H04N21/64322IP
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/80Generation or processing of content or additional data by content creator independently of the distribution process; Content per se
    • H04N21/81Monomedia components thereof
    • H04N21/8166Monomedia components thereof involving executable data, e.g. software
    • H04N21/8193Monomedia components thereof involving executable data, e.g. software dedicated tools, e.g. video decoder software or IPMP tool
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/80Generation or processing of content or additional data by content creator independently of the distribution process; Content per se
    • H04N21/83Generation or processing of protective or descriptive data associated with content; Content structuring
    • H04N21/835Generation of protective data, e.g. certificates
    • H04N21/8358Generation of protective data, e.g. certificates involving watermark
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N9/00Details of colour television systems
    • H04N9/12Picture reproducers
    • H04N9/31Projection devices for colour picture display, e.g. using electronic spatial light modulators [ESLM]

Definitions

  • the present description relates to digital cinema, and in particular to a distributed media player having a central playout server for ingesting and watermarking media data received from a content provider, and a plurality of display devices each including a decoder for receiving and decrypting the media data from the central playout server.
  • Movies are distributed in digital form, with movie data distributed as a Digital Cinema Package (DCP), which is a hierarchical file structure that represents a “composition” (i.e. movie or portion thereof).
  • the composition consists of a Composition Playlist (in XML format) that defines the playback sequence of a set of track files.
  • Track files carry the essence of the content. Two track files at a minimum must be present in every composition: a track file carrying picture essence, and a track file carrying audio essence.
  • the composition consisting of a composition playlist and associated track files, are distributed as a DCP.
  • the picture track file essence is compressed using JPEG 2000 and the Audio Track File carries a 24-bit linear PCM uncompressed multichannel WAV file.
  • Encryption is conventionally applied to the essence of a track file prior to distribution to protect it from unauthorized use, and then decryption is used at the cinema in order to play the composition.
  • a set of decryption keys is provided in the form of a Key Delivery Message (KDM).
  • KDM Key Delivery Message
  • Forensic marking also takes place, with picture and sound marked with time-of-day and location information. All secure processes take place in real time in secure hardware, such that unencrypted picture and sound data are never stored in user-accessible local data storage.
  • the processor where decryption, decompression, and forensic marking takes place is referred to as a Media Block. Where the Media Block is integrated within a projector, it is known as an integrated media block (IMB).
  • IMB integrated media block
  • each cinema auditorium is often referred to as a “screen”, each of which includes at least one display device, such as a projector, and audio processor
  • the management of multiple screens requires the capability to schedule shows, manage content and keys, centrally store content and keys for later movement over a network to a screen, and the ability to monitor the status and health of the system).
  • Each KDM is a package of decryption keys that are targeted for the projection hardware (IMB, projector, etc.) on a single screen for a particular piece of content and are valid for a limited time.
  • KDMs must be managed to ensure they are delivered to the correct screen.
  • the KDM enables playback of a specific DCP during a specific time window by an IMB identified by its serial number during the authoring process.
  • IMB International Mobile Broadcasting
  • this management of KDMs is generally either done by hand by the cinema staff, or through a networked device called a Theatre Management Server (TMS).
  • TMS Theatre Management Server
  • an IMB The purpose of an IMB is to convert DCP content into data that ultimately produces picture and sound in a theater.
  • the IMB is integrated directly into the projector, which ingests image data from a server (e.g. via a cat 6 Ethernet connection or a locally connected Hard drive), and decrypts, decodes (decompresses) and then watermarks the content before playback via the projector.
  • KDMs Key Delivery Messages
  • IMBs also contain a secure clock that is set in the factory and cannot be altered by the end user, outside of a very limited range defined by Digital Cinema Initiative (DCI) standards which the IMB uses to enforce the date/time playback restrictions in the KDM.
  • IMBs also include anti-tamper devices, designed to self-destruct the unit if unauthorized modification of its hardware, software or secure clock is attempted.
  • DCI Digital Cinema Initiative
  • the decryption process requires keys for decrypting the cinema content to be stored in plain text on the IMB. If exposed, these keys could be used to create a perfect copy of the cinema content (pirated content). Therefore, physical security (e.g. FIPS 140 - 2 Level 3 ; FIPS 140 - 3 Level 3 or other existing or future standards) is conventionally applied to the IMB to ensure that the secret private keys are not exposed during a security attack on the IMB.
  • physical security e.g. FIPS 140 - 2 Level 3 ; FIPS 140 - 3 Level 3 or other existing or future standards
  • the FIPS 140 series of standards are issued by the National Institute of Standards and Technology (NIST) to coordinate the requirements and standards for cryptography modules that include both hardware and software components, and in particular to maintain the confidentiality and integrity of the information protected by the module.
  • NIST National Institute of Standards and Technology
  • This series of standards specify the security requirements that must be satisfied by a cryptographic module.
  • the standards provide four increasing qualitative levels of security intended to cover a wide range of potential applications and environments.
  • FIPS 140 - 2 Level 3 includes tamper-evident physical security mechanisms and prevents and intruder from gaining access to critical security parameters (CSPs) held within the cryptographic module.
  • CSPs critical security parameters
  • Physical security mechanisms required at Security Level 3 are intended to have a high probability of detecting and responding to attempts at physical access, use or modification of the cryptographic module.
  • the physical security mechanisms may include the use of strong enclosures and tamper-detection/response circuitry that zeroes all plaintext CSPs when the removable covers/doors of the cryptographic module are opened.
  • FIPS 140 - 2 Level 3 physical security requires that an IMB provide a physical security boundary that is constantly monitored, even when unpowered, such that if a security attack is detected, the decryption key and security credentials are immediately and permanently erased.
  • the security environment and electrical interfaces required in a cinema projector to support an IMB is known as a Type 2 Secure Processing Block (SPB 2 ) and is defined by a studio consortium known as Digital Cinema Initiatives (DCI). Projectors must undergo a certification test defined by DCI to ensure the security and electrical interfaces required. Designing projectors for this and undergoing the compliance testing is very expensive. This results in cinema projectors being much more expensive than “regular” projectors of equivalent brightness. Furthermore, the SPB 2 environment takes more volume than a regular projector.
  • DCI Digital Cinema Initiatives
  • a distributed media player having a central playout server that includes a multiplexed media processing block for ingesting and watermarking media data received from a content provider, and a plurality of display devices, such as projectors, each including a decoder for receiving and decrypting the media data from the distributed media player.
  • the multiplexed media processing block accommodates the traditional functionality of an IMB residing in each projector, and supports the decryption, decompression and watermarking of content before being played in real time at the display device.
  • the distributed media player set forth herein eliminates the need for a complicated, expensive internal media block (IMB) at each display device since the decryption and watermarking of the content takes place on the central playout server. Additionally, because the content storage is located at the central playout server, there is no need for large amounts of content storage at each display device.
  • IMB internal media block
  • An aspect of the disclosure provides a distributed media player comprising: a central playout server having a multiplexed media processing block within a tamper-responsive enclosure, the central playout server having a first input for receiving at least one decryption key and a second input for receiving media data from a content provider and in response decrypting the media data via the multiplexed media processing block using the at least one decryption key and transmitting the decrypted media data over a local network as an encrypted data stream
  • Another aspect of the disclosure provides a method comprising: receiving encrypted digital content; receiving at least one decryption key; decrypting the encrypted digital content at a central playout server using the at least one decryption key to produce unencrypted digital content; generating an encrypted data stream from the unencrypted digital content; and distributing the encrypted data stream from the central playout server to the plurality of display devices.
  • FIG. 1 is a block diagram of a distributed media player, in accordance with an example of the present disclosure.
  • FIG. 2 is a diagram depicting further details of one possible example of the present disclosure.
  • FIG. 3 depicts a flowchart of a method of operating a distributed media player, in accordance with examples of the present disclosure.
  • the present disclosure describes devices, systems and methods for distributing digital content. While the present disclosure will be described with respect to distributing media data, such as audio and video content together (e.g. a digital movie), to multiple screens. However, the devices, systems and methods described herein may be used to distribute any playable digital content, including, but not limited to, video content (with or without audio) and audio content (e.g. without video) and the like.
  • the distributed media player 100 includes a central playout server 110 having a multiplexed media processing block 120 where content, in the form of a Digital Cinema Package (DCP), is located and ingested.
  • DCP Digital Cinema Package
  • Each DCP is encrypted using an encryption algorithm such as the well-known Advanced Encryption Algorithm (AES).
  • AES is a symmetric encryption algorithm that uses a 128-bit key for digital cinema applications.
  • AES is a symmetric encryption algorithm that uses a 128-bit key for digital cinema applications.
  • the KDM carries an encrypted version of each key used to encrypt the track files within the associated DCP.
  • a KDM is required to unlock and play the DCP.
  • DCPs may be received via satellite or by means of portable storage, such as a hard drive. Once decrypted, the content is stored in local network storage.
