Chapter 7 Maintaining Video Quality and Security

Search in book...
Toggle Font Controls
Create new playlist

Name your new playlist

Playlist description (optional)
Sign In

Email address

Password

Forgot Password?

or

Continue with Facebook

Continue with Google
Sign Up

Full Name

Email address

Confirm Email Address

Password

or

Continue with Facebook

Continue with Google

7 Maintaining Video Quality and Security

Television is like the invention of indoor plumbing. It didn't change people's habits. It just kept them inside the house.

—Alfred Hitchcock

Quality and security are important for any video delivery system. Quality is a prerequisite to keeping viewers happy (and therefore paying their monthly subscription bills) and to providing advertisers and content owners with image quality complimentary to their desired public images. Security is needed to keep viewers from watching content they aren't authorized to view and to prevent them from making unauthorized copies of content that only they are authorized to view.

In this chapter, we will begin with a discussion of the main factors that affect quality and how they can be controlled. Then we'll take a look at the function of conditional access, which manages which viewers have the ability to watch which content. We'll conclude with a discussion of rights management and how it relates to the types of digital video signals that are often used with IP-based delivery systems.

The Corner Office View

Film piracy has been seen by some as a “soft” crime, yet it brings harm and other serious criminal activity to local communities. Criminals made over £270 million ($358.7 million) from film piracy in 2005, making this the worst affected single sector for intellectual property crime out of all [intellectual property] industries. This is revenue that has been lost to the local and national economy and is affecting British jobs.

—Kieron Sharp, Director General,
Federation Against Copyright Theft (U.K.)¹

Factors that Affect Video Quality

A wide range of factors can affect the quality of a delivered video signal and have important impacts on the viewer experience. Managing the video delivery system to minimize these factors will result in more satisfied viewers.

Audio/Video Synchronization

In real life, when people move their lips during talking, the sounds change accordingly. Similarly with physical objects—when a person's shoe hits a hard pavement, a sharp sound can be heard. Viewers find it objectionable when these sounds don't match the image being displayed in a video presentation. This is called a loss of “lip sync” or a loss of audio/video synchronization.

One potential source of lip sync problems is clock differences between the transmitting and the receiving ends of a video link. Careful management to ensure that both the encoder and the decoder in a link are referenced to a common clock signal—and that these clock signals are properly transmitted along with the compressed video stream—will help ensure that synchronization doesn't become an issue.

Assuring lip sync can be difficult on IP networks, which are inherently asynchronous. The solution lies in careful network provisioning (to ensure that adequate bandwidth is available for all the traffic) and in making sure that there are no processing bottlenecks (such as overloaded routers) that can delay or scramble the order of packets. Some IP receivers (including STBs and PCs) can be configured to use large incoming packet buffers to smooth out any delay variations or to realign packets that arrive in the wrong order. This has the side effect of delaying the signals flowing through the device, which should be avoided if possible.

Source Image Quality

As with many complex processing systems, the adage “garbage in, garbage out,” applies to IP video transport. For example, source signals that have a lot of noise (i.e., random changes in the video image that are not present in the source scene) can greatly affect the performance of MPEG encoders. When this happens, the encoders see the noise as changes in the image that need to be captured in the compressed data stream, thereby creating more work for both the encoder and decoder. This can divert processing power away from other portions of the image that could otherwise benefit.

Several things can be done to improve source image quality. First, service providers can work with content providers who have high quality source images and get the content directly from them, rather than through intermediate sources. Second, high quality, light compression or uncompressed video links can be used to bring the programming from the sources to the network. Third, noise reduction equipment can be used to clean up video signals making them easier to compress.

Macroblocking

When images are compressed using MPEG or other block-based compression technologies, the image is broken up into groups of pixels before the compression operation begins. For MPEG–2, the pixels are grouped into macroblocks that measure 16 pixels on a side. Borders between adjacent macroblocks on a video screen can be quite noticeable to the eye if there is an abrupt change in color or intensity between adjacent blocks. This can occur if the image has been compressed excessively; i.e., there is not enough data in the MPEG stream to accurately reproduce the source image in each block. When these borders appear, the perceived image quality for human viewers drops significantly, and steps are often taken to prevent this.

Macroblocking is more likely to be noticed in scenes with a lot of motion, with subtle gradations of color or in scenes where the overall light level in the scene is moving higher or lower (i.e., a fade to black) when essentially every pixel on the screen is simultaneously changing intensity. When macroblocking reaches an extreme state, each 8 × 8 block of the image may be represented as a single color, which can be very objectionable to viewers.

