CableLabs Issues TV Everywhere Specs
CableLabs has quietly issued a new set of interface specs that will provide the technical foundation for how MSOs and programmers authenticate and authorize video that is distributed online.
Light Reading Cable first caught wind in July that the specs work was well underway. CableLabs, which started it all in the form of a request for information (RFI), published the 64-page document on October 29. (See CableLabs Tuning Up TV Everywhere Specs and CableLabs Opens 'TV Everywhere' Info Spigot.)
The specs -- collectively dubbed Online Content Access (OLCA) -- outline an interoperable protocol and architecture for the delivery of video to a multichannel video programming distributor (MVPD) customer from different online sources. The specs don't limit the types of devices that can access the video, referencing TVs, PCs, and other mobile devices, but most US MSOs are starting off with TV Everywhere apps that are accessible on broadband-connected PCs.
More specifically, the 1.0 version of the OLCA authentication and authorization interface defines three scenarios in which MVPDs and their programming partners can provide access to video online:
- In the first model, which has been advocated by MSOs such as Time Warner Cable Inc. (NYSE: TWC), customers would log on to a programmer-run Web portal to stream content. However, the customer authentication and authorization functions are still performed by the MSO to verify that customers have a subscription for the content. Once that's been determined, the programmer allows the requested video stream.
- Under the second, defined scenario, the customer visits an MSO-run Web portal to stream the content directly, something Comcast Corp. (Nasdaq: CMCSA, CMCSK) is doing with its recently launched Xfinity TV Online service. The MSO, which would act as a "single unified business entity," would then allow access to the requested video content once subscribers are properly authenticated and authorized. (See Comcast's TV Everywhere Play Breaks Out of Beta .)
- In the final scenario, customers would visit an MSO-operated video hub to stream content provided by a separate programmer. In an approach that seems to be a hybrid of the first two, authentication and authorization would be handled directly by the MSO, but the status of those would be passed to the programmer, which would make the final decision on whether the subscriber in question can access the requested content. In this case, the MSO and the programmers are separate business entities.
The specs are coming into play as operators and programmers start to launch flavors of TV Everywhere but are looking to CableLabs to help them achieve a semblance of scale through common technical and architectural requirements.
Among other technologies, the specs call for the use of an authentication architecture based on Security Assertion Markup Language (SAML) 2.0, an XML-based protocol that defines a variety of app profiles and standardizes the exchange of authentication and authorization data between trusted domains -- in this instance, between operators and programmers.
The specs also define the use of eXtensible Access Control Markup Language (XACML) 2.0 to authorize subscriber requests to view a specific piece of content. Both SAML 2.0 and XACML 2.0 are part of OASIS (Organization for the Advancement of Structured Information Standards).
— Jeff Baumgartner, Site Editor, Light Reading Cable