  • central playout server 110 essentially functions as a Type 2 Secure Processing Block (SPB 2 ) while the multiplexed media processing block 120 is a single or multiple devices with FIPS 140 - 2 (or 3 ) level 3 physical security that effectively multiplexes IMB functionality among the display devices 150 .
  • SPB 2 Type 2 Secure Processing Block
  • the central playout server 120 Before the content can be delivered to the display devices 150 , the central playout server 120 must undergo an initialization or configuration process according to the design of the cinema. In particular, the multiplexed media processing block 120 must configure each target screen in memory, according to the KDM and watermark, before it can send content to that screen. Therefore, the multiplexed media processing block 120 must have all display devices 150 configured in its memory so that it knows which display device 150 to send the target content to.
  • a key manager within the multiplexed media processing block 120 catalogs received KDMs and matches those to each of a plurality of display devices 150 (e.g. projectors).
  • All security activities take place within the multiplexed media processing block 120 , which then distributes the decrypted/decompressed/watermarked content to the display devices 150 at each screen over a local network 160 , as an encrypted data stream.
  • the content that is sent as a data stream from the central playout server 110 to each display device 150 can be either compressed or uncompressed.
  • SMPTE ST2110 may be used to encrypt the content distributed by the multiplexed media processing block 120 to the display devices 150 .
  • SDVoE may be used.
  • SMPTE ST2110 is a standard developed by the Society of Motion Picture and Television Engineers (SMPTE) for sending digital video over an IP network
  • SMPoE Software Defined Video-over-Ethernet
  • SMPTE ST2110 is a standard developed by the Society of Motion Picture and Television Engineers (SMPTE) for sending digital video over an IP network
  • SDVoE Software Defined Video-over-Ethernet
  • SMPTE Software Defined Video-over-Ethernet
  • the distributed media player 200 includes a central playout server 210 having a multiplexed media processing block 220 for decrypting, decompressing and watermarking content (DCPs) received from an ingest/network 215 via USB port 245 .
  • the multiplexed media processing block 220 can, for example, be a secure PCI-X board within central playout server 210 .
  • the content may originate from a portable storage, such as a hard drive, satellite or other means and be received via an input such as an Ethernet port 218 .
  • the received DCP content may be encrypted using an encryption algorithm, such as AES, and decoded or decompressed according to the JPEG 2000 standard following the initialization process discussed above, so that the multiplexed media processing block 220 and ST2110/SDVoE decoders conform to the same security model.
  • KDMs for decrypting the content may be received from a Theatre Management Server (TMS) or Library Management Server (LMS) 225 or a flash drive 235 and can be stored, for example, within a mass storage 230 or within the multiplexed media processing block 220 .
  • TMS Theatre Management Server
  • LMS Library Management Server
  • a key manager within the TMS/LMS 225 may catalog the KDMs and match those to each screen or, in the illustrated example the multiplexed media processing block 220 functions as a proxy for the display devices 240 and passes credentials to the TMS/LMS 225 on behalf of the display devices 240 .
  • the TMS interface to multiplexed media processing block 220 receives KDMs over 10Base-T/(IEEE 802.3)/100BASE-TX (IEEE 802.3u)/1000BASE-TX(IEEE 802.3ab) via an input such as a ruggedized Ethernet port 218 .
  • multiplexed media processing block 220 distributes the decrypted/decoded/watermarked content to the display devices 240 at each screen as an encrypted data stream over an SMPTE ST 2110 media network switch 250 .
  • media network switch 250 comprises a ST2110/AMWA NMOS Professional Media Network Interface Port for transporting the encrypted content over copperor optical fibres.
  • Associated audio content (e.g. compliant with DCI DCSS v1 supporting up to 16 channels of 24-bit Linear PCM AES/EBU audio at sample rates of 48 KHz or 96 KHz) is transmitted over the switch 250 to a plurality of audio processors 260 .
  • the audio may also include immersive audio bitstreams as defined by the SMPTE 2098 suite of standards.
  • the conformation of the audio signals may also be performed in this process thereby eliminating the need for additional expensive audio peripheral equipment at each screen. Therefore, the system described herein also supports the discrete transport of audio as an AES 67 compliant data that can be directly assigned to a specific B-Chain system of an audio processor 260 .
  • the multiplexed media processing block 220 is enclosed within a tamper-responsive enclosure 255 .
  • the tamper-responsive enclosure 255 is constructed so as to comply with FIPS 140 - 2 Level 3 physical security, and may include one or more physical and/or electrical security mechanisms for detecting and/or preventing unauthorized access to components located in the tamper-responsive enclosure 255 , including, but not limited to, cryptographic keys stored in multiplexed media processing block 220 . For example, when an attempted unauthorized access is detected, at least the cryptographic keys stored in multiplexed media processing block 120 may be deleted
  • FIG. 3 depicts a flowchart of a method 300 for distributing digital content, according to non-limiting examples.
  • the method 300 is performed using the distributed media player 200 of FIG. 2 , for example by multiplexed media processing block 220 and a controller and/or processor and/or FPGA, and the like, of the display device 240 .
  • the distributed media player 200 and/or systems described herein and/or the method 300 can be varied and need not work exactly as discussed herein in conjunction with each other, and that such variations are within the scope of present examples.
  • the method 300 need not be performed in the exact sequence as shown, unless otherwise indicated; and likewise, various blocks may be performed in parallel rather than in sequence; hence the elements of the method 300 are referred to herein as “blocks” rather than “steps”.
  • blocks on the “left” side of FIG. 3 are understood to be performed by the multiplexed media processing block 220
  • blocks on the “right” side of FIG. 3 are understood to be performed by the display device 240 .
  • the multiplexed media processing block 220 receives digital content, for example from ingest/network 215 .
  • the multiplexed media processing block 220 receives one or more KDM messages from the RJ-45 connector to TMS/LMS 220 or from USB flash drive 235 for decrypting the encrypted digital content.
  • the multiplexed media processing block 220 decrypts the encrypted digital content using the KDMs to produce unencrypted digital content and decodes the unencrypted content using JPEG 2000 decoding.
  • the multiplexed media processing block 220 generates encrypted output from the unencrypted digital content applying encryption before transporting the data using the SMPTE ST 2110 standard.
  • the multiplexed media processing block 220 may then add watermarking of the video and/or audio for forensic marking.
  • the multiplexed media processing block 220 may further combine the digital content from the JPEG 2000 decoding (which may or may not be forensically marked), and audio channel mapping (which may or may not be forensically marked), and decrypted timed text (e.g. subtitles).
  • JPEG 2000 decoding which may or may not be forensically marked
  • audio channel mapping which may or may not be forensically marked
  • decrypted timed text e.g. subtitles
  • the multiplexed media processing block 220 may be configured to generate encrypted output from digital content by: receiving digital content from in an encrypted and compressed format; decrypting the digital content using a decryption key (e.g. an AES key) and decoding (decompressing) to generate unencrypted digital content; and re-encrypting the unencrypted digital content again before transporting over ST 2110 (or alternatively SDVoE).
  • a decryption key e.g. an AES key
  • decoding decompressing
  • the multiplexed media processing block 220 provides, to the display devices 240 and audio processors 260 , via the data switch 250 , the encrypted output.
  • a display device 240 receives the encrypted output via the data switch 250 .
  • the display device 240 decrypts the encrypted output received from the media block 402 using a ST 2110 (or alternatively SDVoE) decoder.
  • the display device 240 generates respective transcoded outputs for playback of the content via an associated projector (block 318 ).
  • the distributed media player 100 or 200 eliminates the need for a complicated, expensive internal media block (IMB) at each display device 150 / 240 since the decryption and watermarking of the content takes place within the central playout server 110 / 210 . Additionally, because the content storage is located at the central playout server within mass storage 230 , there is no need for large amounts of content storage at each display device.
  • IMB internal media block
  • elements may be described as “configured to” perform one or more functions or “configured for” such functions.
  • an element that is configured to perform or configured for performing a function is enabled to perform the function, or is suitable for performing the function, or is adapted to perform the function, or is operable to perform the function, or is otherwise capable of performing the function.
  • language of “at least one of X, Y, and Z” and “one or more of X, Y and Z” can be construed as X only, Y only, Z only, or any combination of two or more items X, Y, and Z (e.g., XYZ, XY, YZ, XZ, and the like). Similar logic can be applied for two or more items in any occurrence of “at least one . . . ” and “one or more . . . ” language.
  • the functionality of devices and/or methods and/or processes described herein can be implemented using pre-programmed hardware or firmware elements (e.g., application specific integrated circuits (ASICs), electrically erasable programmable read-only memories (EEPROMs), etc.), or other related components.
  • ASICs application specific integrated circuits
  • EEPROMs electrically erasable programmable read-only memories
  • the functionality of the devices and/or methods and/or processes described herein can be achieved using a computing apparatus that has access to a code memory (not shown) which stores computer-readable program code for operation of the computing apparatus.
  • the computer-readable program code could be stored on a computer readable storage medium which is fixed, tangible and readable directly by these components, (e.g., removable diskette, CD-ROM, ROM, fixed disk, USB drive).
  • the computer-readable program can be stored as a computer program product comprising a computer usable medium.
  • a persistent storage device can comprise the computer readable program code.
  • the computer-readable program code and/or computer usable medium can comprise a non-transitory computer-readable program code and/or non-transitory computer usable medium.
  • the computer-readable program code could be stored remotely but transmittable to these components via a modem or other interface device connected to a network (including, without limitation, the Internet) over a transmission medium.
  • the transmission medium can be either a non-mobile medium (e.g., optical and/or digital and/or analog communications lines) or a mobile medium (e.g., microwave, infrared, free-space optical or other transmission schemes) or a combination thereof.