To prevent macroblocking, video providers need to make sure that the video stream bit rate is high enough to handle the motion and detail levels in the original pictures. In addition, many MPEG streams use error correction to prevent minor bit errors from causing macroblocking.

If longer-duration errors occur in the path between the encoder and the decoder, then some of the data needed to reconstruct the picture is lost or corrupted. When this happens, the decoder is not able to correctly recreate the source image, and the output for that block of data may be corrupted. To the viewer, this loss of data often appears as one or more macroblocks with very poor resolution. This problem can be corrected by eliminating the errors in the data path.

Resolution

The resolution of a video image refers to the number of pixels present. Images with higher pixel counts have higher resolution (unless the image has been degraded in some other manner). In IPTV systems, image resolution is normally matched to the display resolution, so an SD signal for an NTSC system would have 720 pixels on 480 lines. In Internet Video, many different video resolutions are used, ranging from QCIF at 176 × 144 to full HD at 1920 × 1080 pixels and everywhere in between.

Delivered resolution needs to be managed carefully. Viewers typically prefer higher resolution signals to lower ones, but high resolution can carry a high price in terms of system design. If the number of pixels in each dimension (vertical and horizontal) doubles, the total number of pixels in the image goes up by a factor of four. This not only adds to the amount of bandwidth required for a signal, it also adds to the amount of processing power needed to encode and decode the signal. Higher resolutions generally increase the burden on the entire system, from start to finish.

Many Internet Video systems deliver signals at less than full SD resolution, both to save bandwidth and to make images easier for PCs to display. Virtually all IPTV systems offer SD resolution video (comparable to broadcast, CATV and satellite systems) and many offer HD video.

IP Artifacts

Artifacts are image impairments that are visible to a viewer. They can be caused by noise, encoding errors, transmission errors, decoding errors, poor cabling, display errors and other sources too numerous to name. Let's focus on some of the common causes of artifacts in an IP video delivery system and how they can be avoided.

Packet Loss

Packet loss is one of the most common errors that can happen on an IP video delivery system. It can be caused by many sources, including bit errors that corrupt IP packet headers (forcing them to be discarded), overloaded links that force routers to discard packets, inadequate or malfunctioning networking equipment, and other sources. Packet loss is a routine occurrence on the Internet, and Internet Video delivery systems must be designed to handle it. In IPTV systems, packet loss can be minimized through the use of careful system design practices (including over-provisioning) and by careful control of the amount of traffic that is allowed to enter the system. However, occasional packet losses that cannot be completely avoided must be handled in a graceful manner by the equipment.

Packet Jitter

Packet jitter is created when the packets that make up a data stream do not arrive in a smooth, continuous flow. For example, if an application was trying to send 100 packets per second in a smooth stream, it would try to send one packet precisely every 10 milliseconds. If these packets were sent across a jitter-free network, they would arrive with the same timing: one packet every 10 milliseconds. When this pattern is disturbed—packets start arriving too soon or too late—jitter occurs. This causes the gaps between the packets to be either too short or too long—say 9 milliseconds or 11 milliseconds.

For normal data, such as e-mail or a Web page, jitter is not an issue, because this information is not time-based. It really makes no difference if the Web page is displayed a few milliseconds early or late, because such differences are imperceptible to people. However, for data streams containing audio or video information, such variations can be very harmful.

To understand how jitter affects a video stream, recall what makes up a video stream. It is, in effect, a series of pictures taken 30 times per second (25 times per second in most countries outside the U.S. and Japan) that, when played back one after the other, gives the illusion of motion to the human eye and brain. This technique works fine when the series of pictures is displayed in a smooth, continues flow. But, when the picture display times vary excessively, the illusion of motion can be broken, and the video becomes uncomfortable to watch.

In actual applications, jitter will affect both uncompressed and compressed video data. This is due to the clock information carried with a compressed signal. These clocks are fundamental to the operation of MPEG and other types of decoders. When these clocks get disturbed, there can be many different impacts on the video signal. For example, excessive jitter can cause the receiver buffers to overflow or run out of data. In either case, the video image can be disturbed, by suddenly freezing when the data runs out or by losing picture information when the buffer overflows. In addition to these effects, jitter can also interfere with lip synch.

There are two main ways to fight jitter in an IP network—prevent it or use a buffer to fix the timing at the receiver. Many successful systems employ both techniques to keep jitter under control.

Preventing jitter is simply a matter of ensuring that any packets containing video data are not delayed at any point during their transit through the network. This means there needs to be an adequate available bandwidth on each link, minimizing the random chance that video packets will be blocked or delayed by other traffic. In addition, the data routers that form of the core of many networks need to be able to send certain types of packets (such as those containing video files) as a priority over other packets, eliminating the chance that they will be delayed.

