The PolyCipherSM DCAS Architecture For the Cable Industry
 INTRODUCTION
The PolyCipherSM Downloadable Conditional Access System (DCAS) is an emerging architecture designed to bring increased power and flexibility to the cable industry's effort to combat the piracy of its video, audio and other content.
Specifically, the PolyCipher DCAS architecture is focused on delivering security-related software clients to compliant cable-ready hosts, including:
- Set-top boxes and devices
- Cable-ready televisions
- Home entertainment systems
- Cable-ready mobile/portable devices
- Other emerging products
Content security for these devices has traditionally been handled via hardware, through some combination of set-top devices or the installation of CableCARDs. Unfortunately, this hardware module-driven approach requires significant manual effort to upgrade or change security systems at the cable customer level. Furthermore, hardware modules must be shipped, inventoried and repaired, all of which drives up operating expenses and limits the flexibility of the cable operator.
The PolyCipher DCAS architecture eliminates all this hardware module shuffling because it allows security systems to be automatically downloaded to compliant devices, using the existing cable infrastructure. Furthermore, the PolyCipher DCAS specification provides control over a broad range of security-related functions, including CAS, ASD and DRM.
CONDITIONAL ACCESS (CAS)
Conditional Access Systems (CAS) evolved to prevent the piracy of video, audio and other cable content. Modern systems allow flexible access to content by subscribers - for example, subscribing to a group of channels, an individual channel or an individual program. CAS is a proven technology and is used worldwide.
Our DCAS architecture supports much of the CAS infrastructure in use today, while extending its lifecycle by adding new flexibility.
AUTHORIZED SERVICE DOMAIN (ASD)
An Authorized Service Domain (ASD) extends a network's security services to compliant downstream devices. DCAS enables the simultaneous download and execution of CAS and ASD clients in cable-ready hosts, allowing these to operate both as part of the network security and as bridges to other devices, all of which share the operator's security system.
DIGITAL RIGHTS MANAGEMENT (DRM)
With DCAS, a network operator can download a translation client into a cable-ready host, to translate content for other security domains, and can provide access to Digital Rights Management (DRM) functions residing on computers attached to a local network.
HARDWARE ARCHITECTURE
The PolyCipher DCAS hardware architecture includes a Secure Micro (SM) and a Transport Processor (TP). The SM is a hardened and limited-capability microprocessor that primarily enables the decryption of multiple video streams, under direction of the installed CAS client. It does this by providing the necessary key management services for the TP.
The download of clients (CAS, ASD or DRM) to the SM is securely managed in the network operator's headend via the interaction of the SM software and a DCAS authentication proxy. The TP is primarily used for encrypting and decrypting the video and media protected by the SM clients.
SOFTWARE ARCHITECTURE
The PolyCipher DCAS specification defines many key elements:
- Messages between the SM and the DCAS servers in the headend environment
- Requirements for SM and DCAS Hosts to support DCAS
- Requirements of the headend server
- A new key management infrastructure
The new key management infrastructure supports the DCAS architecture by providing custom protocols, performance and security requirements, and by defining the necessary levels of interoperability, accountability and security.
MORE INFORMATION
Additional technical information is available from Cable Television Laboratories (CableLabs®) at http://www.opencable.com/dcas.
| 
