Ping Identity® — One password is all it takes.

Call toll free:
1.877.898.2905

Archives By Subject


Cloud (25)
Communities (9)
CTO (2)
Customers (5)
HR Technology (1)
IdM (178)
Internet (24)
Ping Connect (1)
Ping Identity (91)
TV Everywhere (4)

 

Subscribe


Enter your email address to subscribe to this blog.

Calendar


<< July 2010 >>
Sun Mon Tue Wed Thu Fri Sat
 - - - -123
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30 31

Search


View By Author


Andre Durand (292)
Jil Backstrom (2)
John Fontana (65)
Patrick Harding (27)
Pete Geoly (1)
Sid Sidner (9)
Ping Identity > Blogs > Ping Talk 

Ping Talk Blog

Yes, but can it show True Blood

April 21, 2010 , John Fontana | TV Everywhere

John Fontana

Here is more evidence that U.S. television and movie viewing habits are more and more being satisfied online.
 
Parks Associates, an international research firm, yesterday released research showing the number of U.S. broadband households watching premium online content doubled in the past year. The research numbers show more than 25 million of those households regularly watch full-length TV shows online, and more than 20 million watch movies online. Taking viewership as a whole, these numbers are still a scratch on the surface, but a trend is clearly building.
 
Why is this interesting? Because the entire TV Everywhere initiative being led by Comcast and Time Warner Inc. is poised to become one of the best identity use cases on the planet. Which means if you are trying to make a case for an Internet SSO rollout then here is your drama. It has all you need: owners and providers of high-value content, distributors of that content, the desire to protect that content, the desire to provide ubiquitos access irregardless of device, federation concerns, and potentially millions upon millions of customers who want access and screen choice.
 
In a nutshell, TV Everywhere’s promise is to deliver users the content they want, or pay for in the case of premium stations and movies, to whatever device they choose, including the TV, computer or phone.
 
Make no mistake, the cable guys are out to save their golden goose from the Internet-based providers serving up television and other shows via the Web. But regardless of that struggle's outcome, identity right now looks like the best play there is for access controls on that content.
 
Follow John on Twitter and check out our Identity-Conversation Tweet list
Register for the Cloud Identity Summit, July 20-22, 2010 at Colorado's Keystone Resort.
 
 


Identity and digital content delivery

March 22, 2010 , John Fontana | TV Everywhere

John Fontana

It is no secret that the internet is fast becoming a battle ground between cable providers and emerging alternative delivery methods such as Hulu and Boxee for providing television content.

A recent article in Business Week does a great job of outlining the power struggles and the importance of identity to the existing cable franchises for tapping new distribution channels.

In a blog post today, Nielsen Co. highlights data from its Three Screen Report showing that 59% of Americans are now using TV and internet simultaneously at least one time per month, spending 3.5 simultaneous hours each month on both. Those numbers are up 35% from last year.

The numbers indicate that televisions and computers more and more are co-existing in living rooms. Clearly from the viewers' perspective, the PC and the television are becoming merely device choices for existing digital content, along with smartphones.

Over the past year, active mobile video users grew by 57%, up to 17.6 million, according to Nielson. The report links the rise to the growth in smartphone usage. Nielson also notes that online video is used like DVR and isn't a replacement in most cases for watching TV.

The Nielson data shows that users from the age of 25-34 spend the most time "timeshifting" their viewing (DVR and watch later). That behavior aligns with Nielson's research that shows Americans turn to online for delivery of network programs when they miss an episode or when a TV is not available.

The true results of that behavior are likely to come to life in the future given that the 25-34 demographic is currently helping raise a generation of users to think television isn't tied to any particular device.

The changes in the television and cable industry are but one hot area where digital delivery is starting to provide examples as to why digital identity is so important.

Follow John on Twitter and check out our Identity Experts Tweet list

Register for the Cloud Identity Summit, July 20-22, 2010 at Colorado's Keystone Resort.


TV Everywhere and Federated Authorization

January 27, 2010 , Patrick Harding | IdM, TV Everywhere

Patrick Harding

Earlier this week I discussed SAML and how it meets the requirements around TV Everywhere authentication.  While SAML 2.0 looks to be the de facto solution for solving the TV Everywhere authentication problem, there is still some debate as to what mechanisms and protocols will be used to address how authorization decisions are made by the MVPD’s on behalf of the programmers. XACML is the leading candidate, but XACML is only a starting point that defines the syntax for expressing an authorization query and an authorization response.