Buffering incoming packet data is also commonly used to reduce jitter. The buffer is set up on a FIFO basis (first in, first out), with the size of the buffer limited by the amount of delay that can be tolerated. Incoming packets are put into the buffer as soon as they arrive, at a variable rate due to any accumulated jitter. Packets are removed from the buffer according to an evenly spaced clock signal, so the jitter is removed. This clock rate needs to be carefully tuned to make sure that the buffer doesn't overflow with too many packets or underflow with too few packets. The clock may also have to adapt to changes in the underlying packet rate.

One disadvantage of buffering is that it adds delay to the overall delivery system, which increases the amount of time it takes the system to recover from a failure or to switch to a different packet stream due to a channel change or other event. As a result, there is a lot of pressure to minimize the amount of buffer used while still providing enough to handle the amount of jitter expected at the input.

Bit Errors

Bit errors occur when the digital information delivered to the user device is different from the data originally sent. Bit errors are caused by a wide range of physical phenomena on any network, including over-the-air broadcast, fiber-optic and satellite systems. When errors occur, they can affect any of the data used to create the picture. Some errors are harmless, affecting only a single pixel, while others can be quite serious and affect multiple frames of video. Unfortunately, since bit errors tend to be randomly distributed, there is no good way to predict whether a given bit error is going to be harmful or not.

There are a number of schemes for correcting bit errors. One method involves re-transmitting errored packets; this is the method used by the TCP protocol. As we discussed in Chapter 5, this isn't usually the best solution for streaming video, due to the potential delays in re-transmission.

Another method to handle bit errors is called Forward Error Correction (FEC). With FEC, additional data is added to each packet of data that enables the receiver to correct a limited number of bit errors in each packet. One popular method for calculating FEC data is called Reed-Solomon, based on a seminal 1960 paper by I.S. Reed and G. Solomon. Some schemes even allow a limited number of missing packets to be recreated using FEC data from the surrounding packets that made it through. Even a modest amount of FEC can have a significant impact on system bit error rate. However, this protection comes at a price—the extra FEC data consumes bandwidth on top of that needed for video and audio data. As a result, not all service providers use FEC, depending on their overall system error rate performance targets and network quality expectations, among other factors.

Signal Availability

Availability is a measure of the amount of time that a signal is active and meeting minimum performance levels. Availability is calculated by measuring the duration of any interruptions in the signal and dividing by the total length of the program being delivered. For example, if a program lasts 100 minutes, and it was unwatchable for one-tenth of a minute (six seconds), then the availability of that signal would be 99.9 percent.

Generally, for IPTV networks, availability statistics need to be quite high to provide acceptable levels of consumer satisfaction. A system that offers 99.9 percent availability for a year can be expected to be unavailable to every viewer for an average of 8.7 hours. This probably won't be acceptable to most subscribers if all of unavailability occurs in one day. As a result, many systems are built to offer 99.99 percent availability to each viewer and 99.999 percent availability in the common core (routers, feeder networks, etc.) of the network.

Conditional Access

Conditional Access (CA) is a group of techniques used to ensure that only viewers meeting the correct conditions are given access to certain content. The basic technology for doing this involves encrypting or scrambling the content, so an unauthorized viewer who receives the signal is unable to view it. Authorized users are given numeric keys which permit the operation of special hardware or software within an STB or PC that is able to decrypt or descramble the signals. CA systems are available from a number of vendors; typically these are integrated systems that provide both the content scrambling/encryption devices and control the distribution of the keys required to view the content.

Encryption can take many forms, but most major systems have a few core traits in common. First, the encryption and decryption must be computationally easy to perform when the key is known. Second, decryption must be difficult when the key is not known. Third, the keys must be manageable so they can be distributed to the appropriate viewers.

Many different encryption systems have been designed that embody these core traits. Some of the more common ones are described below.

Smart Cards

One common form of key distribution for STBs is the smart card. These cards are called “smart” because they incorporate a processor and memory that can be used by a variety of applications. Billions of smart cards are sold around the world each year for a variety of uses, including identification cards, pre-paid telephone cards (outside the U.S.), debit/credit cards and a host of other applications. Typically, a smart card contains a processor capable of performing basic calculations and executing simple programs, as well as memory that can hold both variable and permanent data.

Smart cards must be connected to a reading device in order to operate. In some cases, this connection is made physically, using gold-plated contacts. Some cards can also connect wirelessly to special readers using short-distance radio signals, eliminating the need to physically insert the card into the device.

