DCI Specs - Digital Cinema Initiatives

More documents

Recommendations

Info

the event, and zero all Critical Security Parameters (see Section 9.5.2.6).Do not purge log records.9.4.3.6.3. Normative Requirements: Image Media Block (IMB)The following are normative requirements for the Image Media Block:1. Perform all SM functions as defined under Section 9.4.3.5 Functions of theSecurity Manager (SM).2. Monitor IMB SPB physical security protection integrity 24/7. In the event ofintrusion or other tamper detection, terminate all activity, log the event, andzero all Critical Security Parameters (see Section 9.5.2.6). If communicationwith the SMS is available, issue an alert message. Do not purge log records.3. The existence of the marriage configuration (i.e., when the IMB and projectorare integrated per Section 9.4.3.6.1. Normative Requirements: ProjectorSecure Processing Block) shall indicate to the Security Manager that linkencryption is not needed. When connected directly to the projector SPB (i.e.,no link encryption used), as part of the installation (mechanical connection tothe projector and electrical initiation), perform electrical and logical marriagewith the projector Secure Processing Block (SPB). Electrical connectionintegrity shall be monitored 24/7, and should the integrity of the connection bebroken, log the event and require a re-installation process before becomingactive again. Breaking of the IMB/projector Secure Processing Block (SPB)marriage shall not zero the IMB Secure Processing Block (SPB) long-termidentity keys (RSA private keys).4. Perform Media Decryption for image, audio and subtitle essence.5. Perform Forensic Marking for image and audio essence.6. After image decryption and Forensic Marking (and other non-security plaintext functions as appropriate by design), pass the image signal to theprojector SPB or Link Decryptor Block, as appropriate..7. Record security event data for logging under both powered and un-poweredconditions. Sign and assemble logged information into standardized logrecords per Section 9.4.6.3 Logging Subsystem. If the IMB provides loggingsupport for the projector SPB via a marriage connection per Section 9.4.3.6.1Item 3, then the IMB shall provide such logging support 24/7 under bothpowered and un-powered conditions.9.4.3.6.4. Normative Requirements: Audio Media BlockPer Section 9.4.2.3 Media Blocks (MBs), audio decryption shall be performed withinthe Image Media Block (IMB).9.4.3.6.5. SPB Systems Implementation and Standards OptionsThe following are considerations for implementation details, and standardization.• For the projector system, authentication of the projector SPB to the SM neednot require TLS sessions between the SM and both the Projector and LinkDecryptor Block SPBs. It may be simpler to have the LDB proxy for a directSM TLS connection with the projector SPB. This option enables the projectorSPB to avoid having its own, separate TLS session with the SM, but shall notsubstitute for the requirement for both the LDB and projector certificates to beDCI Digital Cinema System Specification v.1.2 Page 116
securely delivered to the SM, and for these two certificates to be on the TDLthat is examined by the SM. An option that can avoid this dual certificaterequirement is given in the next bullet. In this case, authentication and signalintegrity processes shall provide equal protection as in a dual TLS sessioncase. It is encouraged that a single approach be standardized.• The projector/LDB SPB marriage could create a new secret cryptographicidentity, which is changed at each installation event. Such an identity wouldbe used for authorization of the combined, married device and used in theTDL as a singular identification, rather than identifying both LDB andprojector in the TDL independently. In this case, authentication and signalintegrity processes shall provide equal protection as in a dual TLS sessioncase. It is encouraged that a single approach be standardized.• Communication of the "projector SPB open" event signal should preferablyinvolve a cryptographic secret so that hardware spoofing at the IMB or LDBinterface (e.g., extender board attack) is thwarted.9.4.3.6.6. Permanently Married ImplementationsThis section assumes that the LDB and IMB are implemented as field replaceableSPB modules. It is not mandatory, however, that they be implemented in this fashion.It is allowed, for example, for the LDB to be permanently married to a projector, andnot field replaceable. In such a case where the projector and its companion SPB(LDB or IMB) are not field separable, there is no marriage event, and thus no reasonto monitor whether the marriage connection is broken. This relieves the companionSPB from marriage monitoring duties, but does not change the requirement for IMBor LDB equivalent SPB functions, and the projector SPB, to meet the respective SPBtype 1 and type 2 physical and logical protection requirements of Section 9.5Implementation Requirements, and the normative requirements as specified above,except as the latter requirements relate to marriage event and connectionmonitoring.In the case where the Projector and companion SPB are inseparable, a single DigitalCinema Certificate shall represent both the