• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar
  • Skip to footer

mkpeReport

top analysis covering digital cinema, 3-D, HFR, and laser illumination

  • Reports
  • About
  • mkpe.com
  • cinepedia.com

NIST Considering Move To ISO/IEC Security Standard

November 2015 by Michael Karagosian

The primary value of the DCI specification for digital cinema is security. DCI devotes nearly half of its 155 page document to the subject of security, specifying in great detail how the various elements in a digital cinema system are to be constructed and how they must behave from a security point-of-view. A cornerstone of the DCI specification is its reliance on voluntary specifications established by the US Federal Information Processing Standards (FIPS). In August, the US National Institute of Standards and Technology (NIST) issued a request for public comment to reference or possibly replace in entirety the FIPS 140-2 specification, relied upon by DCI, with the ISO/IEC 19790:2012 specification.

Security requirement updates are driven by the growing power and availability of computers, and weaknesses that may have been discovered along the way in existing practice. An update to the FIPS 140-2 specification, following the initial rollout of digital cinema, led to the revised requirement for media blocks to carry two certificates. The public/private keys of one certificate to be used for KDMs, while the public/private keys of the other certificate to be reserved for TLS sessions. In the original specification for digital cinema, the same set of public/private keys were used for both functions. Changes in FIPS 140-2 also led to changes in how content integrity is checked within the media block, and an accompanying change in requirements for the KDM. Importantly, changes in security practices in digital cinema are driven by outside organizations whose expertise is security, and not from within the cinema industry.

One of the benefits of relying on an expert standard is that it opens the door to the use of expert testing laboratories worldwide. While FIPS 140-2 is a US standard, testing laboratories around the world are expert in applying the standard when evaluating performance of real equipment. Presumably, many or all of these testing laboratories also conduct tests in accordance with ISO/IEC 19790:2012.

NIST began drafting the revised standard FIPS 140-3 in 2005, just as the digital cinema rollout began. But progress in the development of 140-3 suffered, and was never formally released. In contrast, ISO/IEC 19790 was first published in 2006, largely containing the requirements of FIPS 140-2. ISO/IEC 19790 continued to develop into the 2012 version now in use today, reportedly incorporating features of draft 140-3. ISO/IEC 19790 is not an isolated standard, and unless the differences are substantial, it would seem logical to embrace a single international effort.

DCI believes there will be no impact on digital cinema if the standard moves to ISO/IEC. For digital cinema, the largest difference found so far, somewhat humorously, is the allowance in ISO/IEC of translucent enclosures. For those who have always wanted to peek inside the secure boundary of a media block, this could be your chance.

Filed Under: Servers and IMBs Tagged With: FIPS 140-2, FIPS 140-3, ISO/IEC 19790, NIST

Primary Sidebar

Search

Topics

  • 3-D
  • Accessibility
  • Alt Content & Advertising
  • Anti-Piracy
  • Color
  • Communications
  • Deployment Entities
  • Distributors
  • Exhibitors
  • Fulfillment
  • High Dynamic Range
  • Higher Frame Rates
  • Installations
  • Patents
  • Projectors
  • Servers and IMBs
  • Sound
  • Technical Bodies
  • Theatre Management Systems
  • Trade Organizations and Shows

Full Archives

a publication of
MKPE Consulting LLC

Footer

Important Stuff

  • About
  • Privacy Policy

Archives

  • Category & Monthly Archives
Archives date back to 2008.

MKPE

mkpeReport is a publication of MKPE, a world-class consultancy building business at the crossroads of cinema and technology.
Learn more about MKPE.

copyright © 2008 - 2023 mkpe consulting llc

We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of all cookies.
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT
Powered by CookieYes Logo