Landscapes

  • Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Multimedia (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)

Abstract

Devices, systems and methods for distribution of digital content are set forth, wherein a distributed media player is provided comprising a
a central playout server having a multiplexed media processing block within a tamper-responsive enclosure, the central playout server having a first input for receiving at least one decryption key and a second input for receiving media data from a content provider in response to which the multiplexed media processing block decrypts the media data using the at least one decryption key and transmits the decrypted media data over a local network to a plurality of devices as an encrypted data stream.

Description

    FIELD
  • The present description relates to digital cinema, and in particular to a distributed media player having a central playout server for ingesting and watermarking media data received from a content provider, and a plurality of display devices each including a decoder for receiving and decrypting the media data from the central playout server.
    • BACKGROUND
  • Movies are distributed in digital form, with movie data distributed as a Digital Cinema Package (DCP), which is a hierarchical file structure that represents a “composition” (i.e. movie or portion thereof). The composition consists of a Composition Playlist (in XML format) that defines the playback sequence of a set of track files. Track files carry the essence of the content. Two track files at a minimum must be present in every composition: a track file carrying picture essence, and a track file carrying audio essence. The composition, consisting of a composition playlist and associated track files, are distributed as a DCP. The picture track file essence is compressed using JPEG 2000 and the Audio Track File carries a 24-bit linear PCM uncompressed multichannel WAV file.
  • Encryption is conventionally applied to the essence of a track file prior to distribution to protect it from unauthorized use, and then decryption is used at the cinema in order to play the composition. A set of decryption keys is provided in the form of a Key Delivery Message (KDM). Forensic marking also takes place, with picture and sound marked with time-of-day and location information. All secure processes take place in real time in secure hardware, such that unencrypted picture and sound data are never stored in user-accessible local data storage. The processor where decryption, decompression, and forensic marking takes place is referred to as a Media Block. Where the Media Block is integrated within a projector, it is known as an integrated media block (IMB).
  • In a conventional multi-screen digital cinema, decryption keys for all screens must be ingested (loaded and decrypted) by an IMB at each screen (each cinema auditorium is often referred to as a “screen”, each of which includes at least one display device, such as a projector, and audio processor) The management of multiple screens requires the capability to schedule shows, manage content and keys, centrally store content and keys for later movement over a network to a screen, and the ability to monitor the status and health of the system). Each KDM is a package of decryption keys that are targeted for the projection hardware (IMB, projector, etc.) on a single screen for a particular piece of content and are valid for a limited time. These KDMs must be managed to ensure they are delivered to the correct screen. The KDM enables playback of a specific DCP during a specific time window by an IMB identified by its serial number during the authoring process. Currently, this management of KDMs is generally either done by hand by the cinema staff, or through a networked device called a Theatre Management Server (TMS).
  • The purpose of an IMB is to convert DCP content into data that ultimately produces picture and sound in a theater. The IMB is integrated directly into the projector, which ingests image data from a server (e.g. via a cat 6 Ethernet connection or a locally connected Hard drive), and decrypts, decodes (decompresses) and then watermarks the content before playback via the projector. Upon ingestion, Key Delivery Messages (KDMs) are stored on flash memory in the IMB. IMBs also contain a secure clock that is set in the factory and cannot be altered by the end user, outside of a very limited range defined by Digital Cinema Initiative (DCI) standards which the IMB uses to enforce the date/time playback restrictions in the KDM. IMBs also include anti-tamper devices, designed to self-destruct the unit if unauthorized modification of its hardware, software or secure clock is attempted.
  • The decryption process requires keys for decrypting the cinema content to be stored in plain text on the IMB. If exposed, these keys could be used to create a perfect copy of the cinema content (pirated content). Therefore, physical security (e.g. FIPS 140-2 Level 3; FIPS 140-3 Level 3 or other existing or future standards) is conventionally applied to the IMB to ensure that the secret private keys are not exposed during a security attack on the IMB.
  • The FIPS 140 series of standards are issued by the National Institute of Standards and Technology (NIST) to coordinate the requirements and standards for cryptography modules that include both hardware and software components, and in particular to maintain the confidentiality and integrity of the information protected by the module. This series of standards specify the security requirements that must be satisfied by a cryptographic module. The standards provide four increasing qualitative levels of security intended to cover a wide range of potential applications and environments.
  • For example, FIPS 140-2 Level 3 includes tamper-evident physical security mechanisms and prevents and intruder from gaining access to critical security parameters (CSPs) held within the cryptographic module. Physical security mechanisms required at Security Level 3 are intended to have a high probability of detecting and responding to attempts at physical access, use or modification of the cryptographic module. The physical security mechanisms may include the use of strong enclosures and tamper-detection/response circuitry that zeroes all plaintext CSPs when the removable covers/doors of the cryptographic module are opened.
  • FIPS 140-2 Level 3 physical security requires that an IMB provide a physical security boundary that is constantly monitored, even when unpowered, such that if a security attack is detected, the decryption key and security credentials are immediately and permanently erased. These extensive security requirements, as well as the associated certification testing, results in an IMB being a large, complex, and expensive device.
  • The security environment and electrical interfaces required in a cinema projector to support an IMB is known as a Type 2 Secure Processing Block (SPB2) and is defined by a studio consortium known as Digital Cinema Initiatives (DCI). Projectors must undergo a certification test defined by DCI to ensure the security and electrical interfaces required. Designing projectors for this and undergoing the compliance testing is very expensive. This results in cinema projectors being much more expensive than “regular” projectors of equivalent brightness. Furthermore, the SPB2 environment takes more volume than a regular projector.
  • Also, since playback of cinema content is done in real-time by reading the content from a mass storage device, sending it through the IMB to decrypt and decode the content, and then display the content on the projector, and because cinema content is very large (a feature length film is typically over 250 GB), there needs to be a large fault-tolerant storage device for each IMB. This storage device must be very reliable, and requires redundancy, usually provide by a RAID array.
  • The following prior art is relevant to this disclosure: US20130132729A1 and U.S. Pat. No. 6,812,994.
  • The description above is presented as a general overview of related art in this field and should not be construed as an admission that any of the information it contains constitutes prior art against the present patent application.
    • SUMMARY
  • According to an aspect of this disclosure, a distributed media player is set forth having a central playout server that includes a multiplexed media processing block for ingesting and watermarking media data received from a content provider, and a plurality of display devices, such as projectors, each including a decoder for receiving and decrypting the media data from the distributed media player.
