- Security Basics
Everyone seems to know someone who can find and play a movie on the internet before it is released in the cinema theater. Dark and jerky, small and oddly edited, some people seem to like watching this way.
The advantage of moving movies around in digital form is tremendous. Nothing to get held up by Customs agents the week before the premier. No more scratches and color degradation from the intense heat and light of the projector. And the savings in duplication costs and transport and storage, not to mention ecological savings from no more chemical processes.
But we covered the Quality issues in the previous sections. The dramatic flaw is that a perfect copy of a movie is an invitation to make another perfect copy – unfortunately, this could mean the perfect copy is out of the control of those who are responsible for protecting the copyrights and the other valuable assets of the entertainment industry.
This section deals with the details of Security; what has been done and what might go wrong.
WHY IS THIS IMPORTANT??? you ask? There are security keys for everything, the equipment is certified safe and it is so complicated with FIPS and NIST and bonuses for finding pirates.
There are several reasons. The first goes back to the basics of professionalism. You have to discuss the topic with people who are experts and you shouldn't get bored while talking to them. You will be bored and not be able to work with them to solve a problem if you don't know the basic facts.
A second reason is that security is a process that involves constant vigilance. It doesn't just start at the server. It starts anywhere there is a connection to the server. That includes the USB sticks that you use. Where has it been? Has it touched an insecure computer.
We'll study an example where a computer system of perhaps the world's largest secure organization was compromised for two years. Repairing it took another two years, just because a USB stick got a trojan that allowed penetration into the entire system.
It is critical that you be able to read, understand and maintain expertise to ensure that nothing gets past your constant security awareness. When something goes wrong, someone will want to point the finger. It is best that you don't allow anything to go wrong.
Around the world there are different versions of copyright regulations. You shouldn't be surprised that they are all somewhat the same.
It should be obvious why they are significant in the digital world, so we won't go too deep. Here are the basics of Copyright rules and why they are significant to you.
- Encryption and Keys
- Digital Transport
As digital cinema evolves there are more choices of how to get movies and other 'entertainment' into the facility and then around the facility. We'll talk about this in two separate articles.
- Forensic Marking
Who said irony was dead?
In the classic versions of watermarks, one holds a paper sheet, or more often a paper money note, up to the light. Then with the light one can see the obvious watermark in the paper.
In the digital cinema method, the projector light doesn't make the watermark obvious – it won't be obvious on any camera that records it, or any program that edits or compresses it...but it is there and obvious to someone. And that is why it is accurately names, Forensic Marking.
- Difficulties – Inherent in the System
There is no special digital section for Murphy's Law. There's just a lot more potential points of failure. It starts with the the security of the projection room door. Then there are all those extra power supplies and never having enough outlets to plug things into. It ends with the inability to fix anything with a hammer.
- Social Engineering, Brute Force and Side Channel Attacks
Between the fact that people aren't good at keeping secrets and the fact that there are professionals who are terrific at getting information, it takes a lot of effort by banks and militaries and courts and doctors anyone else who has information of value to keep information secure.
Computers can be made secure. Some keys might take billions of attempted guesses to be broken. But professionals have found amazing ways of making them talk. It turns out that every time a processor makes a calculation that it is possible for someone to listen in, figure what it was trying to do, and come up with passwords in less than a few seconds.
- Constant Vigilance and Other Solutions
"You can watch and guard for years.
Then a single battle can determine victory in a day."
Sun Tzu's The Art of War 13:1:10-11
Ultimately, every system can be compromised. An organizational system, a power system, a computer system, a security system. Not most, not many, but all.
There will eventually be 100,000+ digital cinema systems in the world. Your's doesn't have to be one that is compromised.
- Network Security Basics and Tools
If you think that the world of cinema is full of buzzwords, the world of networks has buzzwords about and around buzzwords. We are going to have to plow through some of them for a breif time to give some basics.
These are covered in the security section because it is easily transferred knowledge. One cannot have true security of your system without knowing at least these basics of Network Monitoring and Troubleshooting. That you also will be better able to enhance network performance is a true benefit.
- The TKR SolutionThis topic
TKR is the latest of three letter acronyms in the d-cinema world. The initials stand for Theater Key Retrieval and the application is a method of directing the CPL (and thus the DCP) to obtain their own security keys from a server that the distributor specifies.
If the solution is getting the correct keys to the correct playback system without human intervention, then TKR seems to be the solution. As of April 2013 the situation is in a high degree of corporate flux, with the suspicion that the technical flux is only in need of a little tweaking.
The ISDCF chair has created a (work-in-progress) explanation of the entire process, which is the next presentation.