I have been really struggling with the security measurement for our wowza server. I have been researching for 2 weeks now but have not found a sound solution so any help/direction would be much appreciated.
My situation is as follow:
My company host a huge number of video on S3 and we decided to user cloudfront RTMP to delivery the content to Desktop (which is working fine and secured properly).
We want to use wowza server to serve content to mobile device HLS to IOS device and modern Android devices with RTSP fallback.
We have been successfully to serve HLS to IOS device with vods3 and the content is displayed using the device native player.
The problem is that we want to secure the connection so that user cannot guess the URL and then access it without any credential. Since we want to use the native player, we cannot use the DRM technique to setup a secret key and store/send it to the player.
My question is whether wowza support a technique (similar to signed-url in Cloudfront) so that the URL must be generated using a secret key on our server and have a time-expired?
"At this time, live streams can't be delivered securely by using CloudFront-signed URLs because of the nature by which player applications generate URL requests for the live stream data. However, progressively downloaded media can be delivered privately by using signed URLs. For more information, see
Serving Private Content through Cloudfront."