ISO/IEC 23000-21:2019

Left: 0 pt, First line: 0 pt, Tab stops:

Not at 21.6 pt
Style Definition: Heading 2: Font:
Information technology — Multimedia application format (MPEG-A) — Part 21: Visual
Bold, Tab stops: Not at 18 pt
identity management application format
Style Definition: Heading 3: Font:
Bold
Technologies de l'information — Format pour application multimédia (MPEG-A) — Partie 21: Format
pour application de gestion d'identité visuelle
Style Definition: Heading 4: Font:
Bold
Style Definition: Heading 5: Font:
Bold
Style Definition: Heading 6: Font:
Bold
Style Definition: ANNEX
Style Definition: Code: Tab stops:
16.15 pt, Left + 32.6 pt, Left + 48.75
pt, Left + 65.2 pt, Left + 81.35 pt,
Left + 97.8 pt, Left + 113.95 pt, Left
+ 130.4 pt, Left + 146.55 pt, Left +
162.75 pt, Left
Style Definition: List Continue 1
Style Definition: Base_Text: Tab
stops: 19.85 pt, Left + 39.7 pt, Left +
59.55 pt, Left + 79.4 pt, Left + 99.25
pt, Left + 119.05 pt, Left + 138.9 pt,
Left + 158.75 pt, Left + 178.6 pt, Left
+ 198.45 pt, Left
Style Definition: Body Text_Center
Style Definition: Dimension_100
Style Definition: Figure Graphic
Style Definition: Figure subtitle
Style Definition: List Number 1: Tab
stops: Not at 20.15 pt
Style Definition: RefNorm
Style Definition: Example indent 2:
Tab stops: 67.7 pt, Left
Style Definition: Note indent 2
continued: Tab stops: 87.9 pt, Left
Style Definition: Note indent 2
Style Definition: AMEND Terms
Heading: Font: Bold
Style Definition: AMEND Heading 1
Unnumbered: Font: Bold
Formatted: Font: French (France)
Deleted: FDIS
Formatted: Font: French (France)
Formatted: Font: Not Bold, Italic,
French (France)
Deleted: FDIS
Formatted: Font: Italic, French
(France)
Formatted: Font color: Auto
Contents
Foreword . iii
Introduction . iv
1  Scope . 1
2  Normative references . 1
3  Terms and definitions . 1
4  Abbreviated terms . 2
5  System for identity privacy management . 2
5.1  General framework . 2
5.2  Applying privacy protection in ISO/IEC 21000‐22 . 5
5.2.1  General description . 5
5.2.2  User description . 5
5.2.3  Context description . 10
5.2.4  Service description . 12
6  Content sensitive encryption . 15
6.1  Overview of content sensitive encryption . 15
6.2  Content sensitive encryption for Rec. ITU‐T H.264 | ISO/IEC 14496‐10 . 16
6.2.1  General . 16
6.2.2  Content sensitive encryption with CAVLC entropic coding . 16
6.2.3  Content sensitive encryption with CABAC entropic coding . 18
6.3  Content sensitive encryption for HEVC . 19
6.4  Content sensitive encryption for region encryption . 19
6.4.1  General . 19
6.4.2  AVC . 19
6.4.3  HEVC . 21
7  Support for protected streams at system level . 22
7.1  Signalization of protected stream . 22
7.2  Signal of multiple access in protected stream . 23
7.3  Signal of content sensitive encryption . 28
7.3.1  Definition of content sensitive encryption . 28
7.3.2  Content sensitive encryption applied to a video NAL unit . 29
7.3.3  'sve1' AES‐CTR sensitive encryption scheme . 29
Annex A (normative) Content sensitive encryption scheme . 31
Formatted: English (U.S.)
Bibliography . 41
Formatted: English (U.S.)
Formatted: English (U.S.)
© ISO/IEC 2019 – All rights reserved
ii
Deleted: FDIS
Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are
members of ISO or IEC participate in the development of International Standards through technical
committees established by the respective organization to deal with particular fields of technical
activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other
international organizations, governmental and non‐governmental, in liaison with ISO and IEC, also
take part in the work.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for
the different types of document should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives). Deleted: www.iso.org/directives
Attention is drawn to the possibility that some of the elements of this document may be the subject
of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent
rights. Details of any patent rights identified during the development of the document will be in the
Introduction and/or on the ISO list of patent declarations received (see www.iso.org/patents) or Deleted: www.iso.org/patents
the IEC list of patent declarations received (see http://patents.iec.ch).