  • The multiplexed media processing block accommodates the traditional functionality of an IMB residing in each projector, and supports the decryption, decompression and watermarking of content before being played in real time at the display device.
  • The distributed media player set forth herein eliminates the need for a complicated, expensive internal media block (IMB) at each display device since the decryption and watermarking of the content takes place on the central playout server. Additionally, because the content storage is located at the central playout server, there is no need for large amounts of content storage at each display device.
  • Systems and methods for distribution of digital audio and video content are provided.
  • An aspect of the disclosure provides a distributed media player comprising: a central playout server having a multiplexed media processing block within a tamper-responsive enclosure, the central playout server having a first input for receiving at least one decryption key and a second input for receiving media data from a content provider and in response decrypting the media data via the multiplexed media processing block using the at least one decryption key and transmitting the decrypted media data over a local network as an encrypted data stream
  • Another aspect of the disclosure provides a method comprising: receiving encrypted digital content; receiving at least one decryption key; decrypting the encrypted digital content at a central playout server using the at least one decryption key to produce unencrypted digital content; generating an encrypted data stream from the unencrypted digital content; and distributing the encrypted data stream from the central playout server to the plurality of display devices. The details of one or more variations of the subject matter described herein are set forth in the accompanying drawings and the description below. Other features and advantages of the subject matter described herein will be apparent from the description and drawings.
    • DESCRIPTION OF DRAWINGS
  • FIG. 1 is a block diagram of a distributed media player, in accordance with an example of the present disclosure.
  • FIG. 2 is a diagram depicting further details of one possible example of the present disclosure.
  • FIG. 3 depicts a flowchart of a method of operating a distributed media player, in accordance with examples of the present disclosure.
    •  DETAILED DESCRIPTION
  • To overcome the deficiencies of the conventional approaches, the present disclosure describes devices, systems and methods for distributing digital content. While the present disclosure will be described with respect to distributing media data, such as audio and video content together (e.g. a digital movie), to multiple screens. However, the devices, systems and methods described herein may be used to distribute any playable digital content, including, but not limited to, video content (with or without audio) and audio content (e.g. without video) and the like.
  • To illustrate an example of a distributed media player 100, reference is made to FIG. 1. The distributed media player 100 includes a central playout server 110 having a multiplexed media processing block 120 where content, in the form of a Digital Cinema Package (DCP), is located and ingested. Each DCP is encrypted using an encryption algorithm such as the well-known Advanced Encryption Algorithm (AES). AES is a symmetric encryption algorithm that uses a 128-bit key for digital cinema applications. When encrypted, the essence within each track file of the DCP is encrypted with a unique key. The KDM carries an encrypted version of each key used to encrypt the track files within the associated DCP. A KDM is required to unlock and play the DCP. DCPs may be received via satellite or by means of portable storage, such as a hard drive. Once decrypted, the content is stored in local network storage.
  • In the illustrated example, central playout server 110 essentially functions as a Type 2 Secure Processing Block (SPB2) while the multiplexed media processing block 120 is a single or multiple devices with FIPS 140-2 (or 3) level 3 physical security that effectively multiplexes IMB functionality among the display devices 150.
  • Before the content can be delivered to the display devices 150, the central playout server 120 must undergo an initialization or configuration process according to the design of the cinema. In particular, the multiplexed media processing block 120 must configure each target screen in memory, according to the KDM and watermark, before it can send content to that screen. Therefore, the multiplexed media processing block 120 must have all display devices 150 configured in its memory so that it knows which display device 150 to send the target content to.
  • After the initialization process, a key manager within the multiplexed media processing block 120 catalogs received KDMs and matches those to each of a plurality of display devices 150 (e.g. projectors).
  • All security activities (decrypt/decompress/watermark) take place within the multiplexed media processing block 120, which then distributes the decrypted/decompressed/watermarked content to the display devices 150 at each screen over a local network 160, as an encrypted data stream. The content that is sent as a data stream from the central playout server 110 to each display device 150 can be either compressed or uncompressed.
  • In one embodiment, SMPTE ST2110 may be used to encrypt the content distributed by the multiplexed media processing block 120 to the display devices 150. In another embodiment, SDVoE may be used. SMPTE ST2110 is a standard developed by the Society of Motion Picture and Television Engineers (SMPTE) for sending digital video over an IP network, while SDVoE (Software Defined Video-over-Ethernet) is a high-performance, software-based AV-over-IP platform for control and distribution of digital content over Ethernet/Fiber networks. Advantageously, only a simple ST2110/SDVoE decoder is required at each display device 150 to decrypt the content, thereby eliminating the need for a complicated, expensive internal media block (IMB) with FIPS 140-2 Level 3 physical security protection at each display device.
  • An exemplary embodiment of a distributed media player 200, according to an aspect of this disclosure, is shown in FIG. 2. The distributed media player 200 includes a central playout server 210 having a multiplexed media processing block 220 for decrypting, decompressing and watermarking content (DCPs) received from an ingest/network 215 via USB port 245. The multiplexed media processing block 220 can, for example, be a secure PCI-X board within central playout server 210. The content may originate from a portable storage, such as a hard drive, satellite or other means and be received via an input such as an Ethernet port 218.
  • As discussed above, the received DCP content may be encrypted using an encryption algorithm, such as AES, and decoded or decompressed according to the JPEG 2000 standard following the initialization process discussed above, so that the multiplexed media processing block 220 and ST2110/SDVoE decoders conform to the same security model. KDMs for decrypting the content may be received from a Theatre Management Server (TMS) or Library Management Server (LMS) 225 or a flash drive 235 and can be stored, for example, within a mass storage 230 or within the multiplexed media processing block 220. A key manager within the TMS/LMS 225 may catalog the KDMs and match those to each screen or, in the illustrated example the multiplexed media processing block 220 functions as a proxy for the display devices 240 and passes credentials to the TMS/LMS 225 on behalf of the display devices 240. In an embodiment, the TMS interface to multiplexed media processing block 220 receives KDMs over 10Base-T/(IEEE 802.3)/100BASE-TX (IEEE 802.3u)/1000BASE-TX(IEEE 802.3ab) via an input such as a ruggedized Ethernet port 218.
  • As discussed above, multiplexed media processing block 220 distributes the decrypted/decoded/watermarked content to the display devices 240 at each screen as an encrypted data stream over an SMPTE ST 2110 media network switch 250. In one embodiment, media network switch 250 comprises a ST2110/AMWA NMOS Professional Media Network Interface Port for transporting the encrypted content over copperor optical fibres.
