Streaming Content ProtectionApril 24, 2019
While a lot of conversations in the live-streaming industry focus on reducing latency and improving reliability, content protection underpins these capabilities.
Real-time security measures exist, ranging from authentication and encryption to forensic watermarking and digital rights management (DRM). Many content distributors choose to layer these technologies on top of each other to secure streaming success at every step of the workflow.
Let’s take a look at how today’s businesses are protecting their live content.
Token-based authentication ensures that only authorized users — like those who’ve paid or registered — have access to content.
This prevents link sharing by only providing tokens to approved users. As opposed to allowing all viewers to see the stream URL, unique URLs are generated for each playback request, which then expire after an allotted time interval.
By restricting publishing to those with a username and password, source authentication thwarts unauthorized users from streaming to your server. Authentication tokens can also be used when sending content to your server.
Based on ancient cryptology, encryption can be used to scramble the messages exchanged between your browser and the servers. This process of ciphering and deciphering helps ensure that streaming content remains secure while travelling across the public internet.
Some common forms of streaming encryption are StreamLock, Secure Sockets Layer (SSL), secure HTTP (HTTPS), secure RTMP (RTMPS), and encrypted RTMP (RTMPE).
Digital Rights Management (DRM)
The most expensive security measure to implement, digital rights management (DRM) provides the highest level of protection by encrypting premium content. Unlike simple encryption, DRM workflows rely on both DRM vendors and third-party providers for more sophisticated protection.
During encoding, each video file is encrypted with media keys from one or more DRM provider. Once the user attempts to access the live video, the player client communicates directly with the DRM server to confirm that the license is valid. Upon validation, the player gains access to the decryption key for playback.
Broadcasters can prevent unauthorized session with on-the-fly watermarking for live content. Forensic watermarking doesn’t always prevent playback, but it does allow content distributors to pinpoint where their streams were leaked to. Just as movie theater projectors use signed copies of the movies they host, this allows content distributors to trace any illegal broadcasts to where they took place.
One drawback of forensic watermarking is that it introduces about five seconds of latency, so it might not be the ideal tactic depending on your streaming needs.
Geo-restricting involves blacklisting specific countries where your video shouldn’t be streamed. This automatically blocks unauthorized viewers from accessing the content.
IP Blacklisting and Whitelisting
With IP blacklisting, content distributors can restrict playback to certain devices. Many live-streaming providers maintain databases to prevent spying into proprietary or private data. Alternatively, IP whitelisting only allows playback access to approved addresses.
Content Delivery Networks (CDNs)
Content delivery networks (CDNs) provide an extra layer of security by preventing distributed denial of service (DDoS) attacks, which occur when a site or resource is flooded by multiple, simultaneous attempts to breach it. This is because a redundant CDN with multiple access points enables failover. By comparison, you won’t have any back-up options when streaming with a single server.
CDNs can also partner with forensic watermarking vendors to shut down unauthorized sessions in real time.
Security and Monetization
Security and monetization go hand in hand. When streaming content contains sensitive or private data, protection is vital. Plus, unauthorized access compromises the revenue-boosting strategies of subscription and pay-per-view services.
For those reasons, there’s one security tactic that we’d like to add for broadcasters: Price your content right and make it easy to rent or purchase. By removing any stumbling blocks, you’ll motivate viewers to take the path of least resistance.
Content Protection Goes Beyond Security Measures
Chances are that most of us have pirated content. I myself am guilty as charged — back in the Kazaa era of dial-up internet and two-hour download times.
At the end of the day, there’s no way to stop someone from recording the streaming content as it plays on their screen. It’s unlikely and will certainly result in a lower-quality video, but this scenario illustrates why positive reinforcement is a good route to take. Kill cybercriminals with kindness, and they’ll be less likely to pirate content.
Streaming Media’s Jason Thibeault takes this stance, arguing that security efforts should ultimately go beyond content protection:
“Perhaps, though, the solution isn’t trying to prevent the pirates from stealing the content at all. Maybe the answer is for the distributors and content owners to figure out something to offer their viewers, some aspect of the experience that the pirates can’t replicate? Better content discovery? Some sort of reward program? Interactivity? I’m not sure what it is, but the endless whack-a-mole of trying to stop pirates with technology solutions that they ultimately work around isn’t doing the job.”
Streaming Security With Wowza
Secure streaming success with Wowza. We offer content protection tools for live streamers across a wide range on industries — including entertainment, medical, government, enterprise, education, and more. Find out how you can safeguard content in the video below.
Secure Your StreamsGet Started
Wowza Streaming Engine Security Docs
Wowza Streaming Cloud Security Docs