A key feature of many smart cards is their ability to securely store data. The cards can be programmed to store secret information, such as the private part of a public/private key pair. Any unauthorized attempts to read that data would result in the card becoming permanently damaged and the data destroyed. The smart card's internal processor can be used to decrypt data using this stored private key, and the results can be sent back out of the card without ever exposing the key to any external device.

For video applications, smart cards are one way to deliver video content descrambling/decryption keys to a user device. Each content stream (or television channel, if you prefer) has a unique descrambling key that is created when the content is prepared for broadcast. This key must be delivered to the viewer's device for it to be able to properly descramble the content. One way of doing this would be to simply send the key to the viewer's device; however, any other device that was connected to this communication path (think of a satellite link) would also receive this key and be able to decrypt the content. Instead, the descrambling keys are encrypted before they are sent to a viewing device.

When smart cards are used for delivering descrambling keys, each viewer device must be equipped with a smart card reader, either built in (as in many STBs) or connected through an external port (such as a USB port on a PC). When an authorized viewer wants to watch scrambled content, the viewer's device sends a request to a central server. This server checks to see if the viewer is authorized to view the content. If so, the server locates the correct descrambling key for the desired content and encrypts it using the appropriate public key that corresponds to the user's smart card. The server then sends the encrypted descrambling key out over the communication path to the viewer's device. When it arrives, the encrypted key is fed into the smart card, and the smart card performs the decryption operation. The viewer device can then use the decrypted descrambling key to process the incoming signal and play the content for the viewer.

Smart cards offer a lot of benefits for service providers. The cards are portable and can be associated with a single viewer. For example, this could be used to control access to adult content in a viewer's home, with one card issued to the family and another to the adults. Smart cards can also be delivered separately from the STB, making it more difficult for thieves to get access to both components.

One of the big downsides to smart card management is that they need to be kept physically secure (under lock and key). If stolen, they can be deactivated, but this can be a difficult process. Also, smart cards can lock a service provider into a single encryption vendor for long periods of time, because it is difficult and expensive to swap out cards that are in the hands of thousands of viewers. This is particularly true in the unlikely event that the encryption system is cracked by malicious users. If this were to happen, it would be very expensive for the system operator to re-program all the STBs and to issue a whole new set of smart-cards.

Watermarking

Watermarking is the process of inserting data into video or audio streams to track usage or prove ownership of the streams. It is similar in concept to some of the techniques used to protect currency and checks against forgery or counterfeiting. The basic idea is to insert identification without impairing the user's enjoyment of the content. Digital photographs can be watermarked to show copyright ownership and terms; these watermarks can be read by most of the major image-editing software packages. Video and audio content can also be watermarked with copyright data that can be read by some video recording and playback equipment to prevent unauthorized copying or distribution.

With digital content files, inserting a pattern into some of the less important bits in the file can be quite effective for watermarking purposes. For example, in a file with 16-bit audio samples, the least significant bit of any sample represents 1/65536th of the total output signal. When these bits are subtly manipulated, a watermark pattern can be inserted in the file with essentially no impact on the sound of the resulting piece.

Watermarking is implemented in different ways depending on the objectives of the creator of the watermark. A watermark can be specifically designed to be fragile so any change to the file destroys the watermark, thereby proving the file was tampered with. Alternatively, a watermark can be designed to be so robust that even if the file was significantly altered, the watermark could still be discerned. The latter is useful for tracking content that has been duplicated without permission; there are even Web crawlers that spend their time looking at millions of Web pages to see whether they have unauthorized content that contains certain watermarks.

Watermarking helps in rights enforcement when a unique watermark is created for each individual user. Individual watermarks can serve as a deterrent to unauthorized use of the content, since any misappropriations can be traced back to the specific source of the leak. If users know that any misappropriated files can be traced back to them, it can be a powerful incentive to not share files illegally.

Personal Computers

Providing security for valuable content in PCs is a very difficult task. A major factor is that a determined user can read essentially all of the data contained on a hard disk drive, so it is very hard to keep information secret. The solution is to have a very robust encryption scheme for the content and to ensure that the keys used to unlock access to the content are very secure. Two main forms of key protection are used on PCs: hardware-based and software-based.

In hardware-based key protection systems, a physical device must be connected to the PC for it to be authorized to decrypt or descramble the content. This device can take the form of a smart card attached to a reader connected to the PC. Another approach is to encapsulate a small processor (like those found in smart cards) into a device that can be attached to a serial port or a USB port. With either device type, the hardware must be physically attached to the viewer's device for the content to be unlocked. Descrambling keys are obtained from the device through a process of handshaking that prevents the secret data stored within the device from ever being revealed.