  • Associated audio content (e.g. compliant with DCI DCSS v1 supporting up to 16 channels of 24-bit Linear PCM AES/EBU audio at sample rates of 48 KHz or 96 KHz) is transmitted over the switch 250 to a plurality of audio processors 260. The audio may also include immersive audio bitstreams as defined by the SMPTE 2098 suite of standards. As the processing of the audio and visual data contained within a DCP is being processed at a single location, the conformation of the audio signals may also be performed in this process thereby eliminating the need for additional expensive audio peripheral equipment at each screen. Therefore, the system described herein also supports the discrete transport of audio as an AES 67 compliant data that can be directly assigned to a specific B-Chain system of an audio processor 260.
  • The multiplexed media processing block 220 is enclosed within a tamper-responsive enclosure 255. The tamper-responsive enclosure 255 is constructed so as to comply with FIPS 140-2 Level 3 physical security, and may include one or more physical and/or electrical security mechanisms for detecting and/or preventing unauthorized access to components located in the tamper-responsive enclosure 255, including, but not limited to, cryptographic keys stored in multiplexed media processing block 220. For example, when an attempted unauthorized access is detected, at least the cryptographic keys stored in multiplexed media processing block 120 may be deleted
  • Attention is now directed to FIG. 3 which depicts a flowchart of a method 300 for distributing digital content, according to non-limiting examples. In order to assist in the explanation of the method 300, it will be assumed that the method 300 is performed using the distributed media player 200 of FIG. 2, for example by multiplexed media processing block 220 and a controller and/or processor and/or FPGA, and the like, of the display device 240. However, it is to be understood that the distributed media player 200 and/or systems described herein and/or the method 300 can be varied and need not work exactly as discussed herein in conjunction with each other, and that such variations are within the scope of present examples.
  • Regardless, it is to be emphasized, that the method 300 need not be performed in the exact sequence as shown, unless otherwise indicated; and likewise, various blocks may be performed in parallel rather than in sequence; hence the elements of the method 300 are referred to herein as “blocks” rather than “steps”.
  • Furthermore, blocks on the “left” side of FIG. 3 are understood to be performed by the multiplexed media processing block 220, and blocks on the “right” side of FIG. 3 are understood to be performed by the display device 240.
  • At a block 302, the multiplexed media processing block 220 receives digital content, for example from ingest/network 215.
  • At a block 304, the multiplexed media processing block 220 receives one or more KDM messages from the RJ-45 connector to TMS/LMS 220 or from USB flash drive 235 for decrypting the encrypted digital content.
  • At the time of playback, at block 306, the multiplexed media processing block 220 decrypts the encrypted digital content using the KDMs to produce unencrypted digital content and decodes the unencrypted content using JPEG 2000 decoding.
  • At block 308, the multiplexed media processing block 220 generates encrypted output from the unencrypted digital content applying encryption before transporting the data using the SMPTE ST 2110 standard. Optionally, the multiplexed media processing block 220 may then add watermarking of the video and/or audio for forensic marking.
  • For example, at block 308, the multiplexed media processing block 220 may further combine the digital content from the JPEG 2000 decoding (which may or may not be forensically marked), and audio channel mapping (which may or may not be forensically marked), and decrypted timed text (e.g. subtitles).
  • Thus, the multiplexed media processing block 220 may be configured to generate encrypted output from digital content by: receiving digital content from in an encrypted and compressed format; decrypting the digital content using a decryption key (e.g. an AES key) and decoding (decompressing) to generate unencrypted digital content; and re-encrypting the unencrypted digital content again before transporting over ST 2110 (or alternatively SDVoE).
  • At a block 310, the multiplexed media processing block 220 provides, to the display devices 240 and audio processors 260, via the data switch 250, the encrypted output.
  • At a block 312, a display device 240 receives the encrypted output via the data switch 250.
  • At a block 314, the display device 240 decrypts the encrypted output received from the media block 402 using a ST 2110 (or alternatively SDVoE) decoder.
  • At a block 316, the display device 240 generates respective transcoded outputs for playback of the content via an associated projector (block 318).
  • In summary, the distributed media player 100 or 200 eliminates the need for a complicated, expensive internal media block (IMB) at each display device 150/240 since the decryption and watermarking of the content takes place within the central playout server 110/210. Additionally, because the content storage is located at the central playout server within mass storage 230, there is no need for large amounts of content storage at each display device.
  • In this disclosure, elements may be described as “configured to” perform one or more functions or “configured for” such functions. In general, an element that is configured to perform or configured for performing a function is enabled to perform the function, or is suitable for performing the function, or is adapted to perform the function, or is operable to perform the function, or is otherwise capable of performing the function.
  • It is understood that for the purpose of this disclosure, language of “at least one of X, Y, and Z” and “one or more of X, Y and Z” can be construed as X only, Y only, Z only, or any combination of two or more items X, Y, and Z (e.g., XYZ, XY, YZ, XZ, and the like). Similar logic can be applied for two or more items in any occurrence of “at least one . . . ” and “one or more . . . ” language.
  • The terms “about”, “substantially”, “essentially”, “approximately”, and the like, are defined as being “close to”, for example as understood by persons of skill in the art. In some examples, the terms are understood to be “within 10%,” in other examples, “within 5%”, in yet further examples, “within 1%”, and in yet further examples “within 0.5%”.
  • Persons skilled in the art will appreciate that in some examples, the functionality of devices and/or methods and/or processes described herein can be implemented using pre-programmed hardware or firmware elements (e.g., application specific integrated circuits (ASICs), electrically erasable programmable read-only memories (EEPROMs), etc.), or other related components. In other examples, the functionality of the devices and/or methods and/or processes described herein can be achieved using a computing apparatus that has access to a code memory (not shown) which stores computer-readable program code for operation of the computing apparatus. The computer-readable program code could be stored on a computer readable storage medium which is fixed, tangible and readable directly by these components, (e.g., removable diskette, CD-ROM, ROM, fixed disk, USB drive). Furthermore, it is appreciated that the computer-readable program can be stored as a computer program product comprising a computer usable medium. Further, a persistent storage device can comprise the computer readable program code. It is yet further appreciated that the computer-readable program code and/or computer usable medium can comprise a non-transitory computer-readable program code and/or non-transitory computer usable medium. Alternatively, the computer-readable program code could be stored remotely but transmittable to these components via a modem or other interface device connected to a network (including, without limitation, the Internet) over a transmission medium. The transmission medium can be either a non-mobile medium (e.g., optical and/or digital and/or analog communications lines) or a mobile medium (e.g., microwave, infrared, free-space optical or other transmission schemes) or a combination thereof.
  • Persons skilled in the art will appreciate that there are yet more alternative examples and modifications possible, and that the above examples are only illustrations of one or more examples. The scope, therefore, is only to be limited by the claims appended hereto.

