Historical key managament approaches leave it all in the care of the DRM vendor, leading to major lock-in and maintenance headaches that can require solution re-architecting when DRM vendors are changed or added. A modern solution architecture separates key management from DRM and enables flexible integration of solution components from different vendors.
Security of DRM relies on keeping secret the cryptographic keys that protect content. The DRM client is the only component on the viewer’s device authorized to handle these keys. In the DRM security model the viewer is the attacker which means that a DRM client operates under very difficult conditions, running on an adversary’s device.
The internet is the birthplace of modern DRM. Even if you deploy an offline solution with local playback, DRM technologies operate with least hassle when your solution uses modern adaptive streaming technologies. A content processing workflow designed for adaptive streaming is a content processing workflow ready for DRM.
Apps, websites and services presenting high value video content use DRM technologies to prevent the viewer from making copies of the content. It can be surprising to learn that the website operator is not the one who ultimately benefits from DRM.
The World Wide Web Consortium has recently made a decision to publish Encrypted Media Extensions (EME) as a web standard. This has drawn criticism from many directions because EME standardizes a mechanism that is highly opaque to users, has the potential to jeopardize their privacy and brings considerable legal risk to any researchers that try to study it.