Latens Encryption System

Latens Systems
Latens Systems provides dynamic software based content and revenue protection, often referred to as Conditional Access, for services delivered over two-way IP or cable networks. These services include Pay Per View television and Video On Demand. Latens content and revenue protection systems are trusted by the world's largest content owners to secure the delivery of their most valuable content. The Latens devices are integrated with third-party equipment, enabling broadcasters, network operators and content providers to profitably manage and operate existing and future digital TV technologies such as IPTV. A Latens CA System can typically consists of a VoD Encryption Engine (VEE), a Stream Encryption Engine (SEE), Manager (LM) and multiple Controller (LC) servers, with a front-end interface to the Latens System Manager. We will now look at these in more detail.

Component Overview
Latens Manager
The Latens Manager is the point where the Latens CAS interfaces to the Operator's business and operations systems. It consists of Latens software running on high integrity, high availability hardware of the Operator's choice. The software in the LM implements communications between the LM and LCs to operations and business support systems. It comprises a number of subsystems, including Security Policy Engine, Business Rules Engine, interfaces for VoD systems and a Central Data Store where all service data for the network is stored for operational use within the Latens CAS. The Latens Controller is a software-based system that operates on lowcost hardware running the high reliability, high availability Linux operating system. The LC implements the security system between Steam Encryption Engines or Streamers at the head-end and end-user Set Top Boxes. The software in the LC comprises a number of subsystems, including Set Top Box authentication, session and key management, interfacing to VOD servers, and system monitoring. The Controller can be co-located on the same server as the Latens manger or multiple Controllers can be used to form N+1 protection. They can also be grouped to form regional head-ends

Latens Controller

Component Overview
Latens SEE
The Latens Stream Encryption Engine (SEE) provides a real-time configurable IP-in (UDP multicast) to IP-out (UDP multicast) Scrambling capability. Latens SEE supports AES Scrambling and has a limit of 250Mb/s on the amount of content that can be processed. Configuration and monitoring is via the Latens System Manager.

Latens VEE

The Latens VOD Encryption Engine (VEE) is used to pre-encrypt content for transfer to a VOD server for onward delivery to a customer. During the encryption process, keys are generated that are stored in the Latens manager for later transfer to an authorized set top box via the Latens Controller. Latens VEE supports AES scrambling and ingestion of MPEG-2 Transport stream content. Configuration and monitoring is via the Latens System Manager.

Component Overview

Glue and SSMs

Latens inserts two Latens Kernel components into the software system of a third-party Set Top Box (dependent on the Operator's choice). The STB Glue is used for basic pairing of the Set Top Box at provisioning time and for downloading the Secure Software Modules (SSM) when required. The Latens software needs to interface to the STB operating system, middle ware EPG and VOD components. Latens can then deliver additional or replacement SSMs to download in the event that a system hack takes place or to refresh security information.

System Manager

The Latens System Manager (LSM) is a web-based application interface, which Operator's can use to configure, validate and edit the Customer and Content Data in their Latens CAS. System alarms are displayed on the LSM.

Typical Deployment

Latens manager

Latens Controller

Encrypted Content
SSM Download Authentication Entitlement Messages

Content and Customer Provisioning

Session Messages

SMS/Provisioning system SEE Clear Content Encrypted Content Home

Clear Content Encrypted Content 3rd Party Integration Latens Data

Broadcast Content

Set Top Box Session Management Latens Manager Latens Controller Set Top Box

Multicast 1 Join

SSM Locator Beacon m/c 1

S e c u r i t y

Request to manager if STB is not known on Controller

S e c u r i t y

Multicast 2 Join SSM Download m/c 2 Session Beacon m/c 1 Controller Discovery Discovery Response Session Request Session response Entitlement Request Entitlement Response Entitlement Acknowledge Session Alive Messages

S e c u r i t y

Set Top Box Start Up

Set Top Box Session Management

STB boots and joins session multicast beacon 224.2.2.201:22222 STB joins SSM multicast beacon (224.2.2.202:22222 or 224.2.2.203:22222) for the duration of download of SSM multicast joined is dependant on 500 or 1500 series STB After successful download of SSM, the STB sends a UDP unicast discovery request to the Controller on port 1600 - the Controller is determined in step 1 by whichever multicast is joined first

Set Top Box Session Management

Controller responds with "discovery response" to STB on port 1200 STB sends a session request to Controller on port 1600 Controller responds with "session grant" to STB on port 1202 STB sends an EMMb request to Controller on port 1600 Controller responds by sending EMMb to STB on port 1201 STB acknowledges receipt of EMMb responding to Controller on port 1600

Set Top Box Session Management

Once the STB has been authenticated and a secure session is established, the following rules apply: Session Keepalive messages are sent every 10 Minutes from the set top box. The controller securely responds to these. After an absence of four keepalives from the set top box (i.e. after 40 minutes), the controller expires the set top boxes session. For example, after the STB has been switched off. After an absence of four keepalive responses from the controller (i.e. after 40 minutes), the set top box expires its session and reverts to controller discovery mode. The entitlements are held on the STB and persist even if the session is lost, therefore viewing of existing entitled content is uninterrupted. Note Set top boxes that fail authentication are rejected by the controller and an event raised in the security logs.

Thank You