The MHP SFG provides a complete solution that allows broadcasters and application developers to manage the DVB-MHP Security Infrastructure in a manner conforming to ETSI TS 102 812.
MHP SFG is built from the industry standard OpenSSL code base and extends this high quality source to include all of the extensions need by DVB-MHP. In addition, the MHP SFG includes support for a range of different cryptographic hardware devices for secure key storage.
MHP SFG provides an application signing tool that implements the full range of hash file digest types defined in DVB-MHP. The signing operation is controlled by a simple XML file that describes the set of files to be authenticated from the root of the file hierarchy.
In addition, MHP SFG provides for the generation of Persistent File Credentials and the integration of these credentials into a Permission File.
MHP SFG supports a number of different signing policies for the application developer and broadcaster. These policies include the application of multiple signatures to a file hierarchy and the segregation of hash file generation from the signing process. The latter policy could allow the application developer to generate the hash files and the broadcaster to sign (or re-sign) an application after quality procedures.
DVB Services Sarl has recently established a Public Key Infrastructure (PKI) for DVB-MHP and is using MHP SFG to generate certificates, certificate revocation lists (CRLs) and root certificate management messages (RCMMs) for that PKI.
MHP SFG supports the full range of operations for the creation and management of DVB MHP certificates in accordance with the ETSI specification. While broadcasters will be expected to operate under the DVB-MHP PKI, MHP SFG can be used to provide a test certificate hierarchy that is known to be fully compatible with the DVB-MHP PKI.
MHP SFG also provides certificate management capabilities to certificate subscribers that allow them to install CRLs and RCMMs as these are delivered from the PKI Operator. Through certificate management, subscribers can verify that certificates remain valid at the time of application broadcast and that application authentication will not be denied through CRLs captured in the STB from another broadcast stream.
The DVB-MHP PKI Certification Practice Statement requires that certificate subscribers store their private keys on a cryptograph hardware device that is protected by suitable passphrase and/or other authentication (for example, biometric). MHP SFG supports a range of such devices at varying costs across a range of computing platforms. For broadcasters and application developers, the most commonly used devices are USB tokens or smart cards that have been assessed for FIPS 140-2 compliance. MHP SFG addresses these devices through the standard PKCS#11 application program interface, allowing a range of different hardware tokens to be supported.
The DVB-MHP PKI Operator can generate key pairs on a range of tokens and securely deliver the token and the corresponding pass phrase to the subscriber. Alternatively, where a token that requires a biometric or where a higher level security device such as the nCipher nShield is installed using a PCI card form factor, the MHP SFG can generate a key and issue a PKCS#10 formatted certificate request to the PKI Operator.
The specifics of the secure system need to match the operational requirements of the broadcaster and its content providers. Decisions on appropriate security management need to consider a number of factors including affordability (cryptographic hardware costs range from Euro 150 for a USB token through to Euro 7,500 for a PCI card solution), physical security controls, logical access controls, frequency of use, etc. The breadth of support offered by MHP SFG enables a solution to be designed that best matches the operational needs of the broadcaster while meeting the best practice requirements of the DVB-MHP PKI.
MHP SFG is a file based solution that can be easily integrated to a DVB-MHP Playout System. A more tightly coupled integration is already available with TSBroadcaster system available from Strategy and Technology Limited.
MHP SFG allows developers to indicate different types of files that need to be included in an object carousel (including Stream based objects). The product also allows developers to include files in the file tree that are not part of the broadcast carousel and exclude these non-broadcast files from the hash file generation. This range of options is defined using a simple XML definition file that indicates to MHP SFG the files that are to be included in the object carousel and which of these need to be authenticated.