Claims (15)

What is claimed is:
1. A system comprising:
a distributed media player including:
a central playout server having a multiplexed media processing block within a tamper-responsive enclosure, the central playout server having a first input for receiving at least one decryption key and a second input for receiving media data from a content provider and in response decrypting the media data via the multiplexed media processing block using the at least one decryption key and transmitting the decrypted media data over a local network as an encrypted data stream,
a plurality of display devices, wherein each display device includes a decoder for decrypting the encrypted data stream and a projector for displaying the media data on a screen; and
a media network switch for disturbing the encrypted data stream to the plurality of display devices.
2. The distributed media player of the system of claim 1, further including a flash storage within the tamper-responsive enclosure for storing the at least one decryption key.
3. The distributed media player of the system of claim 1, wherein SMPTE ST2110 is used to transmit the encrypted data stream.
4. The distributed media player of the system of claim 1, wherein SDVoE is used to transmit the encrypted data stream.
5. The distributed media player of the system of claim 1, wherein the tamper-responsive enclosure is constructed so as to comply with FIPS 140-2 Level 3 physical security.
6. (canceled)
7. The system of claim 1, wherein media network switch comprises a ST2110 media network interface port for streaming distributing the encrypted data stream over the local network.
8. The system of claim 1, further including an audio processor associated with each display device.
9. The system of claim 1, wherein the decrypted media data are watermarked prior to being distributed to the plurality of display devices.
10. A method comprising:
receiving encrypted digital content;
receiving at least one decryption key;
decrypting the encrypted digital content at a central playout server using the at least one decryption key to produce unencrypted digital content;
generating an encrypted data stream from the unencrypted digital content;
distributing the encrypted data stream from the central playout server to a plurality of display devices,
receiving the encrypted data stream at one of the plurality of display devices;
decrypting the encrypted data stream via a decoder at one of the plurality of display devices and in response generating respective transcoded outputs representing the digital content; and
playing back the digital content via a projector.
11. (canceled)
12. The method of claim 10, wherein the unencrypted digital content is decoded before generating the encrypted data stream.
13. The method of claim 10, wherein the unencrypted digital content is watermarked before generating the encrypted data stream.
14. The method of claim 10, wherein the encrypted data stream is transmitted using SMPTE ST 2110.
15. The method of claim 10, wherein the encrypted data stream is transmitted using SDVoE.
US17/144,539 2021-01-08 2021-01-08 Distributed media player for digital cinema Active US11405684B1 (en)

Priority Applications (4)

Application Number Priority Date Filing Date Title
US17/144,539 US11405684B1 (en) 2021-01-08 2021-01-08 Distributed media player for digital cinema
JP2022001246A JP2022107526A (en) 2021-01-08 2022-01-06 Distributed media player for digital cinema
EP22150578.7A EP4027646A1 (en) 2021-01-08 2022-01-07 Distributed media player for digital cinema
CN202210015118.6A CN114760499A (en) 2021-01-08 2022-01-07 Distributed media player for digital cinema

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US17/144,539 US11405684B1 (en) 2021-01-08 2021-01-08 Distributed media player for digital cinema

Publications (2)

Publication Number Publication Date
US20220224974A1 true US20220224974A1 (en) 2022-07-14
US11405684B1 US11405684B1 (en) 2022-08-02

Family

ID=79283104

Family Applications (1)

Application Number Title Priority Date Filing Date
US17/144,539 Active US11405684B1 (en) 2021-01-08 2021-01-08 Distributed media player for digital cinema

Country Status (4)

Country Link
US (1) US11405684B1 (en)
EP (1) EP4027646A1 (en)
JP (1) JP2022107526A (en)
CN (1) CN114760499A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20210400357A1 (en) * 2020-06-23 2021-12-23 Yuan High-Tech Development Co., Ltd. Method of High-Definition Video Transmission
US20230142037A1 (en) * 2021-11-08 2023-05-11 Gdc Technology (Shenzhen) Limited Integrated dci compliant movie player and dlp projection equipment