The first question is to define an appropriate back-channel protocol to convey the XACML authorization queries and responses between programmers and MVPD’s. This could be achieved via the XACML profile for SAML, or even via a simple REST API.

In addition a TV Everywhere specific taxonomy for authorization queries that programmers ask of MVPD’s needs to be defined. This taxonomy is dependent on the business rules that will be established for TV Everywhere. For example, if the user is trying to watch an R-rated program then the programmer needs to check with the MVPD before making the content available to the user.  The query could be one of ‘What is the users birth date?,  ‘Is the user over 18?’ or ‘Can this user watch Mature content?’.  

Another issue is that, unlike books and ISBN numbers, there is no globally unique identification system for programming content. Each MVPD and programmer has its own content classification and identification system. This becomes problematic if the MVPDs need to make authorization decisions based on the specific program each user is attempting to watch.  What do you do in federated authorization model where the object or resource (i.e. the program) is known by a different identifier at the programmer and the MVPD? Best case is to define an MVPD neutral identification scheme for all programming content.

The TV Everywhere industry is driving to have this all wrapped up by September 2010. It should be a fun ride participating in this effort and watching it all unfold. 

 

TV Everywhere – Its An Authentication Problem

January 25, 2010 , Patrick Harding | TV Everywhere

Patrick Harding

….. and the solution is Federation.

Today we announced a partnership with BrightCove where PingFederate will be a key component of their TV Everywhere solution pack for content programmers. This is an extremely exciting opportunity for Ping as it puts us squarely in the middle of a high profile online media initiative that could shake up how consumers watch television programming. 

To put it simply, programmers like HBO, Showtime, Discovery, etc want to be able to make their programming content directly available to consumers via their web portals such as hbo.com, showtime.com etc. Today, they are explicitly prohibited from doing this, because they have signed exclusive distribution agreements with content distributors (cable and satellite providers commonly called MVPD’s) such as Comcast, Time Warner Cable, DirectTV, etc. TV Everywhere is meant to be a compromise whereby the programmers can make their content directly available to consumers, as long as the consumer can prove that they are a customer of a MVPD and have paid for the right to watch the content. You can get further background here.

From a technical perspective this becomes a federated authentication and authorization problem, and the leading solution candidate is SAML 2.0. Below is an example of what is expected to be a typical user experience:


Step 1: Alice goes to HBO.com to watch the latest episode of her favorite TV series.

Step 2: HBO must first determine if Alice has a valid MVPD subscription to watch HBO, and requests that Alice select from a list of supported MVPD’s  (e.g. Comcast, DirectTV)

Step 3: Alice chooses Comcast and is redirected to Comcast.net

Step 4: Alice successfully logs into Comcast.net with her Comcast credentials

Step 5: Alice is redirected back to HBO.com with a signed SAML 2.0 Assertion

Step 6: HBO.com successfully validates the SAML 2.0 Assertion

Step 7: Alice starts watching her favorite TV show at HBO.com 


Sound familiar?  This is SP-Initiated Identity Federation where the programmers become SAML 2.0 Service Providers, while the MVPD’s become SAML 2.0 Identity Providers

There are a number of user experience optimizations that are also being proposed. For example, if Comcast maintains a browser session for Alice, then Alice would not need to re-authenticate at Comcast if she went to different programmer such as Showtime to watch an episode there. I am pushing for the MVPD’s to take a leaf from Facebook and implement a Facebook Connect style authentication experience.

There are a number of profiling details that are still to be worked out so that all the MVPD’s and programmers implement a common SAML 2.0 solution. Much of this will be worked out via early prototypes from the larger industry participants, as well as through CableLabs who are defining a TV Everywhere authentication/authorization specification on behalf of the industry. Some of these outstanding questions include the appropriate SAML 2.0 bindings (POST or Artifact), the style of user identifier to use (e.g, pseudonym, anonym etc), what if any TV Everywhere specific user attributes must be included in each assertion etc. Fortunately PingFederate is flexible enough to support all of these possible scenarios out of the box.  I’ll have more on TV Everywhere in upcoming blogs.