In a software-based key protection system, special modules of software loaded onto the user's device control access to the key. These modules of software are not stand-alone—they must be in communication with a central server that ensures that the modules on the user devices have not been corrupted or had their security compromised. Software-based key control offers a big advantage over hardware-based systems, because it enables complete system updates on a regular basis without the difficulty and expense of changing out a large number of deployed hardware devices.

Digital Rights Management

Digital rights management (DRM) is a set of software and hardware technologies designed to protect ownership rights of a content provider. The goal of DRM is to directly control the ways in which a viewer can use specific pieces of content. DRM systems will typically control uses such as repeated viewings, time windows when content can be viewed, copying or recording the content to other devices, or recording the content to removable media such as a CD or a DVD.

The concept of digital rights management is very close to that of CA. In fact, the two systems often work in close harmony in many digital video delivery systems. The key difference is that a CA system controls whether or not a viewer is allowed to view content, whereas a DRM system controls what the viewer can do with the content during and after viewing. In other words, CA governs which viewers can get access to content, whereas DRM governs what viewers can do with the content.

Reality Check

In this chapter's first Reality Check, we look at the one of the most widely deployed (and widely discussed) systems for protecting audio and video content from unauthorized use. Development of a reliable DRM system was essential to Apple's successful negotiation of contracts with the major record labels to supply content through iTunes. In the second Reality Check, we take a look at why it makes sense, in some circumstances, to provide DRM for free content.

Apple's Fair Play DRM System for iTunes

Apple Computer's iTunes music store has been very successful in selling compressed digital music files to millions of iPod owners. Fair Play, which is Apple's name for its DRM system, is an integral part of the iTunes software client and the iPod operating software.

A large part of the negotiations that surrounded the launch and commercial success of iTunes was to convince content owners (mainly record companies) that users would not be able to make unlimited copies or redistribute content that was protected by Fair Play. This was very important to the recording industry because of the perceived revenue impact of file sharing systems such as Napster during 1999 to 2001.

The Fair Play system is quite comprehensive and is able to control a variety of different content uses. As of November 2006, users who purchased audio content on iTunes were permitted the following uses of their content:

• Authorize up to five computers that can share content purchased through the use of one computer

• Burn an unlimited number of custom CDs with a playlist and cover art of the user's choosing

• Copy content from a computer to one or more iPod devices

• Make a complete backup of an entire iTunes library through the use of recordable DVDs.

One aspect of DRM of concern to some consumers is the prospect for future revision of the rules for using content they have purchased. Although the rules for using content tend to relax as time passes, there is no guarantee that the rights might not become more restricted in the future. Also, some consumers are troubled by the fact that tracks purchased under Apple's DRM system can only be played on portable devices manufactured by Apple. These concerns, however, has not seemed to have a major impact on iTunes sales volumes, as Apple has sold well over two billion digital music tracks to date.

DRM for Free Content

At first it may seem paradoxical for content available for free on a Web site to be protected by DRM technology. After all, once the content owner has decided to deliver the content for free to any viewer who wants to see it, why should they care if someone makes an unauthorized copy? Well, there are a couple thoughts to keep in mind:

• If any portions of the content belong to a third party (such as some of the songs on a movie soundtrack), the content owner may not have the right to allow others to make copies of that content. Similarly, the content owner might wish to establish a certain time window for the content to be available, say for a cinematic movie preview. Without downloads, a time window is relatively easy to enforce; a window is essentially impossible to enforce if there are unprotected downloads of the content circulating within the viewer base.

• If the goal of the service provider is to get viewers to look at advertising on their Web portal, then clearly allowing viewers to simply pass the content from one viewer to another will work against that goal. By protecting the content on the Web site, and by allowing users to freely share links to content pages, the service provider can drive more viewers to their portal. This in turn will create more page views and more exposure for the advertisements.

Summary

This chapter focused on protecting video quality and security. We began by discussing a number of potential video impairments and how they can be avoided or corrected. We discussed network impairments as well as those caused by the video signal processing itself. We took a look at the various types of errors that can occur in IP network processing and what system designers have done to minimize or compensate for those errors. In the second part of the chapter, we took at look at the several different techniques used to provide CA functions for service providers, including the benefits and drawbacks of each. We also looked at DRM and how it is closely linked to but slightly different from CA. We concluded with a look at two interesting applications of DRM.

1. Stuart Kemp, The Hollywood Reporter, Dec. 7, 2006, www.hollywoodreporter.com/hr/content_display/international/news/e3i4383520b62392ae146f52d45c4842913?imw=Y

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.

Table of Contents for Chapter 7 Maintaining Video Quality and Security

Create new playlist

Sign In

Sign Up