Citations (35)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080049704A1 (en) * 2006-08-25 2008-02-28 Skyclix, Inc. Phone-based broadcast audio identification
US20080082510A1 (en) * 2006-10-03 2008-04-03 Shazam Entertainment Ltd Method for High-Throughput Identification of Distributed Broadcast Content
US20090313670A1 (en) * 2006-05-24 2009-12-17 Hiroyuki Takao Television receiver program, and recording medium
US7653921B2 (en) * 2002-07-01 2010-01-26 Microsoft Corporation System and method for providing user control over repeating objects embedded in a stream
US20100114713A1 (en) * 2008-11-04 2010-05-06 American Express Travel Related Services Company, Inc. Customized financial transaction pricing
US20110071838A1 (en) * 2000-07-31 2011-03-24 Avery Li-Chun Wang System and methods for recognizing sound and music signals in high noise and distortion
US7913326B1 (en) * 2008-05-27 2011-03-29 Barrows Thomas D Patient laser goggles
US20110273455A1 (en) * 2010-05-04 2011-11-10 Shazam Entertainment Ltd. Systems and Methods of Rendering a Textual Animation
US20110283319A1 (en) * 2009-02-12 2011-11-17 Davis Bruce L Media Processing Methods and Arrangements
US20120297400A1 (en) * 2011-02-03 2012-11-22 Sony Corporation Method and system for invoking an application in response to a trigger event
US20120295560A1 (en) * 2011-05-18 2012-11-22 Sparcq, Inc. Sonic signaling communication for user devices
US20120316969A1 (en) * 2011-06-13 2012-12-13 Metcalf Iii Otis Rudy System and method for advertisement ranking and display
US20130029762A1 (en) * 2011-07-28 2013-01-31 United Video Properties, Inc. Systems and methods for selectively modifying the display of advertisements based on an interactive gaming environment
US20130031579A1 (en) * 2011-07-28 2013-01-31 United Video Properties, Inc. Systems and methods for selectively modifying the display of advertisements and providing supplementary media content
US20130042262A1 (en) * 2010-04-14 2013-02-14 Sven Riethmueller Platform-independent interactivity with media broadcasts
US20130044051A1 (en) * 2011-08-19 2013-02-21 Youngho JEONG Image display device and method for operating the same
US20130067512A1 (en) * 2008-01-10 2013-03-14 Touchtunes Music Corporation Systems and/or methods for distributing advertisements from a central advertisement network to a peripheral device via a local advertisement server
US20130073377A1 (en) * 2011-09-15 2013-03-21 Stephan HEATH Mobile device system and method providing 3d geo-target location-based mobile commerce searching/purchases, discounts/coupons products, goods, and services, and social networking
US20130073366A1 (en) * 2011-09-15 2013-03-21 Stephan HEATH System and method for tracking, utilizing predicting, and implementing online consumer browsing behavior, buying patterns, social networking communications, advertisements and communications, for online coupons, products, goods & services, auctions, and service providers using geospatial mapping technology, and social networking
US20130080262A1 (en) * 2010-02-26 2013-03-28 Research In Motion Limited Scheduling and delivering ad meetings
US20130080242A1 (en) * 2009-08-20 2013-03-28 Laurent Daniel Alhadeff Networked Profiling And Multimedia Content Targeting System
US20130085828A1 (en) * 2011-10-04 2013-04-04 Andrew Michael Schuster System and methods for content distribution with integrated game mechanics
US20130111519A1 (en) * 2011-10-27 2013-05-02 James C. Rice Exchange Value Engine
US20130124073A1 (en) * 2011-11-11 2013-05-16 Verizon Patent And Licensing Inc. Live traffic congestion detection
US8510770B1 (en) * 2012-02-03 2013-08-13 Google Inc. Predicting live programs
US20140115761A1 (en) * 2012-10-26 2014-05-01 Smith Optics, Inc. Goggle with adjustable nose area
US20140196070A1 (en) * 2013-01-07 2014-07-10 Smrtv, Inc. System and method for automated broadcast media identification
US20150082349A1 (en) * 2013-09-13 2015-03-19 Arris Enterprises, Inc. Content Based Video Content Segmentation
US20150143416A1 (en) * 2013-11-21 2015-05-21 Thomson Licensing Method and apparatus for matching of corresponding frames in multimedia streams
US20150216710A1 (en) * 2014-01-31 2015-08-06 Nozewair, Llc Devices to dilate nasal airways for various applications involving: activities using goggles with a helmet or goggles alone; swimming with goggles, without or with a swim cap; sleep; sleep with a cpap mask; and for physical activities
US20150222950A1 (en) * 2012-08-21 2015-08-06 Omnifone Ltd. Method of identifying media content
US20150229979A1 (en) * 2014-02-11 2015-08-13 The Nielsen Company (Us), Llc Methods and apparatus to calculate video-on-demand and dynamically inserted advertisement viewing probability
US20180184160A1 (en) * 2016-12-25 2018-06-28 Cisco Technology, Inc. Reinforced interleaved watermarking
US20190007729A1 (en) * 2017-06-30 2019-01-03 The Nielsen Company (Us), Llc Methods and apparatus to detect audio engineering problems using identification of isolated watermarks
US20190130136A1 (en) * 2017-10-26 2019-05-02 Christie Digital Systems Usa, Inc. Devices, systems and methods for distribution of digital content

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6812994B2 (en) 2002-12-04 2004-11-02 Eastman Kodak Company Streamlined methods and systems for scheduling and handling digital cinema content in a multi-theatre environment
US8121295B1 (en) 2008-03-28 2012-02-21 Sprint Spectrum L.P. Method, apparatus, and system for controlling playout of media
US9516364B2 (en) 2010-03-29 2016-12-06 Google Technology Holdings LLC Secure transcoding of content
EP2416520A1 (en) 2010-08-03 2012-02-08 Thomson Licensing Method and system for protecting by watermarking against non-authorised use original audio or video data which are to be presented