Projector and its companion SPB (ImageMedia Block or Link Decryptor Block). (See also Section 9.5.1 Digital Certificates.)Implementations that do not meet the marriage functions, per the normativerequirements of this section, shall not permit field replacement of the IMB or LDBsecurity function as appropriate according to which function is the companion SPB tothe projector, and shall require the projector SPB and companion SPB system to bereplaced in the event of an SPB failure.A deviation from these requirements shall be considered non-compliant and a“Security Function Failure” (see Section 9.5.5 Compliance Testing and Certification).9.4.3.7. Theater System Clocks and Trustable Date-TimeNote: Nothing in this section shall require that the user interfaces of the SMS or TMSuse UTC. It is envisioned that these will use local time.To ensure playback times and event log time stamps are time-accurate, means mustexist to distribute and maintain proper security system time. Time shall mean UTC(Coordinated Universal Time). See ASN.1 standard syntax for transferring time and datedata “GeneralizedTime” and “UTCTime”.• All security transactions conferring date-time information (e.g., KDM timeDCI Digital Cinema System Specification v.1.2 Page 117
Page 1 and 2:
Digital Cinema Initiatives, LLCDigi
Page 3 and 4:
Table of Contents1. OVERVIEW 151.1.
Page 5 and 6:
5.2.2. Packaging Fundamental Requir
Page 8 and 9:
7.5.5.1. Introduction..............
Page 10 and 11:
9.4.2.5. Screen Management System (
Page 12 and 13:
Table of FiguresFigure 1: System Ov
Page 14 and 15:
THIS PAGE LEFT BLANK INTENTIONALLYD
Page 16 and 17:
equirements for encrypting the esse
Page 18 and 19:
• This document specifies a basel
Page 20 and 21:
DCI Digital Cinema System Specifica
Page 22 and 23:
2.1.1. Major System Concepts2.1.1.1
Page 24 and 25:
2.1.1.8. ReelsFeature films have be
Page 26 and 27:
Metadata within the DCDM provides a
Page 28 and 29:
3.2.1.6. Transfer FunctionThe CIE X
Page 30 and 31:
The information, as shown in Table
Page 32 and 33:
AES Pair#/Ch# Channel # Label / Nam
Page 34 and 35:
3.3.4. File Format3.3.4.1. GeneralT
Page 36 and 37:
3.4.3. Timed Text Concepts and Requ
Page 38 and 39:
Page 40 and 41:
• All decoders shall decode each
Page 42 and 43:
Page 44 and 45:
5.2.2.3. InteroperableThe Packaging
Page 46 and 47:
Figure 6: Example Show PlaylistThe
Page 48 and 49:
Length (Value Length), followed by
Page 50 and 51:
which it was stopped or paused. It
Page 52 and 53:
5.3.4.2. Frame BoundariesThe Audio
Page 54 and 55:
• Rating• Aspect Ratio• Image
Page 56 and 57:
• Annotation Text parameter (opti
Page 58 and 59:
Page 60 and 61:
7.2.3.1. ReliabilityA key part of t
Page 62 and 63:
• Country• Rating• Aspect Rat
Page 64 and 65:
facility, while the system is in op
Page 66 and 67: Exhibitor and the Distributor, data
Page 68 and 69: 7.5.2.2. Ingest InterfacesExcept fo
Page 70 and 71: (channels) * hours * 60 min/hour *
Page 72 and 73: 7.5.4.2.4. UnpackagingAny packaged
Page 74 and 75: 7.5.6. Audio System7.5.6.1. Introdu
Page 76 and 77: made up of Theater System devices a
Page 78 and 79: DCI Digital Cinema System Specifica
Page 80 and 81: 8.2.2.3. Alternative ContentThe pro
Page 82 and 83: With the projector turned off or wi
Page 84 and 85: Image ParametersNominal(Projected I
Page 86 and 87: Input Code Values Output Chromatici
Page 88 and 89: 8.4. Projector Interfaces8.4.1. Int
Page 90 and 91: • Lens Shift Up / Down• Lamp Mo
Page 92 and 93: • Essence Encryption and Cryptogr
Page 94 and 95: content keys and Trusted Device Lis
Page 96 and 97: Figure 14: Digital Cinema Security
Page 98 and 99: Figure 15 presents the two fundamen
Page 100 and 101: DCI Digital Cinema System Specifica
Page 102 and 103: 9.4.2.3. Media Blocks (MBs)The term
Page 104 and 105: which TLS-based authentication alon
Page 106 and 107: working with the security infrastru
Page 108 and 109: Figure 18: Show Playback Overview9.
Page 110 and 111: a. Playout shall be fully supported
Page 112 and 113: 9.4.5. Intra-Theater Communications
Page 114 and 115: 4. Projector SPB designs shall not
Page 118 and 119: window) shall be UTC.Security Manag
Page 120 and 121: . The SM shall independently authen
Page 122 and 123: 6. No broadcast RRP commands shall
Page 124 and 125: Functions of the Security Manager (
Page 126 and 127: Note: DCI reserves the right, at so
Page 128 and 129: • Is required to survive camcorde
Page 130 and 131: • Log Data - Security event infor
Page 132 and 133: using the GetEventList and GetEvent
Page 134 and 135: failure) per Section 9.6.1.3 Digita
Page 136 and 137: • Secure Silicon -Sensitive data
Page 138 and 139: secure silicon chip, input/output s
Page 140 and 141: FIPS 140-2 level 3 devices provide
Page 142 and 143: to the appropriate Section 9.4.5.2.
Page 144 and 145: those under the control of the Secu
Page 146 and 147: Security Managers (SMs) other than
Page 148 and 149: The above RSA asymmetric protection
Page 150 and 151: THIS PAGE LEFT BLANK INTENTIONALLYD
Page 152 and 153: CPRL Acronym for Component Position
Page 154 and 155: LTCMain TitlesMBMDMEMetadataMTBFMXF
Page 156: TDLTimed TextTLMTLSTMSTrack FileUDP
show all

DCI Specs - Digital Cinema Initiatives

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?