Secure DRM-ized content re-encryption within Trusted Execution Environments

With the advent of public and private cloud computing, many video workloads moved from dedicated servers to containers or virtual machines relying on disaggregated storage. Media packaging, e.g., for VoD, nPVR or cDVR content, has the specificity that it receives, and processes unprotected valuable video content in the clear before applying proper formatting and content encryption (DRM) adapted to user devices. Moving away from classical perimeter security models (applicable to on-premises dedicated hardware) can be problematic due to the increased exposure of shared computing and disaggregated storage. In this presentation, we discuss how to exploit trusted execution environment provided by software or hardware enclaves during the video packaging process. Example of such trusted execution environments are Intel's Software Guard Extension (SGX) or AWS Nitro Enclaves. The protected enclaves ensure that neither the media asset nor the content encryption keys are accessible in clear-text, therefore preventing any leak of content to unauthorized parties, even when the host machine or the storage devices are compromised. We discuss potential attacks and mitigations and the implications on the CPIX, that needs to be extended with remote attestation methods.