In recent years, broadcasting and information society services
(IS services) have been making ever-increasing use of conditional
access devices. This trend is expected to gather pace as the market
for these services develops. The conditional access device (CA)
provides the user with a technical facility which allows him to
determine who has access to electronically-distributed services and
under which conditions. In order to improve the legal situation of
providers of broadcasting and IS services, the European
Commission has recently drafted and adopted a Directive on the
legal protection of services based on, or consisting of, conditional
access (CAD)This Directive introduces a common standard of
legal protection for conditional access devices. However, it focuses
exclusively on conditional access devices that serve the
remuneration interest of service providers and makes no provision
for CA devices that serve other interests.
The traditional role of conditional access is to ensure that viewers
see only those programs that they have paid to view. In the digital
environment, conditional access has evolved far beyond this role.
Todayâ„¢s conditional access systems still support traditional pay TV
revenue generation. In addition they enable TV operators to create
and protect a unique gateway to the enhanced TV experience â€ a
world of interactive services, including home shopping, games,
sports, interactive advertising, and pay-perview programming.
Using todayâ„¢s conditional access systems, you can target
programming, advertisements, and promotions to subscribers by
geographic area, by market segment, or according to subscribersâ„¢
personal preferences.You can take advantage of conditional access
features to implement flexible program packaging options and
support new ways of generating revenue.
What is CAS?
Conditional Access System (CAS) is defined as any technical
measure and/or arrangement whereby access to the protected
service in an intelligible form is made conditional upon prior
The definition of conditional access indicates the two key features
of CA â€œ the possibility:
- to exercise control over the access to a service or content which is
- to control the conditions under which access is granted.
The main conditional access techniques which are currently
- password devices
- encryption devices.
Evaluating and filtering devices are also increasingly used in the
Internet domain, mainly to prevent undesirable material from being
delivered to minors, but also for other applications, such as the
secure delivery of professional documents. Ã‚Â« Push technologiesÃ‚Â» in
the Internet domain could possibly also be assimilated into access
control since, on the basis of this technology, content or material is
sent only to selected receivers. In the longer term, devices based on
biometrics will also be increasingly used to implement conditional
access, particularly within the framework of banking services or
any other activity which involves authentication of users,
certification of parties and integrity of data.
FUNDAMENTALS OF CAS
A conditional access system comprises a combination of
scrambling and encryption to prevent unauthorized reception.
Encryption is the process of protecting the secret keys that are
transmitted with a scrambled signal to enable the descrambler to
work. The scrambler key, called the control word must, of course,
be sent to the receiver in encrypted form as an entitlement control
message (ECM). The CA subsystem in the receiver will decrypt
the control word only when authorised to do so; that authority is
sent to the receiver in the form of an entitlement management
message (EMM). This layered approach is fundamental to all
proprietry CA systems in use today.
The system block schematic is shown below:
The control word is changed at intervals of 10 seconds, typically.
The ECM, sometimes called the multi-session key, is changed at
perhaps monthly intervals to avoid hackers gaining ground.
INTEROPERABILITY FOR CONDITIONAL
Currently, downloading interoperable applications into Set Top
Boxes (STBs) is receiving a lot of attention. Interoperability is
achieved by choosing a widely accepted language like Java
byte code, which can run on increasingly powerful
microprocessors now used in STBs. The mechanism that
implements application interoperability can be exploited to
achieve CA-STB interoperability. This will now be
discussed using two different approaches.
The first approach focuses on the communication between
an STB application and the CA security module (smart
card or PC card), inserted into the STB. The STB software
that implements this communication is made down loadable. The
standardized MultiCrypt approaches cover basic CA
interoperability (i.e. controlling access to scrambled services).
However, many STB applications need to consult the security
module (for example to determine the entitlements that the user has
bought), and this type of functionality is hardly covered by the
existing MultiCrypt modules. Interoperability between STB
applications and (standard) security modules can be
achieved by defining an API (Application Programming
Interface) that provides low-level access to the security
module. The interoperable CA sub-system (CASS)
software that implements access to the security module via
the API can then be downloaded and could be part of the
application. This approach to application-CA interoperability
is shown in Figure 2.
The second approach concerns the entire CASS of an STB.
The CASS uses the basic STB functions shown in Fig.1
(filtering ECMs and EMMs, accessing the CA security
module, writing control words to the descrambler, etc.).
The software that implements the CASS is interoperable
and made downloadable. This approach extends the idea of
MultiCrypt to all CA software in the STB, so that highly
standardized security modules are no longer needed. The
basic STB functions needed by the CA system are made
accessible to the downloaded CA software through APIs.
This approach to STB-CA interoperability is shown in
CA-STB interoperability through downloading interoperable
software provides considerable advantages when
used in addition to (or instead of) the existing methods for
The existing SimulCrypt approach requires that service
providers agree to use each otherâ„¢s STBs. Software
downloading on the other hand is a form of MultiCrypt,
and allows service providers to operate independently of
Simulcrypt allows two CA systems to work side by side,
transmitting separate entitlement messages to two separate types of
STU, with different CA systems. It also gives the multiplex
provider the opportunity to increase his viewer base by cooperating
with other multiplex operators. Technical simulcrypt is the same
thing but within a single multiplex, thus giving the multiplex
operator some leverage with the CA suppliers.
The simulcrypt system is shown diagramatically below. Note that
it requires cooperation between CA suppliers - something which
does not come naturally!
If a viewer wishes to receive services from different providers who
do not simulcrypt each other's ECMs, the only option is to acquire
separate decryption for each CA system. The Common Interface
enables a multicrypt environment, allowing an additional CA
system to be added as a module.
The existing MultiCrypt approaches require all parties to
agree on the details of the CA system that show up in the
interface between the STB and the CA security module.
This is not required if interoperable and downloaded
software accesses the security module via a low level API,
so that interoperability can be achieved with a high level of
functionality and flexibility.
Existing proprietary CA systems can be made interoperable
by using software downloading. The only requirements are
that the security module be of a standard type (as far as the
low-level communication with the STB is concerned) and
that a common scrambling algorithm be used if the
descrambler is in the STB (like the existing Common
Scrambling algorithm of DVB).
Current existing CA technologies consist basically of software or
data, codes, keys etc. designed to make the access to content or a
service conditional upon prior authorisation. Producers of CA
devices stated that nowadays the main focus of CA is on software
rather than hardware. Although the hardware of e.g. a smart card
itself provides some functionality, the 'device' may be realised in
software rather than in hardware. In particular in the field of IS
services, CAs are designed to run on a PC and therefore, in this
particular market segment, the design of CA is even exclusively
concentrated on software development.
Software can be adapted and could be designed to do different
things at different times. In technological terms, a single CA
system that would serve all kinds of reasons simultaneously or at
different times is not inconceivable. This may indicate that CA
devices are characterised by a functionality which is principally
independent of any particular purpose the device may ultimately
CONDITIONAL ACCESS DEVICES
For the broadcasting sector, a number of conditional access
systems currently co-exist in the European market (Viacess
(France Telekom), Mediaguard (Seca), Betacrypt (Betaresearch)
Among these, a selection of systems such as Mediaguard and
Viaccess dominate the market and are used by different service
providers throughout Europe. Some of these providers also
develop CA devices for the sector of IS services (e.g.