Deleted: http://patents.iec.ch
Any trade name used in this document is information given for the convenience of users and does
not constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to the
World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT)
see www.iso.org/iso/foreword.html. Deleted: www.iso.org/iso/foreword.ht
ml
This document was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology,
Subcommittee SC 29, Coding of audio, picture, multimedia and hypermedia information.
A list of all parts in the ISO/IEC 23000 series can be found on the ISO website.
Any feedback or questions on this document should be directed to the user’s national standards
body. A complete listing of these bodies can be found at www.iso.org/members.html. Deleted: www.iso.org/members.html
Formatted: English (U.S.)
Formatted: English (U.S.)
© ISO/IEC 2019 – All rights reserved
iii
Deleted: FDIS
Introduction
The main goal of the ISO/IEC 23000 series (also known as “MPEG‐A”) is to facilitate the swift
development of innovative, standards‐based multimedia services and applications by selecting and
combining readily tested and verified tools taken from the MPEG body of standards.
Visual identity management is designed to enable users to control and manage privacy protection
by defining a new framework and tools. It also provides to industry a coherent and consistent
approach to manage privacy protection in order to be implemented in a variety of scenarios,
applications or systems.
The main objective of preserving privacy protection is to enable security and confidentiality in the
multimedia content chain. Many usages of image/video communication services, social networking
and video sharing platforms have led to an increasing interest to protect users’ privacy.
Traditionally, multimedia data security is achieved by cryptography solutions, which deal with
encryption of data. This approach is called Naive Encryption Algorithm (NEA) and it treats the
video bitstream as text data without paying attention to the structure of the compressed video. To
this end, MPEG common encryption has been standardized in order to support encryption and key
mapping methods for file format in ISO/IEC 23001‐7 and for transport streaming in
[3]
ISO/IEC 23001‐9 . Consequently, bitstreams encrypted by those documents are decodable only
after a correct decryption process even when only parts of the video are encrypted. Nevertheless,
none of these formats allow signalling the encryption of a part of the picture (region), or indicating
to the decoder that the encrypted bitstream can be partially decoded.
Moreover, all the access control is provided and performed globally without taking into account the
image/video content and context. To restore citizens’ confidence in online data collection practices,
submitted media should be encrypted to protect privacy and only viewed with limited access that
the user chooses: group of people, purpose of sharing, time, date, metadata, etc.
In order to provide privacy protection over processing and sharing of multimedia content, a
flexible, effective and scalable mechanism is required to provide users a way to express their
control desires in a form that can be processed and monitored systematically, consistently and
persistently throughout the lifecycle of the multimedia content. There is currently no standardized
format to represent privacy description information (PDI), hindering the interoperability between
secured systems.
Formatted: English (U.S.)
Formatted: English (U.S.)
Formatted: English (U.S.)
© ISO/IEC 2019 – All rights reserved
iv
Deleted: FDIS
Information technology — Multimedia application format
(MPEG-A) — Part 21: Visual identity management application
format
1 Scope
This document specifies the standard representation of the set of signalling and data used in the
process of preserving privacy for storage sharing image/video.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments)
applies.
Rec. ITU‐T H.264 | ISO/IEC 14496‐10:—, Information technology — Coding of audio-visual
objects — Part 10: Advanced Video Coding
ISO/IEC 14496‐15, Information technology — Coding of audio-visual objects — Part 15: Carriage of
network abstraction layer (NAL) unit structured video in the ISO base media file format
ISO/IEC 23001‐7:2016, Information technology — MPEG systems technologies — Part 7: Common
encryption in ISO base media file format files
Rec. ITU‐T H.265 | ISO/IEC 23008‐2:—, Information technology — High efficiency coding and media
delivery in heterogeneous environments — Part 2: High efficiency video coding
ISO/IEC 23008‐12, Information technology — High efficiency coding and media delivery in
heterogeneous environments — Part 12: Image File Format
3 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO/IEC 14496‐10,
ISO/IEC 23008‐2, ISO/IEC 23008‐12 and the following apply.
ISO and IEC maintain terminological databases for use in
...