Patent Citations (35)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110071838A1 (en) * 2000-07-31 2011-03-24 Avery Li-Chun Wang System and methods for recognizing sound and music signals in high noise and distortion
US7653921B2 (en) * 2002-07-01 2010-01-26 Microsoft Corporation System and method for providing user control over repeating objects embedded in a stream
US20090313670A1 (en) * 2006-05-24 2009-12-17 Hiroyuki Takao Television receiver program, and recording medium
US20080049704A1 (en) * 2006-08-25 2008-02-28 Skyclix, Inc. Phone-based broadcast audio identification
US20080082510A1 (en) * 2006-10-03 2008-04-03 Shazam Entertainment Ltd Method for High-Throughput Identification of Distributed Broadcast Content
US20130067512A1 (en) * 2008-01-10 2013-03-14 Touchtunes Music Corporation Systems and/or methods for distributing advertisements from a central advertisement network to a peripheral device via a local advertisement server
US7913326B1 (en) * 2008-05-27 2011-03-29 Barrows Thomas D Patient laser goggles
US20100114713A1 (en) * 2008-11-04 2010-05-06 American Express Travel Related Services Company, Inc. Customized financial transaction pricing
US20110283319A1 (en) * 2009-02-12 2011-11-17 Davis Bruce L Media Processing Methods and Arrangements
US20130080242A1 (en) * 2009-08-20 2013-03-28 Laurent Daniel Alhadeff Networked Profiling And Multimedia Content Targeting System
US20130080262A1 (en) * 2010-02-26 2013-03-28 Research In Motion Limited Scheduling and delivering ad meetings
US20130042262A1 (en) * 2010-04-14 2013-02-14 Sven Riethmueller Platform-independent interactivity with media broadcasts
US20110273455A1 (en) * 2010-05-04 2011-11-10 Shazam Entertainment Ltd. Systems and Methods of Rendering a Textual Animation
US20120297400A1 (en) * 2011-02-03 2012-11-22 Sony Corporation Method and system for invoking an application in response to a trigger event
US20120295560A1 (en) * 2011-05-18 2012-11-22 Sparcq, Inc. Sonic signaling communication for user devices
US20120316969A1 (en) * 2011-06-13 2012-12-13 Metcalf Iii Otis Rudy System and method for advertisement ranking and display
US20130029762A1 (en) * 2011-07-28 2013-01-31 United Video Properties, Inc. Systems and methods for selectively modifying the display of advertisements based on an interactive gaming environment
US20130031579A1 (en) * 2011-07-28 2013-01-31 United Video Properties, Inc. Systems and methods for selectively modifying the display of advertisements and providing supplementary media content
US20130044051A1 (en) * 2011-08-19 2013-02-21 Youngho JEONG Image display device and method for operating the same
US20130073377A1 (en) * 2011-09-15 2013-03-21 Stephan HEATH Mobile device system and method providing 3d geo-target location-based mobile commerce searching/purchases, discounts/coupons products, goods, and services, and social networking
US20130073366A1 (en) * 2011-09-15 2013-03-21 Stephan HEATH System and method for tracking, utilizing predicting, and implementing online consumer browsing behavior, buying patterns, social networking communications, advertisements and communications, for online coupons, products, goods & services, auctions, and service providers using geospatial mapping technology, and social networking
US20130085828A1 (en) * 2011-10-04 2013-04-04 Andrew Michael Schuster System and methods for content distribution with integrated game mechanics
US20130111519A1 (en) * 2011-10-27 2013-05-02 James C. Rice Exchange Value Engine
US20130124073A1 (en) * 2011-11-11 2013-05-16 Verizon Patent And Licensing Inc. Live traffic congestion detection
US8510770B1 (en) * 2012-02-03 2013-08-13 Google Inc. Predicting live programs
US20150222950A1 (en) * 2012-08-21 2015-08-06 Omnifone Ltd. Method of identifying media content
US20140115761A1 (en) * 2012-10-26 2014-05-01 Smith Optics, Inc. Goggle with adjustable nose area
US20140196070A1 (en) * 2013-01-07 2014-07-10 Smrtv, Inc. System and method for automated broadcast media identification
US20150082349A1 (en) * 2013-09-13 2015-03-19 Arris Enterprises, Inc. Content Based Video Content Segmentation
US20150143416A1 (en) * 2013-11-21 2015-05-21 Thomson Licensing Method and apparatus for matching of corresponding frames in multimedia streams
US20150216710A1 (en) * 2014-01-31 2015-08-06 Nozewair, Llc Devices to dilate nasal airways for various applications involving: activities using goggles with a helmet or goggles alone; swimming with goggles, without or with a swim cap; sleep; sleep with a cpap mask; and for physical activities
US20150229979A1 (en) * 2014-02-11 2015-08-13 The Nielsen Company (Us), Llc Methods and apparatus to calculate video-on-demand and dynamically inserted advertisement viewing probability
US20180184160A1 (en) * 2016-12-25 2018-06-28 Cisco Technology, Inc. Reinforced interleaved watermarking
US20190007729A1 (en) * 2017-06-30 2019-01-03 The Nielsen Company (Us), Llc Methods and apparatus to detect audio engineering problems using identification of isolated watermarks
US20190130136A1 (en) * 2017-10-26 2019-05-02 Christie Digital Systems Usa, Inc. Devices, systems and methods for distribution of digital content

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20210400357A1 (en) * 2020-06-23 2021-12-23 Yuan High-Tech Development Co., Ltd. Method of High-Definition Video Transmission
US20230142037A1 (en) * 2021-11-08 2023-05-11 Gdc Technology (Shenzhen) Limited Integrated dci compliant movie player and dlp projection equipment
US11818514B2 (en) * 2021-11-08 2023-11-14 Gdc Technology (Shenzhen) Limited Integrated DCI compliant movie player and DLP projection equipment

Also Published As

Publication number Publication date
CN114760499A (en) 2022-07-15
US11405684B1 (en) 2022-08-02
EP4027646A1 (en) 2022-07-13
JP2022107526A (en) 2022-07-21

Similar Documents

Publication Publication Date Title
US8818896B2 (en) Selective encryption with coverage encryption
US7203319B2 (en) Apparatus and method for installing a decryption key
CN109711117B (en) Apparatus and method for distributing digital content
US8290157B2 (en) Identification of a compromised content player
US8595492B2 (en) On-demand protection and authorization of playback of media assets
US20050193205A1 (en) Method and system for session based watermarking of encrypted content
US20100100742A1 (en) Transport Stream Watermarking
EP4027646A1 (en) Distributed media player for digital cinema
JP2005518683A (en) Apparatus and method for watermarking digital video
EP1619896A2 (en) System and method for protecting information
US20080098487A1 (en) Av communication control circuit for realizing copyright protection with respect to radio lan
US20130064288A1 (en) Secured content distribution
JP2004535127A (en) Apparatus and method for adjusting digital image data for displaying a rendered image
Bloom Digital cinema content security and the DCI
US20200275142A1 (en) A method for delivering digital content to at least one client device
JP2006345234A (en) Encryption device and encryption method, decoder and decoding method, and program
SAMČOVIĆ Security Issues in Digital Cinema
WO2003024020A1 (en) Method and computer system to perform on the fly fingerprinting for media content
Schumann Security and Packaging: Security
Kim et al. Protection system for MPEG-2 streaming media
Park et al. Protecting ASF movie on VOD
Park et al. DRM for streamed MPEG-4 media
AU2002316523A1 (en) Apparatus and method for installing a decryption key

Legal Events

Date Code Title Description
AS Assignment

Owner name: CHRISTIE DIGITAL SYSTEMS USA, INC., CALIFORNIA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:CLAYPOOL, BRIAN;KEVIN, KEVIN;HUDSON, JOHN;SIGNING DATES FROM 20210104 TO 20210107;REEL/FRAME:054859/0926

FEPP Fee payment procedure

Free format text: ENTITY STATUS SET TO UNDISCOUNTED (ORIGINAL EVENT CODE: BIG.); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

AS Assignment

Owner name: CHRISTIE DIGITAL SYSTEMS USA, INC., CALIFORNIA

Free format text: CORRECTIVE ASSIGNMENT TO CORRECT THE ASSIGNOR'S NAME PREVIOUSLY RECORDED FOR PATENT APPLICATION NO. 17/144539 PREVIOUSLY RECORDED AT REEL: 054859 FRAME: 0926. ASSIGNOR(S) HEREBY CONFIRMS THE ASSIGNMENT;ASSIGNORS:CLAYPOOL, BRIAN;DRAPER, KEVIN;HUDSON, JOHN;SIGNING DATES FROM 20210104 TO 20210107;REEL/FRAME:055504/0594

STCF Information on status: patent grant

Free format text: PATENTED CASE